| |  Polizei-Trojaner hat mich erwischt
 Hallo Liebes Trojaner-Team
Heute habe ich mir beim Surfen einen dieser miesen Polizei-Trojaner eingefangen bei dem durch diese Meldung alles blockiert ist.
Ich habe den Laptop dann im abgesicherten Modus mit Netzwerktreiber gestartet. Danach bin ich dann über google auf euer Forum gestossen und hab mir Malwarebytes und OTL runtergeladen und ausgeführt.
Malwarebytes Log PHP-Code: Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.15.09
Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Kevin :: KEVIN-TOSH [Administrator]
Schutz: Deaktiviert
16.08.2012 02:58:08
mbam-log-2012-08-16 (02-58-08).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 491864
Laufzeit: 1 Stunde(n), 11 Minute(n), 1 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|uxywstnixjmsula (Trojan.Ransom) -> Daten: C:\ProgramData\uxywstni.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 4
C:\ProgramData\uxywstni.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Kevin\0.7570417923624622.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Kevin\Desktop\SEGA\Neuer Ordner (3)\SAVE EDITOR Collection v 1.0\SAVE EDITOR Collection v 1.0\Borderlands Willow Tree Editor\WillowTree.exe (Trojan.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Kevin\Desktop\SEGA\Neuer Ordner (3)\SAVE EDITOR Collection v 1.0\SAVE EDITOR Collection v 1.0\Shadow Complex (XBL Arcade)\Shadow Complex Editor.exe (Trojan.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
OTL.txt PHP-Code: OTL logfile created on: 8/16/2012 5:30:15 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7.91 Gb Total Physical Memory | 5.28 Gb Available Physical Memory | 66.82% Memory free
15.82 Gb Paging File | 13.10 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.20 Gb Total Space | 35.13 Gb Free Space | 5.15% Space Free | Partition Type: NTFS
Computer Name: KEVIN-TOSH | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Users\Kevin\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe (Totem Entertainment)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov)
PRC - C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\3DataManager\WTGService.exe ()
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - C:\Users\Kevin\AppData\Local\vghd\bin\QtGui4.dll ()
MOD - C:\Users\Kevin\AppData\Local\vghd\bin\QtNetwork4.dll ()
MOD - C:\Users\Kevin\AppData\Local\vghd\bin\QtXml4.dll ()
MOD - C:\Users\Kevin\AppData\Local\vghd\bin\QtCore4.dll ()
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (SearchAnonymizer) -- C:\Users\Kevin\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (WTGService) -- C:\Program Files (x86)\3DataManager\WTGService.exe ()
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\symnets.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\SymEFA64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\SymDS64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\Ironx64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtsp64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\srtspx64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1307010.005\ccSetx64.sys (Symantec Corporation)
DRV:[b]64bit:[/b] - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (CeKbFilter) -- C:\Windows\SysNative\drivers\CeKbFilter.sys (Compal Electronics, INC.)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:[b]64bit:[/b] - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:[b]64bit:[/b] - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:[b]64bit:[/b] - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:[b]64bit:[/b] - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:[b]64bit:[/b] - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DVB7700ALL) -- C:\Windows\SysNative\drivers\dvb7700all.sys (DiBcom)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:[b]64bit:[/b] - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV:[b]64bit:[/b] - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (Thpdrv) -- C:\Windows\SysNative\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:[b]64bit:[/b] - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (enecirhid) -- C:\Windows\SysNative\drivers\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV:[b]64bit:[/b] - (enecirhidma) -- C:\Windows\SysNative\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.)
