| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.08.2012, 17:06
| #1 |
| |  Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert Hallo. Auch mich hat es mit dem oben genannten Trojaner erwischt. Ich hoffe, dass ihr mir helfen könnt!!! ich hoffe, dass ich es mit dem OTL-Log richtig gemacht habe: OTL logfile created on: 10.08.2012 17:54:08 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\MJ\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,06% Memory free 6,13 Gb Paging File | 5,38 Gb Available in Paging File | 87,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,21 Gb Total Space | 17,14 Gb Free Space | 14,75% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 130,49 Gb Free Space | 56,03% Space Free | Partition Type: NTFS Drive F: | 115,21 Gb Total Space | 65,05 Gb Free Space | 56,46% Space Free | Partition Type: NTFS Computer Name: MICHEL | User Name: MJ | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.04 20:59:44 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\MJ\Desktop\OTL.exe PRC - [2012.07.21 10:38:35 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe ========== Modules (No Company Name) ========== MOD - [2012.07.21 10:38:35 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.12.08 20:40:59 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll ========== Win32 Services (SafeList) ========== SRV - [2012.07.21 10:38:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.16 19:28:36 | 002,025,368 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2012.05.08 22:11:08 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 22:11:07 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.01.23 20:33:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.12.10 19:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$QOSMIOAVINDEXING) SRV - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010.12.10 19:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2009.12.18 18:30:50 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2009.12.18 18:30:50 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009.09.11 12:33:54 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.04.21 17:36:06 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Stopped] -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008.11.05 18:58:42 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Stopped] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager) SRV - [2008.09.16 12:02:42 | 000,352,312 | ---- | M] (Rosetta Stone Ltd.) [Auto | Stopped] -- C:\Programme\RosettaStoneLtdServices\RosettaStoneLtdController.exe -- (RosettaStoneLtdController) SRV - [2008.08.19 22:34:32 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008.04.24 18:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand | Stopped] -- C:\Programme\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV - [2008.04.17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008.04.11 11:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- c:\Programme\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- c:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2007.01.18 21:04:04 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSVR.EXE -- (UleadBurningHelper) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.10.05 12:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TpChoice.sys -- (TpChoice) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.05.08 22:11:08 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 22:11:08 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.12.15 16:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.08.02 18:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.09.01 02:49:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.08.20 16:37:53 | 000,281,760 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.08.20 16:37:53 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.06.29 17:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009.06.29 17:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009.06.26 22:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009.06.15 06:07:52 | 000,115,552 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2009.04.09 13:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.11.17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008.10.21 15:58:20 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) DRV - [2008.10.09 13:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad) DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2008.05.07 11:31:26 | 000,106,496 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\spurs.sys -- (SPURS) DRV - [2008.05.07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter) DRV - [2008.05.02 13:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.04.29 01:56:30 | 000,011,264 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid) DRV - [2008.04.29 01:54:58 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008.04.25 09:16:36 | 000,005,632 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma) DRV - [2008.04.25 04:05:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008.04.21 14:02:28 | 000,444,672 | ---- | M] (DiBcom) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700) DRV - [2008.03.29 18:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE) DRV - [2008.03.14 14:18:34 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF) DRV - [2008.02.07 00:23:46 | 000,166,448 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007.12.17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007.01.18 18:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006.12.05 11:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207) DRV - [2006.11.28 15:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE - HKLM\..