Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.03.2012, 10:13   #1
niggolai
 
System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun? - Standard

System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?



Hi,

alle Dateien sind nicht mehr zu finden (Ordner leer) und der Bildschirm schwarz. Ständig kommt dieser "System Check" ... es wird gesagt, dass die Festplatte beschädigt ist, dann will Windows 7 ständig irgendwelche Updates von Java Programmen machen usw...

ganz klar ein Virus^^

Bisher getan:

- Malwarebytes Scan gemacht und gefährliches entfernen lassen.
Logs unten.

- OTL Logs unten

Hier die Logs, was soll ich tun? VIELEN DANK!!!

***OTL***OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.03.2012 11:00:16 - Run 1
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Users\Nicolai\Desktop
64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,73 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 30,68% Memory free
7,47 Gb Paging File | 4,75 Gb Available in Paging File | 63,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 289,60 Gb Total Space | 165,89 Gb Free Space | 57,28% Space Free | Partition Type: NTFS
Drive D: | 22,42 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: NICOLAI-TOSHIBA | User Name: Nicolai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nicolai\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\6zQziVnZjf5Stv.exe ()
PRC - C:\ProgramData\ldmtqETJLYi.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mcomm.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\PROGRA~2\MICROS~4\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Users\Nicolai\AppData\Roaming\vmndtxtb\vmn3_1dn.exe (Visicom Media Inc.)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe (TOSHIBA Corporation)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\ProgramData\6zQziVnZjf5Stv.exe ()
MOD - C:\ProgramData\ldmtqETJLYi.exe ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (Thpsrv) -- C:\Windows\SysNative\ThpSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATService) -- C:\Programme\Fingerprint Sensor\ATService.exe (AuthenTec, Inc.)
SRV - (TPCHSrv) -- C:\Programme\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TMachInfo) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (TOSHIBA eco Utility Service) -- C:\Programme\Toshiba\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ.SYS (TOSHIBA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (BrSerIb) Brother MFC Serial Interface Driver(WDM) -- C:\Windows\SysNative\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (Dot4Scan) -- C:\Windows\SysNative\drivers\Dot4Scan.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (Thpevm) -- C:\Windows\SysNative\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV:64bit: - (Thpdrv) -- C:\Windows\SysNative\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV:64bit: - (PGEffect) -- C:\Windows\SysNative\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (BrUsbSIb) Brother MFC Serial USB Driver(WDM) -- C:\Windows\SysNative\drivers\BrUsbSIb.sys (Brother Industries Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://search.yahoo.com/search?fr=vmn&type=vmn3_1yach&q={searchTerms}&ei=UTF-8
IE - HKCU\..\SearchScopes\{614359F1-AA31-45FA-AD8B-F72205AB429D}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{B2221504-B287-4B55-9B9F-294BD78AE91D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{DD0C648D-CD53-4982-892C-F37DF1E47E3C}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1CA7765-44E4-452e-9D00-A04F3D434281}: 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1CA7765-44E4-452e-9D00-A04F3D434281}: C:\Program Files\TOSHIBA\TFPU\FirefoxAddin [2010.05.21 10:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.03 14:35:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.17 22:31:06 | 000,000,000 | ---D | M]
 
