| |
| |||||||
Log-Analyse und Auswertung: gefälschte Windows Scan-Software "Security Protection"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.06.2011, 20:38
| #1 |
 |  gefälschte Windows Scan-Software "Security Protection" Hallo, ich habe das gleiche Problem in diesem Forum bereits gefunden (am 06.06. gepostet von plastefuchs1) und einige Tipps dazu gelesen. auch hier eine kurzes Problembeschreibung: folgendes Problem stellt sich auf dem Computer einer Freundin: Es hat sich eine gefälschte Malware Protection-Software Namens "Security Protection" im System festgesetzt. Es kommt von dieser Software (in der Sprechblase rechts unten) "...is infected by W32/Blaster.worm" Please activate Security Protection to protect your computer. Manchmal blinkt auch kurz noch eine weitere vermeintliche Virenmeldung auf. Außerdem versucht die Software nach dem Hochfahren von Windows einen Scan durchzuführen mit dem Ziel, dass man die Software "aktiviert" und bezahlt. Dieser PC hat mehrere Profile. Das Problem taucht nur in einem Profil auf. Installiertes System: Windows Vista Virenprogramm: Avira AntiVir Personal Habe nun versucht einen Scan mit Anti Maleware von Malwarebytes laufen zu lassen. Mitten im Scan bekam ich eine Blue Screen und der Rechner hat neu gebootet, einige Zahlen und Buchstaben hochgezählt, dann konnte ich mich wieder als Admin anmelden. Jetzt habe ich einen Scan von OTL laufen lassen und folgenden Report bekommen: Vielen Dank schon jetzt für die Hilfe! just1999 OTL.TXTOTL Logfile: Code:
ATTFilter OTL logfile created on: 16.06.2011 21:18:02 - Run 1 OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Unser Spaß\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,75 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 65,81% Memory free 5,71 Gb Paging File | 4,63 Gb Available in Paging File | 81,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,29 Gb Total Space | 53,51 Gb Free Space | 46,02% Space Free | Partition Type: NTFS Drive E: | 115,13 Gb Total Space | 105,04 Gb Free Space | 91,24% Space Free | Partition Type: NTFS Computer Name: UNSERSPAß-PC | User Name: Unser Spaß | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.16 21:15:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Unser Spaß\Downloads\OTL.exe PRC - [2009.08.05 21:28:17 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.06.11 14:44:10 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.02 12:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008.09.26 14:22:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe PRC - [2008.08.26 15:27:04 | 000,103,824 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe PRC - [2008.08.26 15:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TempoSVC.exe PRC - [2008.08.25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe PRC - [2008.04.24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2008.04.17 00:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2008.04.17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2008.04.17 00:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2008.04.11 00:51:58 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008.03.19 13:35:42 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2008.01.25 13:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe PRC - [2008.01.21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ========== Modules (SafeList) ========== MOD - [2011.06.16 21:15:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Unser Spaß\Downloads\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2009.08.05 21:28:17 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.06.11 14:44:10 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.11.04 03:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService) SRV - [2008.08.26 15:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService) SRV - [2008.08.25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008.04.17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008.04.16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Programme\Jumpstart\jswpsapi.exe -- (jswpsapi) SRV - [2008.04.11 00:51:58 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV - [2010.03.04 13:50:14 | 000,261,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009.12.08 19:36:56 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.06.11 14:44:10 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.06.11 14:44:10 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.11.04 03:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio) DRV - [2008.07.29 05:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008.07.15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008.04.28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf) DRV - [2008.04.23 00:36:32 | 003,551,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.04.10 21:25:30 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2006.11.20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.10.30 11:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE; IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=16508 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13" FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=16508" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.facemoods.com/?a=stonicde" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://start.facemoods.com/results.php?f=5&a=stonicde&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.21 10:58:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.21 10:58:45 | 000,000,000 | ---D | M] [2009.05.23 12:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Unser Spaß\AppData\Roaming\mozilla\Extensions [2011.06.16 20:32:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Unser Spaß\AppData\Roaming\mozilla\Firefox\Profiles\t045zyoo.default\extensions [2010.03.26 21:41:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Unser Spaß\AppData\Roaming\mozilla\Firefox\Profiles\t045zyoo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.16 20:32:45 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Unser Spaß\AppData\Roaming\mozilla\Firefox\Profiles\t045zyoo.