DRV:[b]64bit:[/b] - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120815.002\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\VirusDefs\20120815.002\eng64.sys (Symantec Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120402.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120202.002\IDSviA64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{7CF3FA9B-4D75-4A99-9D05-0092AFDC9FD2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.comoestamos.com/search/
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{68A72E44-9F07-436B-ADC8-000512CCE1DA}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{76434FE2-B79A-4DFE-A374-D716B8B03CF7}: "URL" = hxxp://www.comoestamos.com/search/searchgoogle.asp?q={searchTerms}
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\UpdatusUser\Desktop
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes,DefaultScope = {9A30E5D9-3E33-4843-8EEE-8A9FF24AAE7E}
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes\{9A30E5D9-3E33-4843-8EEE-8A9FF24AAE7E}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D5453484D44462670633D4D41544D267372633D49452D536561726368426F78&st={searchTerms}&clid=28394ff9-4ab2-4cd2-a86c-451c91f5a49e&pid=freewarede&k=0
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes\{9F93CD32-55F1-4FC2-A524-533632037C8B}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes\{A123577E-908F-4CDB-972F-5B11A46D54FD}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Kevin\Desktop
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes,DefaultScope = {9A30E5D9-3E33-4843-8EEE-8A9FF24AAE7E}
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deAT448
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes\{9A30E5D9-3E33-4843-8EEE-8A9FF24AAE7E}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D5453484D44462670633D4D41544D267372633D49452D536561726368426F78&st={searchTerms}&clid=28394ff9-4ab2-4cd2-a86c-451c91f5a49e&pid=freewarede&k=0
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes\{9F93CD32-55F1-4FC2-A524-533632037C8B}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes\{A123577E-908F-4CDB-972F-5B11A46D54FD}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-920081731-557011817-1691672322-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/22 00:55:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\IPSFFPlgn\ [2012/08/16 04:43:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\coFFPlgn\ [2012/08/16 04:43:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 19:57:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/19 02:25:29 | 000,000,000 | ---D | M]
[2011/08/10 17:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions
[2011/08/10 17:47:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2012/08/16 02:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lo7btcah.default\extensions
[2012/08/04 23:33:56 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lo7btcah.default\extensions\ffxtlbra@softonic.com
[2012/04/20 23:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/25 19:57:21 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 06:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 06:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: preisspion.de = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.0_0\
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2011/09/10 05:55:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-920081731-557011817-1691672322-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-920081731-557011817-1691672322-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Ocs_SM] C:\Users\Kevin\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1001..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-920081731-557011817-1691672322-1000..\RunOnce: [SysOff] C:\Windows\SysWOW64\SYSPREP\ClosespV.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk = C:\Users\Kevin\AppData\Local\vghd\bin\vghd.exe (Totem Entertainment)
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Mcx1-KEVIN-TOSH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-920081731-557011817-1691672322-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-920081731-557011817-1691672322-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E1EFD16-CBA1-4C51-9DE0-2DD4AFBFE634}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/08/16 04:42:37 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/16 04:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/16 04:41:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/08/16 04:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2012/08/16 04:40:36 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/08/16 03:49:23 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\ff11
[2012/08/16 03:47:22 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2012/08/16 02:57:08 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes
