| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unerwünschte Verlinkung im Internet-Browser (=> i.trkjmp.com) - scheintWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.02.2013, 15:04
| #1 |
| |  Unerwünschte Verlinkung im Internet-Browser (=> i.trkjmp.com) - scheint Hallo Zusammen! ich habe seit etwa 5 Tagen folgendes Problem: Auf allen Seiten meiner Browsers (Chrome) werden bestimmte Begriffe als Verknüpfung (unterstrichen) dargestellt. (zB bereits , früherer ...). Bei Mouseover wird ein Fenster aufgemacht mit der Adresse " hxxp://i.trkjmp.com/click?v=QVQ6MzMyND... " . Die Links werden zusehends mehr. Virenschutzprogramm ist GDATA Internet security 2013 Version 23.1.0.2 (16.1.2013). Virenscanner habe ich drüberlaufen lassen - keine Erkenntnisse/Veränderung. Dasselbe bei Malwarebytes Anti-Malware. Auf die Plattform www.trojaner-board.de bin ich gestern über ein Posting von [moodletrojan v. 20.1.2013 19:30] gestossen, das mir ähnlich erscheint Ich habe versucht, die drei vorzubereitenden Schritte auszuführen - defrogger + otl hat funktioniert, bei GMER bin ich gescheitert: Im Rahmen der Durchführung hat sich der Rechner verabschiedet. Nach Neustart hat GMER den rechner blockiert - nach 30 Minuten mittel Strom-aus neu gestartet - im abgesicherten Modus durchgeführt, aber keine Meldungen erhalten. Anschlissend nochmals versucht GMER im normelan Modus zu starten - selbes Ergebnis: Notebook bleibt hängen (Taskboard läßt sich ebenfalls nicht mehr starten). Akuteller Stand: Anbei die beiden Logfiles. Bitte um Eure Hilfe - vielen Dank im voraus für Eure Vorschläge. Michael OTL: OTL logfile created on: 2/11/2013 10:28:29 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.51% Memory free 15.96 Gb Paging File | 13.01 Gb Available in Paging File | 81.49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 348.61 Gb Total Space | 272.69 Gb Free Space | 78.22% Space Free | Partition Type: NTFS Drive D: | 349.64 Gb Total Space | 319.80 Gb Free Space | 91.46% Space Free | Partition Type: NTFS Drive M: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Drive P: | 465.65 Gb Total Space | 180.21 Gb Free Space | 38.70% Space Free | Partition Type: FAT32 Drive S: | 465.65 Gb Total Space | 180.21 Gb Free Space | 38.70% Space Free | Partition Type: FAT32 Drive X: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Drive Y: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Computer Name: RUE-NB | User Name: Michael | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/02/11 10:26:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe PRC - [2013/02/06 15:57:50 | 002,040,224 | ---- | M] (Fabasoft R&D GmbH) -- C:\Users\Michael\AppData\Local\Fabasoft\x86\foliouipu.exe PRC - [2013/01/09 13:01:22 | 001,035,216 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012/12/18 15:28:12 | 001,431,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/11/29 05:20:10 | 001,475,096 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012/11/29 04:49:49 | 001,548,312 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012/11/29 04:47:08 | 000,469,016 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2012/11/22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe PRC - [2012/11/22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/03/29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012/01/19 12:30:04 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe PRC - [2011/05/11 17:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011/03/29 14:33:08 | 000,598,312 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011/01/13 08:22:24 | 002,749,856 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2010/12/20 17:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/12/20 17:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/12/03 13:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2010/09/06 15:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2010/08/23 15:12:00 | 000,677,264 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2010/08/23 15:12:00 | 000,087,440 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe PRC - [2009/07/28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009/05/19 17:39:44 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe PRC - [2009/04/03 17:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe PRC - [2009/03/10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe ========== Modules (No Company Name) ========== MOD - [2013/01/12 08:18:59 | 000,014,336 | ---- | M] () -- C:\Users\Michael\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU MOD - [2013/01/12 08:18:26 | 009,390,592 | ---- | M] () -- C:\Users\Michael\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu MOD - [2012/12/18 15:28:12 | 000,305,880 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/03/15 10:42:25 | 008,498,608 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService) SRV:64bit: - [2011/07/01 10:46:14 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV:64bit: - [2011/03/02 14:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV:64bit: - [2010/12/09 16:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2010/12/08 14:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2010/10/20 13:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/03/25 14:58:22 | 