[2010.11.18 15:07:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Extensions
[2010.11.18 15:07:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2012.03.11 14:28:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions
[2010.08.16 16:10:33 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.09 19:20:11 | 000,000,000 | -H-D | M] (Delicious Bookmarks) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2012.03.11 14:28:59 | 000,000,000 | -H-D | M] (SeoQuake) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010.08.16 16:10:34 | 000,000,000 | -H-D | M] (TradeManager-Plugin) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{4D144BC3-23FB-47de-90C5-63CCB0139CCF}
[2010.08.20 14:45:38 | 000,000,000 | -H-D | M] (VMN Toolbar) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{98f782cf-9b6b-41ca-909b-b4fdc0bbc23a}
[2010.08.16 16:10:34 | 000,000,000 | -H-D | M] (OnlyWire) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{e26ba8db-a646-a44e-997c-2fafeadb50f2}
[2011.12.21 09:20:42 | 000,000,000 | -H-D | M] (Page Speed) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2010.08.16 16:10:33 | 000,000,000 | -H-D | M] (KPSA-Home (Priess)) -- C:\Users\Nicolai\AppData\Roaming\mozilla\Firefox\Profiles\82t1st6e.Nicolai\extensions\KPSA-home-Priess@EasternGraphics.com
[2011.11.17 22:31:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.08.15 17:36:03 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.11.17 22:31:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.06.03 14:35:15 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.03 14:35:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.03 14:35:17 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.06.03 14:35:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.03 14:35:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.02.15 21:49:16 | 000,000,940 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\vmndtxtb.xml
[2011.06.03 14:35:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.06.03 14:35:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.02.10 11:15:33 | 000,000,856 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.178.49 neu.linkbird.de
O2 - BHO: (TFPUPWDBankBHO Class) - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Programme\Toshiba\TFPU\x86\TFPUPWDBankBHO.dll (TODO: <Company name>)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Updater For VMN Toolbar) - {d5b8015d-68af-4b2c-9412-e349d82ab4a2} - C:\Program Files (x86)\vmndtxtb\auxi\vmndtxAu.dll (Visicom Media)
O2 - BHO: (VMN Toolbar) - {f379a94e-3c5d-4bad-b32c-0e3af1cc3617} - C:\Program Files (x86)\vmndtxtb\vmndtxDx.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (VMN Toolbar) - {f379a94e-3c5d-4bad-b32c-0e3af1cc3617} - C:\Program Files (x86)\vmndtxtb\vmndtxDx.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TFPUPWDBankService] C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe (TOSHIBA)
O4:64bit: - HKLM..\Run: [TFPUService] C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe (TOSHIBA)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\Toshiba\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\Toshiba\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Network Error Advisor] "C:\Program Files (x86)\vmndtxtb\EXERunner.exe" \..\LocalLow\vmndtxtb\vmn3_1dn File not found
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [TNRotate] C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TOSDCR] C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe ()
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [ldmtqETJLYi.exe] C:\ProgramData\ldmtqETJLYi.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Nicolai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Nicolai\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{400D9E6F-80E3-49BF-835C-437EF5B0459E}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC1F64F3-CC74-4F7E-951C-AE2607EB00BC}: DhcpNameServer = 192.168.10.1 194.95.202.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5E25AE-E21E-4A38-89CB-46A0C8C8E808}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5E25AE-E21E-4A38-89CB-46A0C8C8E808}: NameServer = 208.67.222.222,208.67.220.220
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\windows\SysWow64\acaptuser32.dll (Adobe Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Nicolai\AppData\Local\4a6cab7b\X) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.19 10:58:32 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Nicolai\Desktop\OTL.exe
[2012.03.19 10:48:04 | 000,000,000 | -H-D | C] -- C:\Users\Nicolai\AppData\Roaming\Malwarebytes
[2012.03.19 10:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.19 10:47:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2012.03.19 10:47:50 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.03.19 10:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.19 10:46:13 | 009,502,424 | -H-- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Nicolai\Desktop\mbam-setup-1.60.1.1000.exe
[2012.03.19 10:21:00 | 000,000,000 | -H-D | C] -- C:\Users\Nicolai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012.03.15 13:21:41 | 000,000,000 | -H-D | C] -- C:\Users\Nicolai\Desktop\bannerideen neu
[2012.03.15 09:47:15 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012.03.15 09:47:12 | 003,957,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012.03.15 09:47:11 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012.03.14 17:49:54 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012.03.14 17:49:53 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2012.03.14 17:49:53 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2012.03.14 17:49:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2012.03.14 17:49:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2012.03.14 13:41:30 | 000,000,000 | -HSD | C] -- C:\Users\Nicolai\AppData\Local\4a6cab7b