\SearchScopes,DefaultScope = {39F1EBFF-A601-4E26-82D6-0B361EBCC043} IE - HKLM\..\SearchScopes\{39F1EBFF-A601-4E26-82D6-0B361EBCC043}: "URL" = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=10&cc= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {4BF55D14-3908-4093-89B1-0DD96DF16040} IE - HKCU\..\SearchScopes\{39F1EBFF-A601-4E26-82D6-0B361EBCC043}: "URL" = hxxp://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA; IE - HKCU\..\SearchScopes\{4BF55D14-3908-4093-89B1-0DD96DF16040}: "URL" = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=29 IE - HKCU\..\SearchScopes\{A9449A85-0818-497B-A438-E3F87630872C}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search the web (Softonic)" FF - prefs.js..browser.startup.homepage: "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=" FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\MJ\AppData\LocalLow\Sony Online Entertainment\npsoe.dll () FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MJ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.05 14:52:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010.08.31 17:07:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.11 18:41:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.21 10:38:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.19 20:51:49 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.05 14:52:03 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.21 10:38:35 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.19 20:51:49 | 000,000,000 | ---D | M] [2010.08.01 12:17:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MJ\AppData\Roaming\mozilla\Extensions [2010.08.01 12:17:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MJ\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.08.09 16:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions [2010.06.06 17:27:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.06 17:24:51 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.07.07 12:34:02 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012.02.14 21:42:06 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}(42) [2010.06.06 17:28:55 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2012.08.09 16:42:13 | 000,000,000 | ---D | M] (softonic.com) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\ffxtlbra@softonic.com [2010.01.08 14:00:17 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\firefox@tvunetworks.com [2010.01.08 14:00:17 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\moveplayer@movenetworks.com [2012.02.16 19:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MJ\AppData\Roaming\mozilla\Firefox\Profiles\hcborse2.default\extensions\staged(41) [2012.08.08 20:28:46 | 000,002,062 | ---- | M] () -- C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\hcborse2.default\searchplugins\softonic.xml [2012.02.28 19:17:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.02.14 21:32:21 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\MJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCBORSE2.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI [2012.07.21 10:38:35 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.02.20 18:17:31 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2009.12.13 00:29:10 | 000,118,784 | ---- | M] (FreshDevices Corp.) -- C:\Program Files\mozilla firefox\plugins\npfd.dll [2012.06.18 16:13:35 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.18 16:13:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.18 16:13:35 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.18 16:13:35 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 16:13:35 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 16:13:35 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com/ CHR - Extension: No name found = C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ CHR - Extension: No name found = C:\Users\MJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2011.06.08 22:54:54 | 000,000,789 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 74.208.10.249 gs.apple.com O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Programme\FreshDevices\FreshDownload\fdcatch.dll (FreshDevices Corp.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (FreshDownload Bar) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Programme\FreshDevices\FreshDownload\fdiebar.dll (FreshDevices Corp.) O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [cfFncEnabler.exe] cfFncEnabler.exe File not found O4 - HKLM..\Run: [FingerPrintNotifer] C:\Programme\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc) O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION) O4 - HKLM..\Run: [KeNotify] C:\Programme\Toshiba\Utilities\KeNotify.exe () O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Programme\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH) O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TRCMan] C:\Programme\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [UsbMonitor] C:\Programme\TrueSuite Access Manager\usbnotify.