000,034,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2013/02/10 09:32:10 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/11/29 05:14:21 | 002,377,736 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2012/11/29 05:08:54 | 002,012,592 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe -- (AVKWCtl) SRV - [2012/11/29 04:49:49 | 001,548,312 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012/11/29 04:47:08 | 000,469,016 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2012/11/22 16:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012/11/22 16:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/03/29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2011/05/11 17:49:32 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011/03/29 14:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2011/02/10 08:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) SRV - [2010/12/20 17:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/12/20 17:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/11/29 13:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2010/04/12 09:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013/01/21 22:03:17 | 000,064,416 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2013/01/21 22:03:15 | 000,065,008 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2013/01/09 21:20:07 | 000,062,368 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2013/01/09 20:30:11 | 000,126,880 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2013/01/09 20:30:11 | 000,054,176 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/05/19 07:12:36 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2012/03/15 10:43:59 | 000,301,904 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd) DRV:64bit: - [2012/03/15 10:43:59 | 000,015,184 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr) DRV:64bit: - [2012/03/15 08:49:12 | 000,017,408 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_6.2.37054.0.sys -- (DisplayLinkUsbPort) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/15 21:18:19 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon) DRV:64bit: - [2011/07/08 16:06:08 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:64bit: - [2011/06/01 06:18:22 | 000,079,360 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ax88772.sys -- (AX88772) DRV:64bit: - [2011/05/20 08:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011/05/10 16:41:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/08 18:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2011/02/03 18:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011/01/27 14:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb) DRV:64bit: - [2011/01/27 11:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011/01/20 09:26:46 | 000,291,120 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd) DRV:64bit: - [2010/12/17 18:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010/12/10 12:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 12:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/12/01 15:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/11/29 10:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom) DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/11/11 09:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp) DRV:64bit: - [2010/11/08 12:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/10/18 13:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2010/08/30 09:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid) DRV:64bit: - [2010/06/18 15:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec) DRV:64bit: - [2010/04/26 10:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd) DRV:64bit: - [2010/04/21 15:40:20 | 000,124,416 | ---- | M] (Wireless Device) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tmnsusbser.sys -- (tmnsusbser) DRV:64bit: - [2010/04/20 07:08:46 | 000,129,024 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tmusbnet.sys -- (tmusbnet) DRV:64bit: - [2009/07/30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/24 10:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds) DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/19 18:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL) DRV:64bit: - [2009/06/17 11:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte) DRV:64bit: - [2009/06/15 12:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem) DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=18&barid={36165BA9-7584-11E1-9AFD-E89A8FCE73F9} IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={36165BA9-7584-11E1-9AFD-E89A8FCE73F9} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851647/ IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&babsrc=SP_ss&mntrId=e24937880000000000000050b64da1ac IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TEUA_deAT453 IE - HKCU\..\SearchScopes\{8351DCCE-536F-47CF-8781-685DA37BBE9D}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647 IE - HKCU\..\SearchScopes\{8BE42563-DE14-4581-A40B-7A4D61863E58}: "URL" = hxxp://at.search.yahoo.com/search?ei=utf-8&fr=chr-greentree_ie&type=827316&ilc=12&p={searchTerms} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={36165BA9-7584-11E1-9AFD-E89A8FCE73F9} IE - HKCU\..