[2012.03.14 10:00:07 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012.03.14 10:00:07 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012.03.14 10:00:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012.03.14 10:00:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012.03.14 10:00:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012.03.10 10:43:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012.03.10 10:43:07 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012.03.10 10:43:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012.03.10 10:43:07 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012.03.10 10:43:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012.03.10 10:43:07 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012.03.10 10:43:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012.03.10 10:43:07 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012.03.10 10:43:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012.03.10 10:43:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012.03.10 10:43:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012.03.10 10:43:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012.03.10 10:43:05 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012.03.10 10:43:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012.03.10 10:43:05 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012.03.10 10:43:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012.03.10 10:43:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012.03.10 10:43:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012.03.10 10:43:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012.03.10 10:43:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012.03.10 10:43:05 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012.03.10 10:43:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012.03.10 10:43:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012.03.10 10:43:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012.03.10 10:43:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012.03.10 10:43:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012.03.10 10:43:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012.03.10 10:43:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012.03.10 10:43:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012.03.10 10:43:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012.03.10 10:43:05 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012.03.10 10:43:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012.03.10 10:43:05 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012.03.10 10:43:05 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012.03.10 10:43:05 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012.03.10 10:43:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012.03.10 10:43:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012.03.10 10:43:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012.03.10 10:43:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012.03.10 10:43:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012.03.10 10:43:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012.03.10 10:43:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012.03.10 10:43:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012.03.10 10:43:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012.03.10 10:43:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012.03.10 10:43:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012.03.10 10:43:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012.03.10 10:43:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012.03.10 10:43:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012.03.10 10:43:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012.03.10 10:43:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012.03.10 10:43:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012.03.10 10:43:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012.03.10 10:43:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012.03.10 10:43:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012.03.10 10:43:04 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012.03.10 10:43:04 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012.03.10 10:43:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012.03.10 10:43:04 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012.03.10 10:43:04 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012.03.10 10:43:04 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012.03.10 10:43:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012.03.10 10:43:04 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012.03.10 10:43:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012.03.10 10:43:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012.03.10 10:43:04 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012.03.10 10:43:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012.03.10 10:43:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012.03.10 10:43:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012.03.10 10:43:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012.03.10 10:43:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012.03.10 10:43:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012.02.19 16:52:11 | 000,000,000 | -H-D | C] -- C:\Users\Nicolai\Desktop\desktop
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.19 10:58:35 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Nicolai\Desktop\OTL.exe
[2012.03.19 10:47:53 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.19 10:47:15 | 009,502,424 | -H-- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Nicolai\Desktop\mbam-setup-1.60.1.1000.exe
[2012.03.19 10:46:42 | 000,017,504 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.19 10:46:40 | 000,017,504 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.19 10:39:41 | 000,000,448 | -H-- | M] () -- C:\ProgramData\6zQziVnZjf5Stv
[2012.03.19 10:38:35 | 000,000,264 | -H-- | M] () -- C:\ProgramData\~6zQziVnZjf5Stv
[2012.03.19 10:38:34 | 000,000,176 | -H-- | M] () -- C:\ProgramData\~6zQziVnZjf5Stvr