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.12.08 16:47:52 | 000,000,927 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Roaming\Mozilla\Firefox\Profiles\t045zyoo.default\searchplugins\conduit.xml [2011.06.13 21:20:20 | 000,000,950 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Roaming\Mozilla\Firefox\Profiles\t045zyoo.default\searchplugins\icqplugin-1.xml [2010.12.18 13:34:16 | 000,000,947 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Roaming\Mozilla\Firefox\Profiles\t045zyoo.default\searchplugins\icqplugin.xml [2011.02.07 17:28:22 | 000,003,915 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Roaming\Mozilla\Firefox\Profiles\t045zyoo.default\searchplugins\sweetim.xml [2011.06.16 20:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.05.23 19:21:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\UNSER SPAß\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T045ZYOO.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B} File not found (No name found) -- C:\USERS\UNSER SPAß\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T045ZYOO.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7} [2011.03.07 18:13:52 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.02.07 17:20:57 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2011.03.07 18:13:52 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.28 18:14:06 | 000,002,040 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml [2011.03.07 18:13:52 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.07 18:13:52 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.07 18:13:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [Toshiba TEMPO] C:\Programme\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: C:\Users\Unser Spaß\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Free YouTube Download - C:\Users\Unser Spaß\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{c9319606-6696-11e0-8217-001e33b224cf}\Shell - "" = AutoRun O33 - MountPoints2\{c9319606-6696-11e0-8217-001e33b224cf}\Shell\AutoRun\command - "" = D:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.16 20:37:08 | 000,000,000 | ---D | C] -- C:\Users\Unser Spaß\AppData\Roaming\Malwarebytes [2011.06.16 20:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.16 20:36:50 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.16 20:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.16 20:36:44 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.06.16 20:36:44 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.16 20:02:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.06.16 20:02:45 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.06.16 20:02:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.06.16 20:02:44 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.06.16 20:02:44 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.06.16 20:02:43 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.06.16 20:02:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.06.16 20:02:43 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.06.16 20:02:43 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.16 20:02:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.06.16 20:02:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.06.16 20:02:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.06.16 20:02:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.06.16 20:02:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.06.16 20:02:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.06.16 20:02:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.06.16 20:02:42 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.16 20:01:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.05.28 08:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO [2011.05.27 19:22:51 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.16 21:05:42 | 000,001,833 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011.06.16 21:04:14 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.16 21:04:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.16 21:04:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.16 21:03:22 | 2950,524,928 | -HS- | M] () -- C:\hiberfil.sys [2011.06.16 21:01:37 | 247,907,088 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.06.16 20:36:51 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.15 21:30:20 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.15 21:30:20 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.15 21:30:20 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.15 21:30:20 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.28 08:05:27 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.05.28 08:04:56 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.05.28 08:04:56 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.05.28 08:04:30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.05.28 08:04:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.05.28 08:04:17 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.05.28 08:04:03 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.05.28 08:04:03 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.05.28 08:04:03 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.05.28 08:04:02 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.05.28 08:04:02 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.05.28 08:03:58 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.05.28 07:10:26 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.05.28 06:33:03 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.05.28 06:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.05.28 06:32:15 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.05.28 06:31:44 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.05.27 19:22:51 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.05.21 20:10:33 | 000,000,680 | ---- | M] () -- C:\Users\Unser Spaß\AppData\Local\d3d9caps.dat [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.16 21:01:37 | 247,907,088 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.06.16 20:36:51 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.21 19:20:31 | 000,000,680 | ---- | C] () -- C:\Users\Unser Spaß\AppData\Local\d3d9caps.dat [2010.08.11 18:54:49 | 000,005,120 | ---- | C] () -- C:\Users\Unser