\SearchScopes\{EFCFC88D-2AB8-4DD4-B46C-42E95800CE0A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r= IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\FabasoftPluginPU: C:\Users\Michael\AppData\Local\Fabasoft\x86\npfoliopluginpu32.dll (Fabasoft R&D GmbH) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012/12/03 15:08:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{D5AA91D3-CA07-4379-B0F2-AEC652F5943F}: C:\Users\Michael\AppData\Local\Fabasoft\TB\ [2013/02/10 20:07:36 | 000,000,000 | ---D | M] [2012/08/31 13:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\extensions [2012/08/31 13:41:56 | 000,000,000 | ---D | M] (uTorrentBar_DE) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2012/10/05 11:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/09/28 20:39:06 | 000,031,872 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ========== Chrome ========== CHR - homepage: hxxp://www.igoogle.at/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.igoogle.at/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - Extension: Chuck Anderson = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp\3_0\ CHR - Extension: uTorrentBar_DE = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.19.11_0\ CHR - Extension: SaveByclick = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\libinjpfkmhpjfcofinjhgbkfeebeiio\1\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TOSDOCKAPP] C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe (TOSHIBA) O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH) O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Communicator] C:\Program Files (x86)\Microsoft Lync\communicator.exe (Microsoft Corporation) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found O4 - HKCU..\Run: [FolioSystrayPU] C:\Users\Michael\AppData\Local\Fabasoft\x86\foliouipu.exe (Fabasoft R&D GmbH) O4 - HKCU..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA) O4 - HKCU..\Run: [TOSDOCKAPP] C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe (TOSHIBA) O4 - HKCU..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found O4 - Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Zu TOSHIBA Bulletin Board hinzufügen - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9:64bit: - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>) O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll (TODO: <会社名>) O9 - Extra Button: Lync-Add-On - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync-Add-On - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O9 - Extra 'Tools' menuitem : @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fabasoft.com ([*.folio] http in Trusted sites) O15 - HKCU\..Trusted Domains: fabasoft.com ([*.folio] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FD5CE88-DAF5-4870-B0BD-D8D429B2ED66}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D705E8D2-6205-4F99-BC15-1C987D15E1B5}: DhcpNameServer = 192.168.123.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5FD0D3F-C049-4A48-BA0A-C576C92281C0}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (c:\progra~2\saveby~1\sprote~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/02/10 23:14:46 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{01895b74-55c7-11e2-b299-0050b64da1ac}\Shell - "" = AutoRun O33 - MountPoints2\{01895b74-55c7-11e2-b299-0050b64da1ac}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1 O33 - MountPoints2\{01895b78-55c7-11e2-b299-0050b64da1ac}\Shell - "" = AutoRun O33 - MountPoints2\{01895b78-55c7-11e2-b299-0050b64da1ac}\Shell\AutoRun\command - "" = F:\.\autorun.exe O33 - MountPoints2\{d5bdb88c-5a99-11e2-bc42-0050b64da1ac}\Shell - "" = AutoRun O33 - MountPoints2\{d5bdb88c-5a99-11e2-bc42-0050b64da1ac}\Shell\AutoRun\command - "" = F:\iLinker.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/11 10:26:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe [2013/02/11 09:32:40 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{CA0D8AE8-37DB-456B-A37F-A3D6C1F6B85E} [2013/02/11 08:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/02/11 08:51:25 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/02/11 08:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/02/11 08:42:51 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\SpeedyPC Software [2013/02/11 08:42:51 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\DriverCure [2013/02/11 08:42:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software [2013/02/11 08:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software [2013/02/11 08:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software [2013/02/11 08:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedyPC Software [2013/02/10 23:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013/02/10 23:07:13 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/02/10 22:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013/02/10 22:01:50 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes [2013/02/10 22:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/02/10 21:32:14 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{183E8F79-2254-4E4A-A430-14D04C78066A} [2013/02/10 20:07:35 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fabasoft Folio Cloud [2013/02/10 20:07:35 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\Fabasoft [2013/02/10 09:31:49 