[2012.03.19 10:38:29 | 000,000,664 | -H-- | M] () -- C:\Users\Nicolai\Desktop\System Check.lnk
[2012.03.19 10:36:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.03.19 10:35:43 | 3007,647,744 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.19 10:29:42 | 001,507,342 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.03.19 10:29:42 | 000,657,910 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.03.19 10:29:42 | 000,619,146 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.03.19 10:29:42 | 000,131,250 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.03.19 10:29:42 | 000,107,466 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.03.19 10:20:30 | 000,352,256 | -H-- | M] () -- C:\ProgramData\6zQziVnZjf5Stv.exe
[2012.03.19 10:11:10 | 000,450,560 | -H-- | M] () -- C:\ProgramData\ldmtqETJLYi.exe
[2012.03.17 20:27:33 | 000,557,104 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012.03.15 13:13:37 | 000,136,449 | -H-- | M] () -- C:\Users\Nicolai\Desktop\software.png
[2012.03.15 11:04:16 | 000,002,134 | -H-- | M] () -- C:\Users\Nicolai\Desktop\XING-Versicherungen.ch.csv
[2012.03.14 13:17:21 | 001,521,022 | -H-- | M] () -- C:\Users\Nicolai\Desktop\pricing.psd
[2012.03.13 16:13:22 | 000,002,350 | -H-- | M] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_03_13 16_13.rtf
[2012.03.12 17:25:42 | 000,010,325 | -H-- | M] () -- C:\Users\Nicolai\Desktop\XING-08.03.bb.csv
[2012.03.12 17:13:39 | 000,048,896 | -H-- | M] () -- C:\Users\Nicolai\Desktop\ibusinessbanner.jpg
[2012.03.12 12:49:02 | 000,397,898 | -H-- | M] () -- C:\Users\Nicolai\Desktop\banner.psd
[2012.03.12 12:45:38 | 000,064,514 | -H-- | M] () -- C:\Users\Nicolai\Desktop\linkbird_bird_login.png
[2012.03.10 10:43:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2012.03.10 10:43:07 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012.03.10 10:43:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012.03.10 10:43:07 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2012.03.10 10:43:07 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll
[2012.03.10 10:43:07 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2012.03.10 10:43:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2012.03.10 10:43:07 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2012.03.10 10:43:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2012.03.10 10:43:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2012.03.10 10:43:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2012.03.10 10:43:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2012.03.10 10:43:05 | 002,308,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012.03.10 10:43:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012.03.10 10:43:05 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012.03.10 10:43:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2012.03.10 10:43:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2012.03.10 10:43:05 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll
[2012.03.10 10:43:05 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012.03.10 10:43:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012.03.10 10:43:05 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll
[2012.03.10 10:43:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2012.03.10 10:43:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2012.03.10 10:43:05 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012.03.10 10:43:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll
[2012.03.10 10:43:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll
[2012.03.10 10:43:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll
[2012.03.10 10:43:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2012.03.10 10:43:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2012.03.10 10:43:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2012.03.10 10:43:05 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2012.03.10 10:43:05 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012.03.10 10:43:05 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2012.03.10 10:43:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2012.03.10 10:43:05 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll
[2012.03.10 10:43:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2012.03.10 10:43:05 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll
[2012.03.10 10:43:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2012.03.10 10:43:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2012.03.10 10:43:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2012.03.10 10:43:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2012.03.10 10:43:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe
[2012.03.10 10:43:05 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2012.03.10 10:43:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012.03.10 10:43:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2012.03.10 10:43:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2012.03.10 10:43:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2012.03.10 10:43:05 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2012.03.10 10:43:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2012.03.10 10:43:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2012.03.10 10:43:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2012.03.10 10:43:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2012.03.10 10:43:05 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2012.03.10 10:43:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2012.03.10 10:43:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2012.03.10 10:43:04 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012.03.10 10:43:04 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012.03.10 10:43:04 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012.03.10 10:43:04 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2012.03.10 10:43:04 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2012.03.10 10:43:04 