Spaß\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.09.25 14:19:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.09.25 14:19:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.05.23 20:42:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.05.23 12:03:23 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2009.05.23 12:03:23 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2009.05.23 12:03:23 | 000,009,480 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2009.05.23 12:03:23 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2008.10.07 14:34:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008.10.07 14:34:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008.10.07 14:34:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008.10.07 14:34:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008.10.07 14:34:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008.10.07 14:34:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008.10.07 14:22:29 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008.10.07 14:10:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008.10.07 13:17:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.10.07 13:02:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008.10.07 13:00:10 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008.10.07 13:00:09 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008.10.07 13:00:08 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008.10.07 13:00:08 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008.01.21 10:21:25 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 10:21:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 10:21:25 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 10:21:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:44:53 | 000,405,408 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== LOP Check ========== [2011.01.27 17:05:31 | 000,000,000 | ---D | M] -- C:\Users\Unser Spaß\AppData\Roaming\DVDVideoSoftIEHelpers [2009.05.23 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\Unser Spaß\AppData\Roaming\Toshiba [2011.06.15 21:31:51 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Extras.TXTOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.06.2011 21:18:02 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Unser Spaß\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,75 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 65,81% Memory free
5,71 Gb Paging File | 4,63 Gb Available in Paging File | 81,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,29 Gb Total Space | 53,51 Gb Free Space | 46,02% Space Free | Partition Type: NTFS
Drive E: | 115,13 Gb Total Space | 105,04 Gb Free Space | 91,24% Space Free | Partition Type: NTFS
Computer Name: UNSERSPAß-PC | User Name: Unser Spaß | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{822B431E-26D3-4DD9-8E71-A4E72BC447AE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2CE93259-02A9-4A98-B39B-5605D0231C2D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3414D663-B09D-4930-A433-A506D5BAE010}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{92C3E2A0-BF29-4A16-8637-7772D6DA01C4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{945C3589-864A-4B6B-A701-37266E6C6BBF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A17B7613-AA5E-44B4-A07E-2D73C9526E13}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{3A86FFC0-4C53-47D5-BF03-A782BC229417}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{7D59D736-676E-4557-8740-AD8D4B8AE4A9}C:\users\antonia\appdata\roaming\icq\application\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\users\antonia\appdata\roaming\icq\application\icq7.1\icq.exe |
"UDP Query User{0EE591ED-3B73-4AAD-B55F-6238386EE03F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7EA067AA-85E9-4005-A7D3-05099F301D20}C:\users\antonia\appdata\roaming\icq\application\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\users\antonia\appdata\roaming\icq\application\icq7.1\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{07C9627A-CA0B-2AA2-062E-204359DF7BA1}" = Catalyst Control Center Core Implementation
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0EFB2016-41D2-5F30-8F60-25250F6DABDD}" = CCC Help Thai
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1E57A11B-AB65-C6D1-F999-B3B37AB2298E}" = Catalyst Control Center Localization Japanese
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{27265B80-303E-EFFF-6052-B11F91B634C3}" = Catalyst Control Center Localization Italian
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2920435D-CE92-5024-1694-DFD43A5FF074}" = Catalyst Control Center Localization Greek
"{2CD6D3D2-1EFC-F0B4-1761-FD4FA7F8750F}" = CCC Help Finnish
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{358004B9-3A16-87FF-4487-4D6F0C70E52F}" = Catalyst Control Center Localization Russian
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{38A3E884-313A-7AE0-11BC-482DE0C8766A}" = CCC Help Czech
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3BB12DBC-0A8E-ECE2-F179-D06B99B8CD02}" = Catalyst Control Center Localization Czech
"{3E0E28DC-DA90-1BA2-FA36-AA3C2E4FB74A}" = Catalyst Control Center Graphics Previews Vista
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4C90501F-864B-5AC4-867D-6AC35BE50721}" = ccc-utility
"{55398A75-13E0-570F-BD16-2EE5D9E5523D}" = Catalyst Control Center Localization Norwegian
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F131988-3326-AD64-1817-D76A2FE3C2D3}" = CCC Help Chinese Traditional
"{5FBF37CD-B7F9-564C-BDFC-73D970CF7AF2}" = CCC Help Italian
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61C63422-E5E2-8576-2B82-0E01F5AD2538}" = CCC Help English
"{61F90A4F-AD49-7FFB-F027-5B2CB64F0A70}" = Catalyst Control Center Graphics Light
"{629044C7-745A-64B8-467F-2F93ED50008B}" = CCC Help Chinese Standard
"{65BF23C0-4EF9-27CC-7B6F-190F4008A569}" = Catalyst Control Center Localization Polish
"{65D602E4-DCDE-0743-6A0A-F1A203449F47}" = CCC Help German
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69E5255D-9D43-4CFF-8984-843ABD7753B7}" = Catalyst Control Center - Branding
"{6B4874CA-13CF-2477-B697-B448201B56B6}" = CCC Help Norwegian