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{BCB2D23A-00D6-4E92-B93B-B54BD0C69CE5} [2013/02/09 14:02:24 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{F2690EA8-0DAE-4ADC-A609-8EE5B1C65423} [2013/02/08 22:12:40 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{EDCF84F7-184C-413D-ABBB-72A0D0A491DE} [2013/02/04 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{588F2DC6-B139-47E0-A424-37263405EFCA} [2013/02/02 10:18:57 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{E19461DF-A630-4C9E-A201-CF404292DBEB} [2013/01/29 18:05:14 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{BAA83309-3D5E-4012-84E9-BD60E6144EBF} [2013/01/28 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{AED9DC08-C1DD-403A-8355-98E86C312FB9} [2013/01/27 20:52:04 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{7723344A-67F3-47E7-B6FE-F2FC613422FC} [2013/01/27 12:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ClickIT [2013/01/27 12:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SaveByClick [2013/01/27 12:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick [2013/01/27 12:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveByclick [2013/01/27 12:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013/01/27 12:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2013/01/27 12:34:39 | 000,103,936 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll [2013/01/27 11:04:46 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{905E6062-79FF-4746-AA43-659AFC27ED92} [2013/01/25 20:14:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{E70C579D-230C-4B6F-974F-BCF4FE4732DB} [2013/01/24 20:35:20 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{D151F9F1-DF53-4A4C-A98A-CFA010C982F6} [2013/01/23 06:54:24 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{3FA70619-FC5C-432E-946B-875B38744114} [2013/01/22 17:26:59 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{F6659662-F913-4CD5-80BF-C10C2B6DE64C} [2013/01/21 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{7A858509-91CD-444E-8FF8-5D796CE57D43} [2013/01/20 20:27:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{6DF1C1B1-34AC-4264-9436-9D260CE183C6} [2013/01/20 08:28:06 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{BD2AA843-70DD-4704-92B4-CBC8F143B292} [2013/01/19 09:29:01 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{5BA0B454-D0F2-4A81-9EC8-7F98C6BB467F} [2013/01/18 14:57:46 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{F5BD3619-A1DC-42FB-8B21-298EBACE2B47} [2013/01/17 21:35:48 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{2590C8D3-9E55-44E6-85AD-217D468B3B35} [2013/01/16 19:00:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{D053E6E1-4D84-4A9F-A29F-5885BCF9A637} [2013/01/15 18:30:28 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{586635A7-6C32-43A8-834F-A85CAD78F6D4} [2013/01/14 21:04:17 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{A281ED48-D24E-4CC1-8D99-70DDA6BC534F} [2013/01/13 18:37:24 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\{9430A4A8-ABF4-4066-B3A4-4FBD76AE2CE0} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/02/11 10:26:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe [2013/02/11 10:25:09 | 000,000,000 | ---- | M] () -- C:\Users\Michael\defogger_reenable [2013/02/11 10:15:27 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/11 10:15:27 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/11 10:07:34 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/11 10:07:31 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013/02/11 10:07:12 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job [2013/02/11 10:07:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/11 10:06:50 | 2133,217,279 | -HS- | M] () -- C:\hiberfil.sys [2013/02/11 10:02:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/11 09:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/11 09:32:45 | 000,976,584 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2013/02/11 09:32:45 | 000,051,968 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2013/02/11 08:51:27 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/02/10 23:14:46 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2013/02/10 23:07:13 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/02/10 20:07:40 | 000,002,138 | ---- | M] () -- C:\Users\Michael\Desktop\Fabasoft Folio Cloud.lnk [2013/02/02 10:22:28 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/01/29 18:07:05 | 001,681,684 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/01/29 18:07:05 | 000,719,712 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/01/29 18:07:05 | 000,681,554 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/01/29 18:07:05 | 000,154,482 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/01/29 18:07:05 | 000,130,864 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/01/27 12:34:48 | 000,001,002 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk [2013/01/21 22:03:17 | 000,064,416 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys [2013/01/21 22:03:15 | 000,065,008 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/02/11 10:25:09 | 000,000,000 | ---- | C] () -- C:\Users\Michael\defogger_reenable [2013/02/11 08:51:27 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/02/11 08:42:54 | 000,000,496 | ---- | C] () -- C:\Windows\tasks\SpeedyPC Registration3.job [2013/02/10 23:14:46 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2013/01/27 12:34:48 | 000,001,002 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk [2013/01/21 21:54:47 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013/01/18 22:25:52 | 000,002,138 | ---- | C] () -- C:\Users\Michael\Desktop\Fabasoft Folio Cloud.lnk [2012/12/11 14:22:20 | 000,001,199 | ---- | C] () -- C:\Users\Michael\AppData\Local\recently-used.xbel [2012/10/21 17:12:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll [2012/10/21 17:12:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll [2012/10/21 17:12:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll [2012/07/20 14:20:54 | 000,704,512 | ---- | C] () -- C:\Windows\is-NNKFJ.exe [2012/07/06 09:52:36 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll [2012/07/06 09:52:36 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll [2012/07/06 09:52:36 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll [2012/01/21 19:34:42 | 000,002,269 | ---- | C] () -- C:\Users\Michael\.powerupdate.user.properties [2011/11/17 23:55:17 | 004,458,034 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/10/23 06:46:40 | 000,976,584 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2011/09/08 22:47:02 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/08/02 17:35:01 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AHR Software [2012/05/01 19:37:45 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Amazon [2012/04/22 19:12:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Analytic Technologies [2012/12/03 15:09:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\APP_NAME_NON_STRING [2012/04/29 10:23:42 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Babylon [2012/04/22 11:18:49 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Canon [2013/02/11 08:42:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DriverCure [2012/01/21 17:49:42 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Greenshot [2012/10/02 12:11:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\inkscape [2012/10/02 12:48:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX [2012/07/31 13:31:00 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\OpenCandy [2012/12/03 18:05:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PDF Architect [2012/07/20 14:20:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\pdfforge [2013/02/11 08:42:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\SpeedyPC Software [2012/12/28 08:50:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Toshiba [2011/10/15 19:11:03 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\TOSHIBA Online Product Information [2012/07/31 13:31:36 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\TuneUp Software [2012/02/17 13:25:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WinBatch [2012/01/19 22:09:57 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > EXTRAS OTL Extras logfile created on: 2/11/2013 10:28:32 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.51% Memory free 15.96 Gb Paging File | 13.01 Gb Available in Paging File | 81.49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 348.61 Gb Total Space | 272.69 Gb Free Space | 78.22% Space Free | Partition Type: NTFS Drive D: | 349.64 Gb Total Space | 319.80 Gb Free Space | 91.46% Space Free | Partition Type: NTFS Drive M: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Drive P: | 465.65 Gb Total Space | 180.21 Gb Free Space | 38.70% Space Free | Partition Type: FAT32 Drive S: | 465.65 Gb Total Space | 180.21 Gb Free Space | 38.70% Space Free | Partition Type: FAT32 Drive X: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Drive Y: | 1832.31 Gb Total Space | 1648.03 Gb Free Space | 89.94% Space Free | Partition Type: NTFS Computer Name: RUE-NB | User Name: Michael | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07F82A86-D5BE-4C74-ABBB-3E6C9C82B2B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{173CECCC-FDDF-4F5A-AA17-C386E8049BAB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{17FC503D-0D71-4E98-997B-D8DF4C60F0C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1C294717-176C-4F6C-9332-1A83E5E712FF}" = rport=139 | protocol=6 | dir=out | app=system | "{28957D44-A4A1-4818-9158-AC1B2AA5B862}" = rport=445 | protocol=6 | dir=out | app=system | "{2CB27F1D-D37A-47D2-B05C-E6F74D296999}" = lport=137 | protocol=17 | dir=in | app=system | "{35CC1B71-E053-4DFC-AA32-9F4A469D8B3A}" = lport=138 | protocol=17 | dir=in | app=system | "{3640D257-B293-4A84-9007-2A53F8C76046}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4A43C8C4-2115-49EF-B3B2-44154B64F16C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{4C223F37-92A2-4C5E-9C89-7FDFBE2C5663}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4F80E422-ED75-4940-BF89-AE1A24B22BB8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{573D86CB-14D0-46F1-AB28-0A5A2B9B1FBE}" = lport=139 | protocol=6 | dir=in | app=system | "{6233F4B0-66B4-49AC-B8D1-84BE81BD4A77}" = lport=445 | protocol=6 | dir=in | app=system | "{69299BC5-67DD-4A2D-AF9B-15A7B68269DB}" = lport=10243 | protocol=6 | dir=in | app=system | "{6F4A0B58-5447-4573-980F-B9BFBE0893CC}" = rport=10243 | protocol=6 | dir=out | app=system | "{738168DF-200B-478B-961C-C0438BE59DA7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8A989316-B153-4A78-AE01-D9733AE4555C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{913BBF36-3DC7-442A-A89B-5B8AE0E2D0E8}" = rport=138 | protocol=17 | dir=out | app=system | "{AB443B6C-B3EC-4285-AD46-E7553E88539B}" = lport=2869 | protocol=6 | dir=in | app=system | "{AC1A4745-A7FC-4A98-8301-8C64EB658A95}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B17F3024-2167-4E84-BE37-1A26EE1B452D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B2791544-7D9E-4B36-BAD6-7FF4154B9190}" = rport=137 | protocol=17 | dir=out | app=system | "{B49066DC-43D1-499E-A439-BE76B73C6FBB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{C9ABE2CB-91B9-4182-A617-F6143DDA6157}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{EE7C493C-D0BF-4344-B01F-4D9A07BB3678}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F322EB4A-CBF9-4D1B-95D7-4C7D59A1CC08}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02FBE5D5-7B06-4C58-8708-98ECE8CBECE1}" = protocol=6 | dir=out | app=system | "{05D792D9-5A2E-485D-8F53-DA08C3E3B618}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0F4E999A-7EE6-4A66-8EA1-B1878087C022}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{133B49D1-7960-4070-9FD9-EFCCF5F0E8B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{1B5B9BC0-50DD-47AF-A931-CAEC71E19174}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{2905BB4F-FAB1-42F3-94A6-1AEAB82A66CE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{296BABEF-A4A8-4061-BFE2-2169367EF3B5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{29A004A2-E9C8-404D-A2D0-29C1E32C463E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2E02F64F-9907-44DC-9E7A-1DA5445C38B0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{32799E7B-4257-4250-8FB3-DD577B29BD5B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{45A44A51-B296-41D0-98CB-3CF3A956D886}" = dir=in | app=c:\program files\microsoft lync\ucmapi64.exe | "{4BA82A32-1A41-4295-8DF3-DBCB04E3E105}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{4C9DF8AC-330E-4B81-848C-9A3875945F72}" = dir=in | app=c:\program files (x86)\microsoft lync\communicator.exe | "{4E3DF5CE-616E-45D1-BD18-90A48FB2F05E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{56ADBFAF-18C3-4FC5-BCC8-73A2907C87E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6DBEFD12-8073-4DB0-B81E-D16567F378C3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{76D029C7-B9DA-45B1-BD87-A881352EEB91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7B680332-7D29-4907-8EAE-85723C2D4F41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8AFC65CC-9E4B-4DD4-A0D4-31A277705464}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8E7EE989-F623-479F-8F18-BAF66E2FC3D9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{924A25BE-E2D8-4BE1-A88F-654D6F290867}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9F234057-21C4-4CEF-BCEE-E1BC586E1C64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A0EC4D5F-0A08-4D40-8442-DFFAF4594DD8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A1A92121-CB95-4A5B-8F05-C947D4E1F9F4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{A2E6CEA9-C2FB-4593-A891-C0FEF0C7318C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{A5DBE9B3-1E91-41A1-9F08-8B3A03C25F65}" = dir=in | app=c:\program files (x86)\microsoft lync\ucmapi.exe | "{A645C650-DD35-4D85-9EE3-29AC4C5D1017}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B00111F0-14B4-4AEA-A3EA-D1224B060BF7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{BAED5414-BF68-44BF-B799-EC85353DA3B3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{C6AB2422-BDD1-4FB9-8B5C-77ACBB7E1F24}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D21007FA-A12F-4FB2-AC9B-9C774E03B431}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D64C6FB4-D6CD-4BE9-A435-21632714D6C6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{DA9A688D-0876-4910-8812-C12D72F2B727}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{DCD4603C-E8B8-4C52-BB99-F68391FE916E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{DF42E7EF-65D0-438E-92FB-CB1C66D9C272}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E783EE53-FD5B-424D-A7B2-873115AB26A9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{F6A59F01-147D-4B4E-9389-463FEEECB1FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FE03331C-8F0D-4000-8FCD-7FF073F18090}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "TCP Query User{DA408810-FD76-48B8-BC6B-198168E09FEC}C:\program files (x86)\freecom network storage assistant\fnsa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freecom network storage assistant\fnsa.exe | "UDP Query User{EC0A384F-8133-4B71-BC9E-10E7DB125F16}C:\program files (x86)\freecom network storage assistant\fnsa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freecom network storage assistant\fnsa.