[2012/08/16 02:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/16 02:56:57 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/16 02:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/16 02:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/16 02:56:18 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Kevin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/16 01:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\rsiogkxqxettjhl
[2012/08/14 12:37:36 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Songbird2
[2012/08/14 12:37:36 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Songbird2
[2012/08/14 12:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Songbird
[2012/08/14 12:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Songbird
[2012/08/08 08:39:06 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Skyrim
[2012/08/08 08:38:39 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2012/08/08 08:38:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2012/08/08 08:38:39 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2012/08/08 08:38:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2012/08/08 08:38:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2012/08/08 08:38:38 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2012/08/08 08:38:38 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2012/08/08 08:38:38 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2012/08/08 08:38:37 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2012/08/08 08:38:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2012/08/08 08:38:37 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2012/08/08 08:38:36 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2012/08/08 08:38:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2012/08/08 08:38:36 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2012/08/08 08:38:36 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2012/08/08 08:38:36 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2012/08/08 08:38:35 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2012/08/08 08:38:34 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2012/08/08 08:38:34 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2012/08/08 08:38:32 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2012/08/08 08:38:32 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2012/08/08 08:38:32 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2012/08/08 08:38:32 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2012/08/08 08:38:32 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2012/08/08 08:38:32 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2012/08/08 08:38:31 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2012/08/08 08:38:31 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2012/08/08 08:38:30 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2012/08/08 08:38:30 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2012/08/08 08:38:30 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2012/08/08 08:38:30 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2012/08/08 08:38:28 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2012/08/08 08:38:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2012/08/08 08:38:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2012/08/08 08:38:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2012/08/08 08:38:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2012/08/08 08:38:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2012/08/08 08:38:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2012/08/08 08:36:21 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\My Games
[2012/08/07 02:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012/08/06 05:54:31 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\XboxMB
[2012/08/06 05:54:26 | 000,000,000 | ---D | C] -- C:\windows\XSxS
[2012/08/06 05:54:26 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Xenocode
[2012/08/06 05:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2012/08/06 05:53:43 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Downloads
[2012/07/31 23:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Movie Player
[2012/07/30 17:22:38 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Any Video Converter
[2012/07/30 17:22:33 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\AnvSoft
[2012/07/30 17:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012/07/30 17:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2012/07/23 19:49:43 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Coma
[2012/07/23 19:49:19 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Revolt
[2012/07/23 19:48:58 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\360Revolution
[2012/07/18 23:28:02 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Macromedia
[2012/07/18 21:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\Sogna