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6EB0B23B-AA51-6F4E-C94C-C1015ED61EEC}" = CCC Help Japanese
"{70495081-1DC8-AD4B-C197-12138B8FBC9E}" = CCC Help Danish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B929E2-3556-93DB-DEC0-FD56D3EFB473}" = Catalyst Control Center Localization Chinese Traditional
"{71C47830-182D-79FA-0790-0366E6E2C2EB}" = Catalyst Control Center Localization Spanish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{77CAD946-C573-6647-B222-B6870C072932}" = CCC Help Korean
"{7E83516C-931B-870F-5CDF-01FDF9A4AEF0}" = Catalyst Control Center Localization Turkish
"{86728841-C151-B8E4-43C6-DD289DE570B6}" = Catalyst Control Center Localization Swedish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DBA852-5D5E-1856-D828-620E792EDC0D}" = Catalyst Control Center Localization Chinese Standard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88BA2601-8A62-7AB7-DB8A-7AA2840B7C87}" = Catalyst Control Center Localization Thai
"{8B587895-7716-1B99-5D85-3CA4AAF8A0F4}" = Catalyst Control Center Localization Dutch
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9244F321-0BBD-9D4A-C1FB-6437E3D0550D}" = Catalyst Control Center Localization German
"{93F3EBDD-4007-C233-7320-977AC0941054}" = CCC Help Turkish
"{94AB6CE0-DB26-7048-2A5B-4647EA1FC693}" = ccc-core-static
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A103C127-2168-4493-8D01-4BF180BED12C}" = CCC Help Portuguese
"{A7F27ADB-3C56-0F2B-6B4B-0B8E02A49186}" = ATI Catalyst Install Manager
"{AC2EE52D-05CD-8140-5D29-5AA29590971E}" = CCC Help French
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B02A78AE-EA3B-8261-AEBC-8221E22DCC1E}" = CCC Help Polish
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B1D67B62-35A8-A9A1-AA74-F6A495C8271A}" = Catalyst Control Center Localization Danish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{BC2EA92A-A5A9-A137-5204-F150EDB05DB3}" = CCC Help Hungarian
"{BC713970-8C3C-852B-4139-636F21114B7F}" = CCC Help Dutch
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5F1A9C4-C041-2E95-5D7E-EF56CED2B522}" = Skins
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D7CC05AF-067D-0D1A-1E4D-9DCBCDCC2D41}" = Catalyst Control Center Graphics Full New
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0FC3A5D-CF52-ABA7-92EF-D9794F372121}" = Catalyst Control Center Graphics Full Existing
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EA7D1919-A6BF-979A-E3A2-F753E23D45FA}" = Catalyst Control Center Localization Hungarian
"{ED2BC5D9-20EE-FBB6-8483-240F19EFCAA5}" = CCC Help Swedish
"{F0345A2F-1D78-0AEA-7CBB-CEF48622EB44}" = Catalyst Control Center Localization Portuguese
"{F0646787-1A2F-34E9-A61D-9DAD69F606F8}" = CCC Help Spanish
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F50E4D66-5280-FDF8-7F55-2E47FCF23E7D}" = Catalyst Control Center Localization Korean
"{F67E6AE5-F87B-025F-2D6B-26491304393F}" = CCC Help Russian
"{F9DAAC4B-5E3F-1D39-9D4B-6998664EF402}" = Catalyst Control Center Localization Finnish
"{F9F66B99-C1B3-ACEA-1F80-404CC4DD96BF}" = Catalyst Control Center Localization French
"{FA493449-3E34-4E05-8CA7-26A42E9F180E}" = CCC Help Greek
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"ENTERPRISER" = Microsoft Office Enterprise 2007
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"myphotobook" = myphotobook 3.6
"NAVIGON Fresh" = NAVIGON Fresh 3.2.0
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 06.06.2010 07:00:58 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 07:02:19 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 07:05:22 | Computer Name = UnserSpaß-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.06.2010 07:48:49 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 07:53:42 | Computer Name = UnserSpaß-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.06.2010 08:37:04 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 08:56:06 | Computer Name = UnserSpaß-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.06.2010 10:40:50 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 13:13:36 | Computer Name = UnserSpaß-PC | Source = EventSystem | ID = 4621
Description =
Error - 06.06.2010 13:23:28 | Computer Name = UnserSpaß-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 14.04.2010 14:13:44 | Computer Name = UnserSpaß-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 224
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 11.06.2011 06:27:45 | Computer Name = UnserSpaß-PC | Source = DCOM | ID = 10010
Description =
Error - 13.06.2011 12:59:42 | Computer Name = UnserSpaß-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 13.06.2011 um 18:58:41 unerwartet heruntergefahren.
Error - 14.06.2011 08:23:30 | Computer Name = UnserSpaß-PC | Source = DCOM | ID = 10010
Description =
Error - 16.06.2011 13:53:10 | Computer Name = UnserSpaß-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease *********** für die Netzwerkkarte mit der Netzwerkadresse
0024D25759D1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 16.06.2011 14:07:56 | Computer Name = UnserSpaß-PC | Source = DCOM | ID = 10005
Description =
Error - 16.06.2011 14:07:56 | Computer Name = UnserSpaß-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 16.06.2011 14:07:56 | Computer Name = UnserSpaß-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.06.2011 14:07:56 | Computer Name = UnserSpaß-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 16.06.2011 14:07:56 | Computer Name = UnserSpaß-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.06.2011 15:04:03 | Computer Name = UnserSpaß-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 16.06.2011 um 21:00:27 unerwartet heruntergefahren.
< End of report >
Geändert von just 1999 (16.06.2011 um 20:55 Uhr) Grund: scan einfügen |
| Themen zu gefälschte Windows Scan-Software "Security Protection" |
| anti maleware, antivir, avira, avira antivir, bli, blinkt, blue, blue screen, computer, excel.exe, extras.txt, forum, infected, install.exe, maleware, malware, malwarebytes, meldung, microsoft office word, neu, office 2007, otl.txt, picasa, plug-in, problem, programm, rechner, scan, screen, search the web, searchplugins, security, security update, shell32.dll, start menu, sweetim, system, tipps, usb 2.0, windows |
Baum-Darstellung