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00120495-F25C-4F44-9DC7-2D812D025DBA}" = pdfforge Images2PDF 0.9.2.546 "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{0F5176B2-9AEF-490B-AEE6-C9B9367A733A}" = TOSHIBA dynadock "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime "{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer "{29F41953-2103-4EF2-8328-AD0EA7480D80}" = Business Contact Manager for Microsoft Outlook 2010 "{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{58A013B1-1613-4978-881A-FCA43710C84A}" = Microsoft Lync 2010 "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{65486209-5C54-439C-8383-8AC9BBE25932}" = Atheros Bluetooth Filter Driver Package "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{66D49E58-C219-48AB-9EF8-D38B5B0303FD}" = dynadock Utility_II "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7AAB51FE-5167-11DE-82D8-B27D56D89593}" = Microsoft® Office Language Pack 2010 – Deutsch (Business Contact Manager für Microsoft Outlook 2010) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89019C7F-1F8C-4F95-90AD-45E5B5D783A3}" = DisplayLink Core Software "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUSR_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010 "{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{94E73F8B-D22E-4241-8E85-542CE45965C6}" = DisplayLink Graphics "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.57 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.57 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.57 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0B1EF66-24AF-42B6-A05D-6C8D0B52CD90}" = SaveByClick "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "Business Contact Manager" = Business Contact Manager für Microsoft Outlook 2010 "CNXT_AUDIO_HDA" = Conexant HD Audio "IHMC CmapTools v5.04.02" = IHMC CmapTools v5.04.02 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 2.0.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM) "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM) "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1B4DB8FF-9112-4B51-9629-0E4EE3F73646}" = MAGIX Web Designer 7 "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}" = Nero Kwik Media "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2063D199-D79F-471A-9019-9E647296394D}" = Nero Multimedia Suite 10 Essentials "{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 39 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005 "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM) "{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{44EDD50C-8366-4F9E-AF69-4AEA96C63604}" = NodeXL Excel Template "{461F6F0D-7173-4902-9604-AB1A29108AF2}" = TOSHIBA Places Icon Utility "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files "{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM) "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services "{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro "{620DA0EB-574D-45B5-B3E9-B85AECA41D59}" = AX88772A & AX88772 Windows 7 Drivers "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver "{64FB093C-05F6-4E35-81AE-18871BFDFD6B}" = MAGIX Web Designer 7 Update "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM) "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10 "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application "{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{742D41A9-B3BF-3A65-806E-F8372FB3E492}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{8019BE7F-EF83-4637-8DBF-26669B042662}" = Fabasoft Folio Cloud Plug-in "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{877B3198-1C6B-4A9A-8D28-BE4F6040987F}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A6D9D7A-D8CD-444E-869D-D08AB3A1222E}" = AHR Sudoku 4.1 "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime "{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals "{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C670480D-10CE-4E2E-929E-EE453EDE6BE2}" = G Data InternetSecurity 2011 "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}" = TOSHIBA Wireless LAN Indicator "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}" = TOSHIBA ConfigFree "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F082CB11-4794-4259-99A1-D91BA762AD15}" = TOSHIBA TEMPRO "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared "{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10 "{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic "{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM) "{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10 "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind "BabylonToolbar" = Babylon toolbar on IE "Canon MP640 series Benutzerregistrierung" = Canon MP640 series Benutzerregistrierung "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "FormatFactory" = FormatFactory 2.95 "Freecom Network Storage Assistant_is1" = Freecom Network Storage Assistant 1.65 "Google Chrome" = Google Chrome "Greenshot_is1" = Greenshot "Inkscape" = Inkscape 0.48.3.1 "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime "InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}" = TOSHIBA Bulletin Board "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{620DA0EB-574D-45B5-B3E9-B85AECA41D59}" = AX88772A & AX88772 Windows 7 Drivers "InstallShield_{66D49E58-C219-48AB-9EF8-D38B5B0303FD}" = dynadock Utility_II "InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder "InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup "InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password "InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher "InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "MAGIX_MSI_Web_Designer_7" = MAGIX Web Designer 7 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "MediaNavigation.CDLabelPrint" = CD-LabelPrint "Microsoft SQL Server 10" = Microsoft SQL Server 2008 "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "QNAP_FINDER" = QNAP Finder "SP_661c9f97" = "uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar "Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime "WinLiveSuite" = Windows Live Essentials "XSBoxGO 1.0.0.0" = XSBoxGO 1.0.0.