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/08/16 05:06:04 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/16 04:48:16 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 04:48:16 | 000,025,120 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 04:46:40 | 001,715,430 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1307010.005\Cat.DB
[2012/08/16 04:42:37 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/16 04:42:37 | 000,007,488 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/16 04:42:37 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/16 04:42:31 | 000,002,575 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/16 04:40:43 | 000,001,308 | ---- | M] () -- C:\Users\Kevin\Desktop\Norton-Installationsdateien.lnk
[2012/08/16 04:37:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/16 04:37:12 | 2074,099,711 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/16 04:35:25 | 001,506,754 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/08/16 04:30:46 | 000,921,344 | ---- | M] () -- C:\Users\Kevin\Desktop\Norton_Removal_Tool.exe
[2012/08/16 04:17:09 | 000,002,046 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2012/08/16 03:47:22 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2012/08/16 02:56:58 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/16 02:56:26 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Kevin\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/16 01:29:48 | 000,008,942 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1308000.00E\VT20120731.038
[2012/08/16 01:25:07 | 000,000,051 | ---- | M] () -- C:\ProgramData\oewjvtfvpnesgyz
[2012/08/15 17:30:44 | 001,614,892 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/15 17:30:44 | 000,697,534 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/08/15 17:30:44 | 000,652,812 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/15 17:30:44 | 000,148,540 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/08/15 17:30:44 | 000,121,486 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/15 12:06:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/15 12:06:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/14 12:37:17 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\Songbird.lnk
[2012/08/08 14:02:08 | 016,314,368 | ---- | M] () -- C:\Users\Kevin\Documents\Speichern 4 - Kevin Himmelsrand 185.exs
[2012/08/08 09:00:08 | 000,000,221 | ---- | M] () -- C:\Users\Kevin\Desktop\The Elder Scrolls V Skyrim.url
[2012/07/31 23:45:25 | 000,000,111 | ---- | M] () -- C:\user.js
[2012/07/30 17:16:08 | 000,001,247 | ---- | M] () -- C:\Users\Kevin\Desktop\Any Video Converter.lnk
[2012/07/23 19:32:08 | 001,592,786 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/08/16 04:42:37 | 000,007,488 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/16 04:42:37 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/16 04:42:31 | 000,002,575 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/16 04:40:36 | 000,001,308 | ---- | C] () -- C:\Users\Kevin\Desktop\Norton-Installationsdateien.lnk
[2012/08/16 04:30:17 | 000,921,344 | ---- | C] () -- C:\Users\Kevin\Desktop\Norton_Removal_Tool.exe
[2012/08/16 02:56:58 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/16 01:25:00 | 000,000,051 | ---- | C] () -- C:\ProgramData\oewjvtfvpnesgyz
[2012/08/14 12:37:17 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\Songbird.lnk
[2012/08/08 14:00:44 | 016,314,368 | ---- | C] () -- C:\Users\Kevin\Documents\Speichern 4 - Kevin Himmelsrand 185.exs
[2012/08/08 09:00:08 | 000,000,221 | ---- | C] () -- C:\Users\Kevin\Desktop\The Elder Scrolls V Skyrim.url
[2012/07/31 23:45:25 | 000,000,111 | ---- | C] () -- C:\user.js
[2012/07/30 17:16:08 | 000,001,247 | ---- | C] () -- C:\Users\Kevin\Desktop\Any Video Converter.lnk
[2012/06/17 23:22:41 | 000,000,300 | ---- | C] () -- C:\windows\ACTIVEJP.INI
[2012/01/24 04:49:22 | 000,004,096 | ---- | C] () -- C:\windows\d3dx.dat
[2011/09/10 05:47:45 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/09/10 05:47:45 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/09/10 05:47:45 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/09/10 05:47:45 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/09/10 05:47:45 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/09/02 15:07:08 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/09/02 14:52:25 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/24 02:20:14 | 000,000,003 | ---- | C] () -- C:\windows\treeskp.sys
[2011/08/24 02:20:14 | 000,000,003 | ---- | C] () -- C:\windows\sbacknt.bin
[2011/08/06 18:24:27 | 001,592,786 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/08/06 14:20:04 | 000,059,685 | ---- | C] () -- C:\windows\War3Unin.dat