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2012.03.10 10:43:04 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2012.03.10 10:43:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012.03.10 10:43:04 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2012.03.10 10:43:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2012.03.10 10:43:04 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2012.03.10 10:43:04 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012.03.10 10:43:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2012.03.10 10:43:04 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2012.03.10 10:43:04 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2012.03.10 10:43:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2012.03.10 10:43:04 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2012.03.10 10:43:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2012.03.10 10:43:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2012.03.06 16:15:51 | 000,003,575 | -H-- | M] () -- C:\Users\Nicolai\Documents\ChatLog linkbird 3_0 Webinar 2012_03_06 16_15.rtf
[2012.03.05 11:16:56 | 008,294,400 | -H-- | M] () -- C:\Users\Nicolai\Desktop\test.camrec
[2012.03.05 11:16:15 | 000,031,744 | -H-- | M] () -- C:\Users\Nicolai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.02 16:32:55 | 000,002,753 | -H-- | M] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_03_02 16_32.rtf
[2012.02.29 16:54:45 | 208,945,327 | -H-- | M] () -- C:\Users\Nicolai\Documents\2012-02-29 15.35 linkbird 3.0 Sneak Preview Online Webinar (max 100 Teilnehmer).wmv
[2012.02.29 16:54:31 | 000,000,582 | -H-- | M] () -- C:\Users\Nicolai\Documents\ChatLog linkbird 3_0 Sneak Preview Online Webinar _max 100 Teilnehmer_ 2012_02_29 16_54.rtf
[2012.02.29 12:09:02 | 000,002,218 | -H-- | M] () -- C:\Users\Nicolai\Desktop\GoToWebinar.lnk
[2012.02.29 12:08:54 | 000,060,304 | -H-- | M] () -- C:\Users\Nicolai\g2mdlhlpx.exe
[2012.02.28 15:45:29 | 000,000,687 | -H-- | M] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_02_28 15_45.rtf
[2012.02.22 20:04:36 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.19 10:47:53 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.19 10:38:29 | 000,000,664 | -H-- | C] () -- C:\Users\Nicolai\Desktop\System Check.lnk
[2012.03.19 10:21:03 | 000,000,176 | -H-- | C] () -- C:\ProgramData\~6zQziVnZjf5Stvr
[2012.03.19 10:21:02 | 000,000,264 | -H-- | C] () -- C:\ProgramData\~6zQziVnZjf5Stv
[2012.03.19 10:20:44 | 000,000,448 | -H-- | C] () -- C:\ProgramData\6zQziVnZjf5Stv
[2012.03.19 10:20:30 | 000,352,256 | -H-- | C] () -- C:\ProgramData\6zQziVnZjf5Stv.exe
[2012.03.19 10:14:11 | 000,450,560 | -H-- | C] () -- C:\ProgramData\ldmtqETJLYi.exe
[2012.03.15 13:13:36 | 000,136,449 | -H-- | C] () -- C:\Users\Nicolai\Desktop\software.png
[2012.03.15 11:04:08 | 000,002,134 | -H-- | C] () -- C:\Users\Nicolai\Desktop\XING-Versicherungen.ch.csv
[2012.03.14 13:17:19 | 001,521,022 | -H-- | C] () -- C:\Users\Nicolai\Desktop\pricing.psd
[2012.03.13 16:13:22 | 000,002,350 | -H-- | C] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_03_13 16_13.rtf
[2012.03.12 17:25:35 | 000,010,325 | -H-- | C] () -- C:\Users\Nicolai\Desktop\XING-08.03.bb.csv
[2012.03.12 17:13:37 | 000,048,896 | -H-- | C] () -- C:\Users\Nicolai\Desktop\ibusinessbanner.jpg
[2012.03.12 12:49:01 | 000,397,898 | -H-- | C] () -- C:\Users\Nicolai\Desktop\banner.psd
[2012.03.12 12:45:36 | 000,064,514 | -H-- | C] () -- C:\Users\Nicolai\Desktop\linkbird_bird_login.png
[2012.03.10 10:43:05 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2012.03.10 10:43:04 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012.03.06 16:15:51 | 000,003,575 | -H-- | C] () -- C:\Users\Nicolai\Documents\ChatLog linkbird 3_0 Webinar 2012_03_06 16_15.rtf
[2012.03.05 11:16:54 | 008,294,400 | -H-- | C] () -- C:\Users\Nicolai\Desktop\test.camrec
[2012.03.02 16:32:55 | 000,002,753 | -H-- | C] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_03_02 16_32.rtf
[2012.02.29 16:54:31 | 000,000,582 | -H-- | C] () -- C:\Users\Nicolai\Documents\ChatLog linkbird 3_0 Sneak Preview Online Webinar _max 100 Teilnehmer_ 2012_02_29 16_54.rtf
[2012.02.29 15:35:39 | 208,945,327 | -H-- | C] () -- C:\Users\Nicolai\Documents\2012-02-29 15.35 linkbird 3.0 Sneak Preview Online Webinar (max 100 Teilnehmer).wmv
[2012.02.29 12:09:02 | 000,002,218 | -H-- | C] () -- C:\Users\Nicolai\Desktop\GoToWebinar.lnk
[2012.02.28 15:45:29 | 000,000,687 | -H-- | C] () -- C:\Users\Nicolai\Documents\ChatLog New Meeting 2012_02_28 15_45.rtf
[2012.02.22 20:04:36 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2012.02.07 14:00:58 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2012.02.07 14:00:17 | 000,316,928 | ---- | C] () -- C:\windows\SysWow64\hpcc3118.dll
[2011.11.03 12:02:30 | 000,069,228 | -H-- | C] () -- C:\Users\Nicolai\AppData\Roaming\Photo.jpg
[2011.07.21 13:32:07 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\BrMuSNMP.dll
[2011.07.21 13:32:07 | 000,000,066 | -H-- | C] () -- C:\windows\Brfaxrx.ini
[2011.07.21 13:32:07 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2011.02.04 00:12:51 | 000,000,432 | -H-- | C] () -- C:\windows\BRWMARK.INI
[2011.02.04 00:12:51 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD7440N.DAT
[2011.02.04 00:11:05 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\BRTCPCON.DLL
[2011.02.04 00:11:03 | 000,000,114 | ---- | C] () -- C:\windows\SysWow64\BRLMW03A.INI
[2011.02.04 00:06:11 | 000,031,864 | ---- | C] () -- C:\windows\maxlink.ini
[2010.11.01 17:24:45 | 000,031,744 | -H-- | C] () -- C:\Users\Nicolai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.01 17:23:31 | 000,010,752 | ---- | C] () -- C:\windows\SysWow64\BASSMOD.dll
[2010.08.24 14:18:30 | 001,500,444 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010.08.20 14:45:32 | 000,011,776 | -H-- | C] () -- C:\Users\Nicolai\AppData\Roaming\Settings.cfg
[2010.08.15 17:37:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.21 10:27:38 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI

< End of report >
         
--- --- ---

***OTL EXTRAS***OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.03.2012 11:00:16 - Run 1
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Users\Nicolai\Desktop
64bit- Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,73 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 30,68% Memory free
7,47 Gb Paging File | 4,75 Gb Available in Paging File | 63,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 289,60 Gb Total Space | 165,89 Gb Free Space | 57,28% Space Free | Partition Type: NTFS
Drive D: | 22,42 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: NICOLAI-TOSHIBA | User Name: Nicolai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3E38B0F4-1B86-421E-9B2A-9EA617DF6ABB}" = AuthenTec Fingerprint Software
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A7760E07-4C23-4766-A99E-F715F298E99C}" = TFPU
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC741628-0AFC-405C-8946-DD46D1005A0A}" = 64 Bit HP CIO Components Installer
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"pdfFactory" = pdfFactory
"PROSet" = Intel(R) Network Connections Drivers
"TFPU{A7760E07-4C23-4766-A99E-F715F298E99C}" = TOSHIBA Fingerprint Utility
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}" = RICOH R5U230 Media Driver ver.2.07.03.02
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{14555947-6F14-421F-8F61-6489E0FDFAE5}" = Toshiba TEMPRO
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1C84AB70-7851-D03E-14B0-2CE969DD6CBA}" = Photo Service - powered by myphotobook
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1" = RescueTime 2.4.0
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 29
"{2E54DAC2-BDF7-49EC-87AF-B38E3B096BC6}" = TOSHIBA 180 Degrees Rotation Utility
"{3031A053-DC97-4D03-9179-BF6F98F63FA2}" = Wunderlist
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{455C9E77-ACAB-488F-8760-8639CF96922F}" = Bookmarkwiz
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite MFC-7440N
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_STANDARD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5049F43-18B8-4984-9B98-FE701B0D2526}" = Camtasia Studio 5
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C720FA29-E544-4D07-8A25-E83D2311B0DF}" = Mindjet MindManager Viewer 7
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6893BD0-F742-4259-9119-278250E52A42}" = Google AdWords Editor
"{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox!
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AceFTP 3 Pro" = AceFTP 3 Pro
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnalogX LinkExaminer" = AnalogX LinkExaminer
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Everest Poker" = Everest Poker (Remove Only)
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{2E54DAC2-BDF7-49EC-87AF-B38E3B096BC6}" = TOSHIBA 180 Degrees Rotation Utility
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"RocketDock_is1" = RocketDock 1.3.5
"STANDARD" = Microsoft Office Standard 2007
"TrueCrypt" = TrueCrypt
"VLC media player" = VLC media player 1.1.11
"vmndtxtb" = VMN Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xenu's Link Sleuth" = Xenu's Link Sleuth
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.1.0.880
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.08.2011 04:18:39 | Computer Name = Nicolai-Toshiba | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4087
 
Error - 25.08.2011 04:18:39 | Computer Name = Nicolai-Toshiba | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4087
 
Error - 25.08.2011 04:36:35 | Computer Name = Nicolai-Toshiba | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.08.2011 04:36:35 | Computer Name = Nicolai-Toshiba | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1080026
 
Error - 25.08.2011 04:36:35 | Computer Name = Nicolai-Toshiba | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1080026
 
Error - 25.08.2011 08:22:19 | Computer Name = Nicolai-Toshiba | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 25.08.2011 08:22:50 | Computer Name = Nicolai-Toshiba | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 25.08.2011 11:54:17 | Computer Name = Nicolai-Toshiba | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2011/08/25 17:54:17.869]: [00005444]: GetDeviceList Failed!
 pStiInfo = 0x0..  
 