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\MJ\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found O4 - HKCU..\Run: [TsUsbRedirectionGroupPolicyExtension] C:\Users\MJ\AppData\Local\Microsoft\Windows\2051\TsUsbRedirectionGroupPolicyExtension.exe () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Users\MJ\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\MJ\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra Button: FreshDownload - {DAC7DD8E-6C78-4BAD-8C64-1575EC36A112} - C:\Programme\FreshDevices\FreshDownload\fd.exe (FreshDevices Corp.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: atdhe.net ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EA24FB0-61DB-4743-A061-C8BBFC9A670A}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{821FB83D-07BC-4F9E-B058-7EDD5D97CE0C}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{891D0991-7832-4044-878C-EC866D4476A2}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A8C9C6C-B5AD-454C-AE28-E1F751E3B604}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0ff91b3b-548f-11df-b62a-0016eaa7150a}\Shell - "" = AutoRun O33 - MountPoints2\{0ff91b3b-548f-11df-b62a-0016eaa7150a}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{30a67881-b6af-11df-886d-001eec3d8dc9}\Shell - "" = AutoRun O33 - MountPoints2\{30a67881-b6af-11df-886d-001eec3d8dc9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{639ad716-b510-11df-9959-0016eaa7150a}\Shell - "" = AutoRun O33 - MountPoints2\{639ad716-b510-11df-9959-0016eaa7150a}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{639ad71c-b510-11df-9959-001eec3d8dc9}\Shell - "" = AutoRun O33 - MountPoints2\{639ad71c-b510-11df-9959-001eec3d8dc9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{639ad724-b510-11df-9959-001eec3d8dc9}\Shell - "" = AutoRun O33 - MountPoints2\{639ad724-b510-11df-9959-001eec3d8dc9}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{c0c1235e-46ab-11e1-b74e-001eec3d8dc9}\Shell - "" = AutoRun O33 - MountPoints2\{c0c1235e-46ab-11e1-b74e-001eec3d8dc9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.08.10 17:37:50 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\MJ\Desktop\OTL.exe [2012.08.10 17:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.10 17:20:04 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.08.10 17:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.08.10 16:35:27 | 000,000,000 | ---D | C] -- C:\Users\MJ\AppData\Roaming\hellomoto [2012.08.08 20:30:53 | 000,000,000 | ---D | C] -- C:\Users\MJ\AppData\Local\SPSS 15.0 für Windows [Auswertung Version] [2012.08.08 20:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic [2012.08.08 20:27:27 | 001,929,216 | ---- | C] (Amyuni Technologies hxxp://www.amyuni.com) -- C:\Windows\System32\cdintf250.dll [2012.08.08 20:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\SPSSEV-DE [2012.08.08 20:23:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPSS für Windows [2012.08.08 20:15:01 | 213,704,432 | ---- | C] (SPSS ) -- C:\Users\MJ\Desktop\SPSS1501DE-EVAL.exe [2012.08.08 19:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.07.14 13:44:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012.07.14 13:44:37 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012.07.14 13:44:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012.07.14 13:44:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012.07.14 13:44:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012.07.14 13:44:36 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012.07.14 13:44:36 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012.07.14 13:44:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012.07.14 13:44:36 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012.07.14 13:44:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012.07.14 13:44:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012.07.14 13:44:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012.07.14 13:44:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012.07.14 13:44:35 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012.07.14 13:44:34 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012.07.14 13:44:34 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012.07.14 13:44:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012.07.14 13:44:34 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012.07.14 13:44:33 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012.07.14 13:44:33 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012.07.14 13:44:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012.07.14 13:44:33 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012.07.14 13:44:32 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012.07.14 13:44:32 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012.07.14 13:44:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012.07.14 13:44:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012.07.14 13:44:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012.07.14 13:30:47 | 000,000,000 | ---D | C] -- C:\Users\MJ\AppData\Local\SCE [2012.07.14 13:30:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012.07.13 08:21:19 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.07.12 19:18:41 | 000,000,000 | ---D | C] -- C:\Users\MJ\Desktop\Cro - Raop (2012) [2012.07.12 15:13:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.10 17:43:29 | 000,000,000 | ---- | M] () -- C:\Windows\ToDisc.INI [2012.08.10 17:37:07 | 000,000,120 | ---- | M] () -- C:\Users\MJ\redirect-to.htm [2012.08.10 17:20:20 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.10 17:06:31 | 000,678,196 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.08.10 17:06:31 | 000,645,220 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.08.10 17:06:31 | 000,145,104 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.08.10 17:06:31 | 000,122,528 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.08.10 17:02:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.10 17:00:00 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2012.08.10 16:58:49 | 000,437,018 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.08.10 16:58:49 | 000,437,018 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.08.10 16:56:27 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.10 16:55:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.10 16:55:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.09 20:26:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.09 18:24:06 | 000,194,560 | ---- | M] () -- C:\Users\MJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.08.09 16:37:58 | 000,426,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.08.08 21:36:48 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm [2012.08.08 20:28:50 | 000,000,111 | ---- | M] () -- C:\user.js [2012.08.08 20:27:27 | 000,001,024 | ---- | M] () -- C:\Windows\System32\clauth2.dll [2012.08.08 20:27:27 | 000,001,024 | ---- | M] () -- C:\Windows\System32\clauth1.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ssprs.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\serauth2.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\serauth1.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\nsprs.tgz [2012.08.08 20:27:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\nsprs.dll [2012.08.08 20:22:59 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.tgz [2012.08.08 20:22:59 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.dll [2012.08.08 20:22:59 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz [2012.08.08 20:22:59 | 000,000,205 | ---- | M] () -- C:\Windows\System32\lsprst7.dll [2012.08.08 20:21:07 | 213,704,432 | ---- | M] (SPSS ) -- C:\Users\MJ\Desktop\SPSS1501DE-EVAL.exe [2012.08.08 19:24:52 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.08.06 03:14:10 | 775,297,024 | ---- | M] () -- C:\Users\MJ\Ted.avi [2012.08.04 20:59:44 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\MJ\Desktop\OTL.exe [2012.08.04 03:09:15 | 594,647,040 | ---- | M] () -- C:\Users\MJ\Rum Diary CD2.avi [2012.08.03 21:11:15 | 594,507,776 | ---- | M] () -- C:\Users\MJ\Rum Diary CD1.avi [2012.07.20 10:28:34 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk [2012.07.16 14:29:06 | 027,619,801 | ---- | M] () -- C:\Users\MJ\Desktop\YUM YUM Summer Mix #3 [every Saturday in July].mp3 [2012.07.14 17:16:52 | 000,000,547 | ---- | M] () -- C:\Users\MJ\Desktop\DC Universe Online Live.lnk [2012.07.14 13:29:31 | 017,117,624 | ---- | M] () -- C:\Users\MJ\Desktop\DCUO_setup.exe [2012.07.12 17:58:03 | 000,182,800 | ---- | M] () -- C:\Users\MJ\Desktop\Michel Jost Lebenslauf.pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.10 17:43:29 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI [2012.08.10 17:37:08 | 000,000,120 | ---- | C] () -- C:\Users\MJ\redirect-to.htm [2012.08.10 17:20:20 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.09 16:43:52 | 775,297,024 | ---- | C] () -- C:\Users\MJ\Ted.avi [2012.08.08 20:30:49 | 000,003,191 | ---- | C] () -- C:\Users\MJ\Desktop\Datenmaske_InterRaterReliabilität.sav [2012.08.08 20:28:50 | 000,000,111 | ---- | C] () -- C:\user.js [2012.08.08 20:27:27 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2012.08.08 20:27:27 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll [2012.08.08 20:27:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.tgz [2012.08.08 20:27:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll [2012.08.08 20:22:59 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.tgz [2012.08.08 20:22:59 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2012.08.08 20:22:59 | 000,000,219 | ---- | C] () -- C:\Windows\System32\lsprst7.tgz [2012.08.08 20:22:59 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2012.08.08 20:22:59 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\servdat.slm [2012.08.04 16:11:11 | 594,647,040 | ---- | C] () -- C:\Users\MJ\Rum Diary CD2.avi [2012.08.04 16:10:35 | 594,507,776 | ---- | C] () -- C:\Users\MJ\Rum Diary CD1.avi [2012.07.20 10:41:10 | 1785,769,984 | ---- | C] () -- C:\Users\MJ\Spiderman.avi [2012.07.17 18:58:28 | 025,404,932 | ---- | C] () -- C:\Users\MJ\Desktop\YUM YUM Summer Mix # 2 [Reggae Edition___ jeden Samstag im Juli].mp3 [2012.07.17 18:58:15 | 027,619,801 | ---- | C] () -- C:\Users\MJ\Desktop\YUM YUM Summer Mix #3 [every Saturday in July].mp3 [2012.07.14 17:16:52 | 000,000,547 | ---- | C] () -- C:\Users\MJ\Desktop\DC Universe Online Live.lnk [2012.07.14 17:16:52 | 000,000,547 | ---- | C] () -- C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk [2012.07.14 13:28:54 | 017,117,624 | ---- | C] () -- C:\Users\MJ\Desktop\DCUO_setup.exe [2012.07.12 17:58:03 | 000,182,800 | ---- | C] () -- C:\Users\MJ\Desktop\Michel Jost Lebenslauf.pdf [2011.01.30 22:39:25 | 000,000,600 | ---- | C] () -- C:\Users\MJ\AppData\Roaming\winscp.rnd [2010.04.08 10:01:26 | 000,024,206 | ---- | C] () -- C:\Users\MJ\AppData\Roaming\UserTile.png [2010.01.07 20:50:46 | 000,437,018 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.01.07 20:50:16 | 000,437,018 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.12.13 13:24:15 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2009.08.28 21:45:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.06.16 13:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2009.05.15 13:19:10 | 000,000,680 | ---- | C] () -- C:\Users\MJ\AppData\Local\d3d9caps.dat [2009.03.22 23:06:22 | 000,000,019 | ---- | C] () -- C:\Users\MJ\AppData\Roaming\HideWin32 [2009.03.07 03:56:55 | 000,000,000 | ---- | C] () -- C:\Users\MJ\AppData\Roaming\wklnhst.dat [2009.03.07 03:55:47 | 000,000,016 | -H-- | C] () -- C:\Users\MJ\AppData\Roaming\mxfilerelatedcache.mxc2 [2009.03.07 03:55:47 | 000,000,016 | -H-- | C] () -- C:\Users\MJ\AppData\Local\mxfilerelatedcache.mxc2 [2009.03.07 03:55:46 | 000,000,016 | -H-- | C] () -- C:\Users\MJ\mxfilerelatedcache.mxc2 [2009.03.05 12:48:47 | 000,194,560 | ---- | C] () -- C:\Users\MJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini < End of report > Und hier der Extras.txt-Log OTL Extras logfile created on: 10.08.2012 17:54:10 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\MJ\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19272) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,06% Memory free 6,13 Gb Paging File | 5,38 Gb Available in Paging File | 87,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,21 Gb Total Space | 17,14 Gb Free Space | 14,75% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 130,49 Gb Free Space | 56,03% Space Free | Partition Type: NTFS Drive F: | 115,21 Gb Total Space | 65,05 Gb Free Space | 56,46% Space Free | Partition Type: NTFS Computer Name: MICHEL | User Name: MJ | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- Reg Error: Value error. https [open] -- Reg Error: Value error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3C0BF24A-A6F9-4AB5-A951-5310A6D43CD3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{C2D57910-C9C1-496A-8878-D820201B042A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01CC6F54-3E36-4C92-AD42-4252D63D116B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "{02900A00-EBE3-4169-83A7-7A3B543417FA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{03B1B991-3D35-4E34-BB32-5841CB9358B2}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{042CF109-0BAD-492D-A7C6-9B39062A6661}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{081E9D7D-3E4A-41BA-B65E-8188F908A32B}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe | "{0B848DB1-FF26-46D6-9199-CF0B00E3A53A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{0C600243-E22F-46D9-AEF1-0ED25DA2B7E3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{0C77EB4F-6B52-4008-BFB7-4B773B0454C0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{13AC9D99-9889-4CA5-AC86-3A1A0A158E54}" = dir=in | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdservices.exe | "{141FA2B6-C754-407C-91EB-C6B328DA374E}" = protocol=17 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0-dede-downloader.exe | "{1D68D05A-423D-4CE9-A832-F31A7FE14152}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{1EDACFEE-29D4-4F7F-BF7F-9382996CFAFF}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{2B17D5B4-3258-4D52-B1F0-E1F622036E61}" = protocol=6 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{2C7E1148-31A0-4FF7-A8D6-095FC839A95F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{38A24FEF-0F69-4DF8-B77E-78C83748C407}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{3EA02E1C-6FFC-43BC-96BC-9BF0F0A26EF2}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{45DD91B1-6C49-4F77-951D-647329ED60DB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{4C50D70D-9245-4FA2-91CC-2065A4ADD2F8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{51378ED5-775C-493B-B054-B251934F6DA9}" = protocol=17 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{522A8797-666F-44C5-AE30-FCE8708635FF}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{555E309D-7CEF-4D13-9E5F-AB9821639B4B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{5F2FBF4F-8F6F-4F06-B62C-197DC8DE9444}" = dir=in | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdserver.exe | "{653FC075-321E-4E47-9AB3-D12AD3045E2D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{74B05679-160E-46EE-9673-76638F3E52B4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer_service.exe | "{7C3DA34E-0ADD-482C-BB7C-565DB21F160B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{7E6DBD76-D44A-4377-B5C9-821C2DDC07FF}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{7E8CAE96-97B9-403D-BDFF-19F370E9B684}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{80F60D2A-6C1B-4F40-AEF0-3DAF26600DFB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{81B71CCB-71AE-4BCA-ADD7-43DC24A1E9CE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{82A3EE2E-41D6-4231-9046-24A7A851C243}" = protocol=6 | dir=in | app=f:\programme\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{857F3A26-3F54-4E88-800E-A61877A45422}" = dir=in | app=c:\program files\itunes\itunes.exe | "{86BE9CEA-173C-4D6E-96FA-2764B67D07E4}" = dir=in | app=g:\setup\hpznui01.exe | "{8B746ED0-5AB3-417E-8C37-CF028E1699D5}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "{8C455FB8-1529-4322-8C72-30FF2D4D0AD9}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{8F7DCB5D-77E4-416C-8DBE-771C8B33A1F5}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{94E063BC-5C14-4C94-BEA2-95FCFD4435C9}" = protocol=17 | dir=in | app=f:\programme\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{9B1BE54E-627C-49BC-AB88-1F3E04512E2C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{9D8DC28E-A343-43C4-BEB2-0B5874CBB5E2}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{9FBBEFDD-EF20-4CA9-BD5C-826D5AA4462F}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{A11D835D-7465-4C5F-9931-2A001A3F7BB5}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe | "{A36F01FD-86AC-4364-BB10-CE5AEACF445B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{A7218B77-2006-40C2-A232-CAB4D86ED129}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdserver.exe | "{A78BBD94-FAC6-43E4-8527-C1EA4CF17ADF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A8493926-605E-47AD-863C-255DF134FE8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{B281E9C3-41E2-4104-B10C-BA80383AAD37}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{B680767E-6867-4483-8817-EA20430D5C07}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | "{B904CC05-7375-4433-B41A-80022092328D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | "{BF14A7CD-8D25-4F56-B07D-D6C4F0CD371A}" = protocol=6 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0-dede-downloader.exe | "{CC5FF7A7-CAE9-4B7D-871E-9CC7DBE271A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D4E53B45-E7D2-45FC-A789-8D9DEF8F3477}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{D5ABFB29-1ED4-4A00-AAEF-F93AC79B3A4A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{DF587E9B-D174-41BB-8497-FEB0439A1C66}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{E0624161-FAF3-401A-94E4-E02864BAFC88}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E1019833-68BC-497F-B5FA-2BC994D6288F}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdcontroller.exe | "{E16E5491-E9FC-414C-92B2-0A0EAF703A91}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "{E742820F-E54F-471C-9B0C-C2D3C39D2799}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{F72D7656-6DA1-425F-BA06-B7BD73B3701C}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | "{FCE3B1F2-E49A-4D49-B09E-D679271196A4}" = protocol=6 | dir=out | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdservices.exe | "{FF6A6A77-012A-4814-B91B-BFA92447C512}" = dir=in | app=c:\program files\rosettastoneltdservices\support\bin\win\rosettastoneltdcontroller.exe | "TCP Query User{05056749-32B9-4A0E-9B2D-FC6C487B1C09}F:\programme\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=6 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | "TCP Query User{1430DCF8-2979-46CD-B593-F784CCD78886}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "TCP Query User{56114052-F3F5-41C4-A6BA-708E4C3A0B49}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{5924CE7C-77C6-4E30-B0BC-A5803220BAEA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{633EFDFA-B123-4D35-8B1C-7981EE11A054}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{65204BBA-064B-42F3-870B-BF47C0CB8C39}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "TCP Query User{6AD285A4-C528-4585-8FD6-7B6496A246AB}F:\programme\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=f:\programme\world of warcraft\launcher.exe | "TCP Query User{6F52777F-12C9-4482-95E3-6D69F73AD95A}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | "TCP Query User{6F969C15-2E6D-4101-A6E8-3928932AA96D}C:\users\mj\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mj\appdata\roaming\spotify\spotify.exe | "TCP Query User{8742F84F-5649-4324-A3B4-C6912BD88959}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{9DB354AD-3BE0-42F3-86BF-7C4271CEB699}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{BA4520FA-3E2B-48FA-B2C5-A1F4B16F3214}C:\users\mj\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mj\appdata\roaming\spotify\spotify.exe | "TCP Query User{C25F94D2-C35D-443B-9B20-BC7A2615711F}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "TCP Query User{F2FF0A1C-754A-435A-9C81-FFA1174B9603}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{FCCD0BE0-6321-4D93-B595-DD8F7C25B0BF}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{144A7197-122E-47C2-B336-C04705F9235F}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{17587D66-8704-4FFF-B41E-F7E7244DEF46}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{22456E8C-4102-41DE-8EB4-1F8BD84DC2CF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{2EF3907A-6ACE-40FB-AA5A-1ADF9362C8BF}C:\users\mj\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mj\appdata\roaming\spotify\spotify.exe | "UDP Query User{2FF7C457-A030-47D4-9129-29F09A6595A5}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "UDP Query