[2011/06/17 06:12:01 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2011/04/05 05:07:00 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/04/05 05:06:58 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/04/05 05:06:58 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/02/04 04:56:58 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2010/11/09 21:09:58 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll
[color=#E56717]========== LOP Check ==========[/color]
[2012/03/24 13:36:03 | 000,000,000 | -HSD | M] -- C:\Users\Kevin\AppData\Roaming\.#
[2011/08/11 06:19:29 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\3DataManager
[2012/07/30 17:22:33 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\AnvSoft
[2012/02/18 12:53:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Clickteam
[2011/08/13 22:38:43 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Datel
[2012/08/16 02:11:03 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\DVDVideoSoft
[2011/08/30 01:21:30 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\NCH Swift Sound
[2011/08/29 23:09:00 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\OCS
[2011/08/29 23:09:02 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Opera
[2011/08/11 16:27:49 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Philips
[2011/08/10 17:46:52 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Philips-Songbird
[2011/08/10 20:57:18 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Program Files (x86)
[2012/07/11 18:51:53 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\SoftGrid Client
[2012/08/14 12:37:36 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Songbird2
[2011/08/07 01:39:20 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Toshiba
[2011/08/06 16:10:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TOSHIBA Online Product Information
[2011/08/06 18:25:01 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TP
[2011/08/06 12:52:30 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\WinBatch
[2012/08/16 04:16:15 | 000,026,036 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/02/18 13:33:45 | 000,000,000 | ---D | M](C:\Users\Kevin\Documents\?????) -- C:\Users\Kevin\Documents\小影の伝説
[2012/02/18 13:20:16 | 000,000,000 | ---D | C](C:\Users\Kevin\Documents\?????) -- C:\Users\Kevin\Documents\小影の伝説
< End of report >
Extras.txt PHP-Code: OTL Extras logfile created on: 8/16/2012 5:30:15 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7.91 Gb Total Physical Memory | 5.28 Gb Available Physical Memory | 66.82% Memory free
15.82 Gb Paging File | 13.10 Gb Available in Paging File | 82.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.20 Gb Total Space | 35.13 Gb Free Space | 5.15% Space Free | Partition Type: NTFS
Computer Name: KEVIN-TOSH | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[color=#E56717]========== Firewall Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EC35AC6-92E2-41DD-8D75-2094CFEF5585}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B9A38B-A2C9-4286-82FB-ABAE34F86526}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1A3A8A44-7294-4B49-92E0-7C888D38C697}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C7148E9-9DCB-4CB3-A43A-B8B3DF4C7345}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{23C19003-B0D4-4ED4-8078-CE2E228AC7C7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{249641A7-E607-4853-841A-124FFA6A8A7C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{290A7C08-56EE-450E-9AD6-A45025528ECD}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{2D3C2657-9D5D-40F3-AEE2-2BD214123DC8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30D9FA76-E860-409C-91BE-D111608309D3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3232E0A3-91F4-4436-84D6-FA4E0B13061D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{324325D5-1997-42B4-B37B-725087B51CA3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33ED8279-D271-4180-A219-8783B17F2924}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F8F63C6-0E2B-43BD-8919-972147AFEEA1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4543C654-306B-4C73-8523-9769D09E73FB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4C3B3B45-95EF-4DCD-9F3C-5C847AD5C093}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4E1A41F9-E91D-41AB-A6CE-273294C5E54C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{598B7D8C-DBDA-49C3-A137-1C9BA44D0D3A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{600EB824-0BAA-47B8-B743-D6E7ED0417CE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{603C8703-E1CE-4D2F-B489-845853250A7F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CF96340-F250-4404-8879-0CD25C742A0C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73974DF1-15D8-4AE5-A643-6B21377FA6A4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75B93040-6063-43B4-9BA0-5DEEE7BEE01B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{782C0D0E-DD07-4D1D-9BFB-CB16DC08467E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F2C0899-7A1E-4933-A9A6-BF228B085CFB}" = lport=3390 | protocol=6 | dir=in | app=system |