Error - 25.08.2011 11:54:17 | Computer Name = Nicolai-Toshiba | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2011/08/25 17:54:17.871]: [00005444]: ##### Fatal ERROR!!
 Create STI-device failed! #####  
 
Error - 25.08.2011 11:54:17 | Computer Name = Nicolai-Toshiba | Source = Brother BrLog | ID = 1001
Description = TWN BrtTWN: [2011/08/25 17:54:17.872]: [00005444]: Initialize TwdsMain
 Class failed!  
 
[ OSession Events ]
Error - 17.11.2010 07:36:55 | Computer Name = Nicolai-Toshiba | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1134
 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error - 14.05.2011 10:26:11 | Computer Name = Nicolai-Toshiba | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21829
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 27.09.2011 06:27:02 | Computer Name = Nicolai-Toshiba | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 943
 seconds with 420 seconds of active time.  This session ended with a crash.
 
Error - 28.10.2011 08:02:01 | Computer Name = Nicolai-Toshiba | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 366
 seconds with 300 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 17.03.2012 15:27:38 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 17.03.2012 15:31:20 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 19.03.2012 05:18:39 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 19.03.2012 05:18:39 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.03.2012 05:18:40 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.03.2012 05:24:50 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 19.03.2012 05:36:03 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 19.03.2012 05:36:03 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.03.2012 05:36:03 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.03.2012 05:42:37 | Computer Name = Nicolai-Toshiba | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
 
< End of report >
         
--- --- ---

Geändert von niggolai (19.03.2012 um 10:19 Uhr)

Alt 20.03.2012, 16:01   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun? - Standard

System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?



Die Logs von Malwarebytes hast du nicht gepostet...
__________________

__________________

Antwort

Themen zu System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?
antivir, autorun, avira, bho, bildschirm, bonjour, entfernen, error, fatal error, festplatte, firefox, format, helper, hängen, index, install.exe, logfile, mbamservice.exe, microsoft office word, mozilla, office 2007, performance, realtek, registry, richtlinie, scan, searchscopes, software, system, tubebox, updates, usb, version=1.0, virus, windows



Ähnliche Themen: System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?


  1. System Check Virus
    Log-Analyse und Auswertung - 06.04.2012 (27)
  2. 'System Check' Virus, die nächsten Schritte?
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (29)
  3. System Check Virus - Verknüpfungen weg!
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (26)
  4. System Check - Virus
    Plagegeister aller Art und deren Bekämpfung - 03.04.2012 (37)
  5. System Check Virus --> komme nicht weiter!
    Log-Analyse und Auswertung - 30.03.2012 (7)
  6. System Check Virus vollständig entfernt?
    Log-Analyse und Auswertung - 30.03.2012 (4)
  7. Auch bei mir System-Check Virus
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (14)
  8. System check Virus
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (1)
  9. System Check Virus, habe ich ihn wirklich entfernt?
    Log-Analyse und Auswertung - 21.03.2012 (1)
  10. System Check Virus
    Log-Analyse und Auswertung - 20.03.2012 (1)
  11. System Check Virus
    Log-Analyse und Auswertung - 18.03.2012 (1)
  12. System Check - Virus ja/nein, wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 01.03.2012 (1)
  13. System-Check Virus eingefangen
    Log-Analyse und Auswertung - 15.02.2012 (6)
  14. System Check Virus
    Log-Analyse und Auswertung - 25.01.2012 (10)
  15. System Check und Redirect Virus
    Log-Analyse und Auswertung - 23.01.2012 (33)
  16. System Check - Virus entfernen
    Log-Analyse und Auswertung - 18.01.2012 (1)
  17. System Check Virus
    Log-Analyse und Auswertung - 11.01.2012 (3)

Zum Thema System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun? - Hi, alle Dateien sind nicht mehr zu finden (Ordner leer) und der Bildschirm schwarz. Ständig kommt dieser "System Check" ... es wird gesagt, dass die Festplatte beschädigt ist, dann will - System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun?...
Archiv
Du betrachtest: System Check Virus - Malwarebytes Log und OTL Log liegen vor.... was nun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.