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "A2A7126BA7857147B5479C468004F2803713BF1A" = Smrf.NodeXL.ExcelTemplate ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12/20/2012 6:48:40 PM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 4010 Error - 12/21/2012 3:34:06 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 12/21/2012 3:34:06 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 998 Error - 12/21/2012 3:34:06 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 998 Error - 12/21/2012 3:34:07 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 12/21/2012 3:34:07 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 1997 Error - 12/21/2012 3:34:07 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 1997 Error - 12/21/2012 3:34:08 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 12/21/2012 3:34:08 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2995 Error - 12/21/2012 3:34:08 AM | Computer Name = rue-nb | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2995 Error - 12/27/2012 4:09:31 AM | Computer Name = rue-nb | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 11/16/2012 2:04:58 AM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 07:04:57 - Fehler beim Herstellen der Internetverbindung. 07:04:57 - Serververbindung konnte nicht hergestellt werden.. Error - 11/16/2012 2:05:07 AM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 07:05:03 - Fehler beim Herstellen der Internetverbindung. 07:05:03 - Serververbindung konnte nicht hergestellt werden.. Error - 11/18/2012 5:47:00 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 22:47:00 - Fehler beim Herstellen der Internetverbindung. 22:47:00 - Serververbindung konnte nicht hergestellt werden.. Error - 11/18/2012 5:47:09 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 22:47:05 - Fehler beim Herstellen der Internetverbindung. 22:47:05 - Serververbindung konnte nicht hergestellt werden.. Error - 11/19/2012 2:33:17 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 19:33:17 - Fehler beim Herstellen der Internetverbindung. 19:33:17 - Serververbindung konnte nicht hergestellt werden.. Error - 11/19/2012 2:33:26 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 19:33:22 - Fehler beim Herstellen der Internetverbindung. 19:33:22 - Serververbindung konnte nicht hergestellt werden.. Error - 12/3/2012 5:28:14 AM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 10:28:13 - Fehler beim Herstellen der Internetverbindung. 10:28:14 - Serververbindung konnte nicht hergestellt werden.. Error - 12/3/2012 5:28:45 AM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 10:28:39 - Fehler beim Herstellen der Internetverbindung. 10:28:39 - Serververbindung konnte nicht hergestellt werden.. Error - 12/16/2012 2:30:38 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 19:30:38 - Fehler beim Herstellen der Internetverbindung. 19:30:38 - Serververbindung konnte nicht hergestellt werden.. Error - 12/16/2012 2:31:09 PM | Computer Name = rue-nb | Source = MCUpdate | ID = 0 Description = 19:31:03 - Fehler beim Herstellen der Internetverbindung. 19:31:03 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 11/15/2012 3:26:11 AM | Computer Name = rue-nb | Source = DCOM | ID = 10010 Description = Error - 11/15/2012 3:41:17 AM | Computer Name = rue-nb | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdxCATSCustConnectService erreicht. Error - 11/15/2012 3:41:17 AM | Computer Name = rue-nb | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdxCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 11/15/2012 3:54:10 AM | Computer Name = rue-nb | Source = AX88772 | ID = 17 Description = Error - 11/19/2012 4:12:00 PM | Computer Name = rue-nb | Source = AX88772 | ID = 17 Description = Error - 11/20/2012 8:48:53 AM | Computer Name = rue-nb | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error - 11/20/2012 8:48:53 AM | Computer Name = rue-nb | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error - 11/20/2012 8:48:54 AM | Computer Name = rue-nb | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error - 11/20/2012 8:48:56 AM | Computer Name = rue-nb | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. Error - 11/20/2012 8:48:57 AM | Computer Name = rue-nb | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden. < End of report > |
| Themen zu Unerwünschte Verlinkung im Internet-Browser (=> i.trkjmp.com) - scheint |
| 7-zip, antivirus, autorun, babylontoolbar, bho, blockiert, bonjour, canon, converter, crossdomain.xm, enigma, error, fehler, firefox, flash player, home, homepage, hängen, i.trkjmp.com, install.exe, installation, internet, internet security 2013, plug-in, problem, realtek, rechner blockiert, registry, savebyclick, scan, security, software, starten, svchost.exe, sweetpacks, unterstrichen, verlinkung, visual studio, windows |
Baum-Darstellung