"{837E4B7B-8FE4-4A16-AFFE-17D49690B88F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90F5F375-821A-422E-9BE9-61CD160236D9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{91F346C1-12C7-4471-B62B-2020BEA18806}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A2A08795-F026-46E6-8D6A-6043E61C106E}" = lport=10244 | protocol=6 | dir=in | app=system |
"{B2CCE22A-1E22-45AB-AA58-13D779393783}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA172DEE-6422-4375-9CA8-C4AC39A4275B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDB9123D-F4EB-4CB5-82B1-51C33B7C91BB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C0F431A3-EFD6-48B6-BE4A-BE9DA0EB8EE0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C49FAD3E-4ACE-4552-9667-9C5986EE7E17}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9F24535-9DF3-46ED-9378-E10C56F58F40}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CBF85601-E332-452A-9CBA-E05552249179}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF5B0068-3A1A-4736-8D07-FA58B7C2D869}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D00865F4-8BD5-4BCA-93EA-E4B547090082}" = lport=3390 | protocol=6 | dir=in | app=system |
"{DD42B329-9C3C-4B02-9155-128C4818C06B}" = lport=10255 | protocol=6 | dir=in | name=tmc_plugin_port |
"{DE49D80E-9A21-44DB-80E4-1FE8F8CDE5C5}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E3389F8C-788E-4BC4-A9EF-D5CCE2F339BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F07F820F-20FD-4FA8-8500-2A70A382A871}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F5AFC0A5-C14C-4E0E-A37D-38D9299D9DC3}" = lport=10244 | protocol=6 | dir=in | app=system |
"{F8AA41DB-9481-4981-B4D3-DD9C1F4D46D2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F8D21455-3F62-49DC-8617-F4F8BA2A60E6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{FC661AFC-6D92-4B95-AE89-91B3AB16B91A}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0094B4CD-3A6F-4A9D-B74A-70C974863A5D}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{012C3E54-5253-4432-933F-8381D4CAEE51}" = protocol=17 | dir=in | app=c:\users\kevin\desktop\modio_3.0\modio\modio.exe |
"{02C91A76-EBF7-4729-9F71-6EA76E32BCA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\final fantasy xi\toolsus\final fantasy xi config.exe |
"{0386396B-63DF-466C-B3E6-2F8506304FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{05E4588E-0405-40CE-9B28-631F2CA6F517}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0EC68DF1-2176-4B93-8EA1-EED868B4C861}" = protocol=6 | dir=in | app=c:\users\kevin\appdata\local\temp\7zsb7aa.tmp\symnrt.exe |
"{1041AF47-CC5E-429C-B4EE-70B5F35A20B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{11331A99-4881-4A2D-86DA-128C404DC677}" = protocol=17 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\vghd.exe |
"{1872FA29-E71E-4BA3-9F0E-AD20161B4D1C}" = protocol=17 | dir=in | app=c:\users\kevin\appdata\local\temp\7zsb7aa.tmp\symnrt.exe |
"{2F2AF9E1-CE6F-46D4-8332-12352B3A0BDF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{37D24F01-08CB-4704-A17E-BD44C8AFC87D}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{3A91E56B-64CD-4531-BCA1-5B05C7D87936}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{3D6A86CD-7909-4BAE-8B70-246822ECE2C7}" = protocol=6 | dir=in | app=c:\users\kevin\desktop\modio_3.0\modio\modio.exe |
"{44C25CD8-14A2-4B0F-8395-32AEF9858708}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 3 - serious chaos trailer\smp.exe |
"{48405E7D-577F-4043-894A-180FF1B161E6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4A9B5760-D17B-49FA-9A88-1AEC85C47788}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\polcfg\polcfg.exe |
"{4DADA237-4508-471D-9918-3A0DBC7E6215}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F36E53D-957F-4D38-928C-11D479535B83}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{5580711C-3AEE-460A-8ED5-A55C93E4D64E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 3 - serious chaos trailer\smp.exe |
"{56B747B9-1017-465F-9745-C9A068DF876F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5D8C0EF2-832B-4836-BA6E-0D7D9415DFE8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\final fantasy xi\polboot.exe |
"{63F14725-5622-4B5C-85C9-4025C294B8A1}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{69329827-9A3D-48CC-959B-A896E3A43C20}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6E834BD3-422E-44D7-912D-B1A1615AC395}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6F06C9BD-E5EA-48A1-AD3E-38718A210B62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{716DE0CA-97DF-466A-ACE7-B53D195A2E42}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7A63823E-E2AB-46D5-BAA7-2D8A35D23FA8}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7E49D09A-5747-4C58-BAC7-0F64F6FEC734}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{8EAC16DF-C938-41C3-8B84-43D9DB9243FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 3 - serious chaos trailer\smp.exe |
"{A29C8DDB-A9FE-41CB-9C21-DB0421F1BEFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A6BB2E20-9C4D-461D-BFA5-8EE487F6FF35}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AF3AFFC5-40F9-4DB5-8902-8F05EB34CA25}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B31E0004-AE30-447E-8549-65BE105D3D4F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{B3CF3D9E-14AA-4717-A3D8-58DCC9B94A3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\playonlineviewer\polcfg\polcfg.exe |
"{B5331D9E-512A-4725-8690-43683822ACD4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B9E7E0B7-B248-415B-9BE1-6E20954426E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\final fantasy xi\toolsus\final fantasy xi config.exe |
"{B9F44094-9B18-4D12-A98B-1241D8B281F0}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C38FA7A0-7C73-4BB9-B2BA-C5336478D1FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ffxi\squareenix\final fantasy xi\polboot.exe |
"{CBB63187-159B-4A05-AFB0-E9E4E4111A9E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CD28EEA6-CE7D-45D6-AD6B-A0D1219427B0}" = protocol=6 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\vghd.exe |
"{CE7ECF1C-3F12-427E-81A2-9E974B7410D7}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{CEDA5F4F-E833-4DAD-9AF8-5C253DA194B5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DBB82DA9-B4D4-4FCD-AAA8-20ACF2B93CF5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DD9938D5-4A00-476D-989D-5427BDB5DB89}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E38210BE-CF98-4A35-8BA7-5DB77F3E148C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 3 - serious chaos trailer\smp.exe |
"{ECA43105-D28D-4FB2-A431-9A7F4939F5E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{ECC4D6BA-29EA-494E-AA45-B47CC40E0BF0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F106935E-10A8-4B70-9545-EB2C0A8F772C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FAE4A6E6-2DB6-4D62-B5D1-3EDC660B83DB}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{FBE4F24D-2038-4C37-831E-2C7DD92813A0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{E953DE4E-EBC7-48E5-9715-D2D6D8CD309B}C:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"TCP Query User{FF755883-EC0A-4022-9DE5-63BE8FCC3D7C}C:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=6 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"UDP Query User{8E66494E-AB8F-47B8-96F4-BE06C8C1C352}C:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe |
"UDP Query User{A23A2C21-49CD-4FD9-A508-82050B89D45D}C:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=17 | dir=in | app=c:\users\kevin\appdata\local\vghd\bin\virtuagirl_downloader.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{65486209-5C54-439C-8383-8AC9BBE25932}" = Atheros Bluetooth Filter Driver Package
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 267.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SearchAnonymizer" = SearchAnonymizer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}" = Nero Multimedia Suite 10 Essentials
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D047C6C-19EE-46E3-C14B-9FA84260DF9B}" = Photo Service - powered by myphotobook
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5169D2E2-0B94-3320-8C7A-718F92BE20CE}" = Microsoft Visual Basic PowerPacks 1.2
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57C39411-6747-489C-A226-46885FB0D2D0}" = DriverBoost
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA VIDEO PLAYER
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBB0ABFB-4668-4172-952D-2CEF5C14F4D2}" = Command & Conquer™ Die ersten 10 Jahre-Patch 1.02
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}" = TOSHIBA ConfigFree
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FDE58148-57E7-43BF-879A-29CCE818C078}" = eBay
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3DataManager" = 3DataManager
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Any Video Converter_is1" = Any Video Converter 3.4.1
"conduitEngine" = Conduit Engine
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Free Audio Converter_is1" = Free Audio Converter version 2.3.2.804
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"RealPlayer 12.0" = RealPlayer
"Songbird-release-2311" = Songbird 2.0.0 (Build 2311)
"Steam App 39260" = FINAL FANTASY XI: Ultimate Collection - Abyssea Edition
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Warcraft III" = Warcraft III
"WavePad" = WavePad Audiobearbeitungs-Software
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-01bd991c-1470-4ef0-a174-0d71be58f927" = Chicken Invaders 3 - Revenge of the Yolk
"WTA-3920e22a-03da-4af8-9e26-dd4426eaf690" = Final Drive: Nitro
"WTA-6b7a5fcf-cdd8-40f7-a8d7-fb15160d1418" = Bejeweled 2 Deluxe
"WTA-6df6cb39-3dec-45d8-816b-4d494d7b9b44" = Zuma Deluxe
"WTA-88f2e720-8854-422c-9c11-12e1989ff105" = Penguins!
"WTA-8e37611f-0667-4c26-924b-a69124fda92f" = Chuzzle Deluxe
"WTA-9426cee1-1361-4793-996e-1e08f0b7e68b" = Slingo Deluxe
"WTA-bfa36b20-caac-423c-bbda-ad4a62404b67" = Insaniquarium Deluxe
"WTA-c65b7868-a924-43c0-8b02-d258b353107e" = Wedding Dash 2 - Rings Around the World
"WTA-c73e6abf-c860-42a2-8802-591a8658d489" = Bejeweled 3
"WTA-ced71cf4-13e2-4fad-839b-b5d553d65ccc" = Diner Dash 2 Restaurant Rescue
"WTA-e32aa95f-8328-47a5-abe6-debc4b8f4784" = FATE
"WTA-e47f0222-e398-420e-ba02-b7db351caa1a" = Polar Bowler
"WTA-eaa2ce22-f430-4ccd-8fcc-f180370f5f99" = Plants vs. Zombies - Game of the Year
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-920081731-557011817-1691672322-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"VirtuaGirl_is1" = VirtuaGirl Version 1.1.0.12
"Warcraft III" = Warcraft III: All Products
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-920081731-557011817-1691672322-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"VirtuaGirl_is1" = VirtuaGirl Version 1.1.0.12
"Warcraft III" = Warcraft III: All Products
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 6/26/2012 2:07:17 PM | Computer Name = Kevin-TOSH | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 6/30/2012 9:27:26 AM | Computer Name = Kevin-TOSH | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 7/3/2012 4:16:14 AM | Computer Name = Kevin-TOSH | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 7/4/2012 7:17:58 PM | Computer Name = Kevin-TOSH | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 7/11/2012 12:56:09 PM | Computer Name = Kevin-TOSH | Source = WinMgmt | ID = 10
Description =
Error - 7/11/2012 12:57:01 PM | Computer Name = Kevin-TOSH | Source = Application Hang | ID = 1002
Description = Programm mshta.exe, Version 9.0.8112.16421 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1118 Startzeit:
01cd5f85f741c9de Endzeit: 0 Anwendungspfad: C:\windows\SysWOW64\mshta.exe Berichts-ID:
479bd559-cb79-11e1-8b08-b870f4607654
Error - 7/11/2012 12:58:35 PM | Computer Name = Kevin-TOSH | Source = TOSHIBA Service Station | ID = 0
Description = TSS Load: could not communicate with TMachInfo service
Error - 7/17/2012 12:29:50 PM | Computer Name = Kevin-TOSH | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 7/17/2012 3:30:27 PM | Computer Name = Kevin-TOSH | Source = WinMgmt | ID = 10
Description =
Error - 7/23/2012 12:09:15 PM | Computer Name = Kevin-TOSH | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16447 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 12d8 Startzeit: 01cd68e82c74bd9f Endzeit: 125 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 7/23/2012 1:36:33 PM | Computer Name = Kevin-TOSH | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 9/13/2011 5:15:03 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 23:15:03 - Fehler beim Herstellen der Internetverbindung. 23:15:03
- Serververbindung konnte nicht hergestellt werden..
Error - 9/13/2011 5:15:09 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 23:15:09 - Fehler beim Herstellen der Internetverbindung. 23:15:09
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 1:39:58 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 19:39:58 - Fehler beim Herstellen der Internetverbindung. 19:39:58
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 1:40:04 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 19:40:03 - Fehler beim Herstellen der Internetverbindung. 19:40:03
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 2:43:32 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 20:42:33 - Fehler beim Herstellen der Internetverbindung. 20:42:33
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 2:47:06 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 20:43:52 - Fehler beim Herstellen der Internetverbindung. 20:43:52
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 3:46:37 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 21:46:37 - Fehler beim Herstellen der Internetverbindung. 21:46:37
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 3:46:49 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 21:46:43 - Fehler beim Herstellen der Internetverbindung. 21:46:43
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 4:46:51 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 22:46:51 - Fehler beim Herstellen der Internetverbindung. 22:46:51
- Serververbindung konnte nicht hergestellt werden..
Error - 9/21/2011 4:46:57 PM | Computer Name = Kevin-TOSH | Source = MCUpdate | ID = 0
Description = 22:46:56 - Fehler beim Herstellen der Internetverbindung. 22:46:56
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 7/10/2012 3:03:28 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/10/2012 3:04:05 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/10/2012 3:04:05 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/10/2012 6:54:22 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/11/2012 12:31:42 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/11/2012 12:31:42 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/11/2012 12:55:07 PM | Computer Name = Kevin-TOSH | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 7/11/2012 12:57:04 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
Error - 7/11/2012 1:02:55 PM | Computer Name = Kevin-TOSH | Source = Service Control Manager | ID = 7022
Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error - 7/11/2012 6:13:18 PM | Computer Name = Kevin-TOSH | Source = ipnathlp | ID = 31004
Description =
< End of report >
Ich hoffe, dass ich alles richtig gepostet hab und danke euch schonmal im voraus für Eure Hilfe!!
|
16.08.2012, 09:47
Baum-Darstellung