User{3571860B-3709-4358-900E-F41D9C360D48}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{53974737-784D-4659-AE95-B74B274B4702}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{577C2474-7962-4E95-A45F-F6C37F7920D0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{5A904087-12AB-4E46-9CCE-68051423BA6E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{790A6418-7F10-4ED9-94EC-A07DEE79A58C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{7D02DEC3-DBE3-41A5-BEAC-F1CBAA4C69DB}F:\programme\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=f:\programme\world of warcraft\launcher.exe | "UDP Query User{AD6CEB1E-D078-4DE0-AFDF-4448683C0447}F:\programme\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe" = protocol=17 | dir=in | app=f:\programme\world of warcraft\wow-3.2.0.10192-to-3.3.0.10958-dede-downloader.exe | "UDP Query User{CA1F63BF-3CE2-4B28-81F3-41C5897CE112}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | "UDP Query User{DEB71001-420B-4C5D-8EE8-8A184984BEA4}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{FD9E1D93-431C-4381-97D7-C2877F70A9B7}C:\users\mj\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mj\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009 "{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent "{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2110AF8F-F6E9-4712-A185-1B839C60822E}" = Rosetta Stone Ltd Services "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (QOSMIOAVINDEXING) "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{39B421FC-E32E-4100-B60E-9222C0025572}" = TOSHIBA Gesture Controller "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{5594FF8C-4765-4ADA-BCA4-10C8E7E5B7DD}" = TOSHIBA Quad Core HD Processor Driver 1.0.2.14 "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version] "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite "{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO "{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Hilfe "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{8FEBDF62-A0FD-46A3-B9CE-17C5E3A00BBA}" = TOSHIBA HD Console "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A13E78C5-F64F-4436-B571-07D4ADE18730}" = TOSHIBA TV Tuner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator "{BB68D31F-9A51-43DC-B322-020D5C29E5FB}" = TOSHIBA Graphical Video Library "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{DA29D017-6E24-481D-BC7C-2B69335A0B3A}" = TrueSuite Access Manager "{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{E2E25F53-EB64-4BC1-8A9E-B970BBEF8C1C}" = HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer "{E7124FF8-358C-4209-84FB-50F5B8BC2A7D}" = Toshiba Video Converter "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F485E43D-18B1-4B40-AF4B-EDA78E91DA80}" = Dolby Control Center "{F727EC42-3ECD-4CEA-B8D2-7497667AB689}" = TOSHIBA_Quad_Core_HD_Processor_Demo "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package "{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy "{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "06B1BC2A663E3F5B7EBAD9000831FCE29C7CC24A" = Windows-Treiberpaket - TOSHIBA (mod7700) Media (04/21/2007 2.3.3.21) "8461-7759-5462-8226" = Vuze "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazing Visio 4.0.3" = Amazing Visio 4.0.3 "Avira AntiVir Desktop" = Avira Free Antivirus "CCleaner" = CCleaner "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup" = DivX-Setup "ElsterFormular 11.4.1.4323" = ElsterFormular "ENTERPRISE" = Microsoft Office Enterprise 2007 "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3 "Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 5.0.11.508 "Free YouTube Download_is1" = Free YouTube Download version 2.10.30 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.40.602 "FreshDevices - FreshDownload_is1" = FreshDownload "Google Chrome" = Google Chrome "Hardcopy(C__Program Files_Hardcopy)" = Hardcopy (C:\Program Files\Hardcopy) "HijackThis" = HijackThis 2.0.2 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "InstallShield_{39B421FC-E32E-4100-B60E-9222C0025572}" = TOSHIBA Gesture Controller "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "InstallShield_{DA29D017-6E24-481D-BC7C-2B69335A0B3A}" = TrueSuite Access Manager "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "IsoBuster_is1" = IsoBuster 2.5.5 "MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D) "MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "PartyPoker" = PartyPoker "PDF Blender" = PDF Blender "Shop for HP Supplies" = Shop for HP Supplies "Softonic" = Softonic toolbar on IE "SopCast" = SopCast 3.4.0 "TeamViewer 5" = TeamViewer 5 "TomTom HOME" = TomTom HOME 2.8.3.2499 "TOSHIBA Software Modem" = TOSHIBA Software Modem "Uninstall_is1" = Uninstall 1.0.0.1 "Veetle TV" = Veetle TV 0.9.18 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinRAR archiver" = WinRAR "winscp3_is1" = WinSCP 4.2.1 beta "World of Warcraft" = World of Warcraft "Xvid_is1" = Xvid 1.2.2 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SOE-DC Universe Online Live" = DC Universe Online Live "Spotify" = Spotify "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08.08.2012 15:47:52 | Computer Name = Michel | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 08.08.2012 15:47:52 | Computer Name = Michel | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 650025 Error - 08.08.2012 15:47:52 | Computer Name = Michel | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 650025 Error - 09.08.2012 10:38:33 | Computer Name = Michel | Source = VMCService | ID = 0 Description = conflictManagerTypeValue Error - 09.08.2012 10:39:15 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = Error - 10.08.2012 10:29:03 | Computer Name = Michel | Source = VMCService | ID = 0 Description = conflictManagerTypeValue Error - 10.08.2012 10:30:25 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = Error - 10.08.2012 10:40:27 | Computer Name = Michel | Source = VMCService | ID = 0 Description = conflictManagerTypeValue Error - 10.08.2012 10:41:15 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = Error - 10.08.2012 10:45:06 | Computer Name = Michel | Source = EventSystem | ID = 4609 Description = Error - 10.08.2012 10:45:54 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = Error - 10.08.2012 10:55:58 | Computer Name = Michel | Source = VMCService | ID = 0 Description = conflictManagerTypeValue Error - 10.08.2012 10:57:11 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = Error - 10.08.2012 11:02:49 | Computer Name = Michel | Source = EventSystem | ID = 4609 Description = Error - 10.08.2012 11:03:32 | Computer Name = Michel | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 28.07.2009 14:53:40 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:53:40 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:53:40 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:53:40 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:54:21 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:54:21 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:54:22 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 28.07.2009 14:54:22 | Computer Name = Michel | Source = ehRecvr | ID = 3 Description = Error - 09.08.2010 05:39:49 | Computer Name = Michel | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 08/09/2010 11:39:49 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. [ OSession Events ] Error - 13.12.2011 10:16:46 | Computer Name = Michel | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 10.08.2012 10:47:27 | Computer Name = Michel | Source = WinDefend | ID = 2004 Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen: %%824 Fehlercode: 0x80092003 Fehlerbeschreibung: Beim Lesen oder Schreiben einer Datei ist ein Fehler aufgetreten. Ladende Signaturen: %%825 Ladene Signaturversion: Ladende Modulversion: Error - 10.08.2012 10:49:45 | Computer Name = Michel | Source = WinDefend | ID = 2004 Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte Signaturen: %%825 Fehlercode: 0x80070715 Fehlerbeschreibung: Der angegebene Ressourcentyp wurde nicht in der Image-Datei gefunden. Ladende Signaturen: %%826 Ladene Signaturversion: 1.0.0.0 Ladende Modulversion: 1.1.3007.0 Error - 10.08.2012 10:57:11 | Computer Name = Michel | Source = Service Control Manager | ID = 7000 Description = Error - 10.08.2012 11:02:15 | Computer Name = Michel | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 10.08.2012 um 17:00:33 unerwartet heruntergefahren. Error - 10.08.2012 11:02:42 | Computer Name = Michel | Source = DCOM | ID = 10005 Description = Error - 10.08.2012 11:02:49 | Computer Name = Michel | Source = DCOM | ID = 10005 Description = Error - 10.08.2012 11:02:53 | Computer Name = Michel | Source = DCOM | ID = 10005 Description = Error - 10.08.2012 11:03:32 | Computer Name = Michel | Source = Service Control Manager | ID = 7001 Description = Error - 10.08.2012 11:03:32 | Computer Name = Michel | Source = Service Control Manager | ID = 7026 Description = Error - 10.08.2012 11:16:37 | Computer Name = Michel | Source = DCOM | ID = 10005 Description = [ TuneUp Events ] Error - 18.12.2011 14:11:24 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:11:24', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbam.exe','5468',0) Error - 18.12.2011 14:55:17 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:55:17', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbam.exe','5996',0) Error - 18.12.2011 14:55:42 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:55:42', '\device\harddiskvolume2\programdata\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','3480',0) Error - 18.12.2011 14:55:47 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:55:47', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamgui.exe','4148',0) Error - 18.12.2011 14:58:03 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:58:03', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbam.exe','3480',0) Error - 18.12.2011 14:59:33 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:59:33', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamservice.exe','5844',0) Error - 18.12.2011 14:59:33 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 19:59:33', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamgui.exe','5292',0) Error - 18.12.2011 15:08:59 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 20:08:59', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamservice.exe','4312',0) Error - 18.12.2011 15:09:05 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 20:09:05', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamgui.exe','4888',0) Error - 18.12.2011 15:25:57 | Computer Name = Michel | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-12-18 20:25:57', '\device\harddiskvolume2\program files\malwarebytes' anti-malware\mbamservice.exe','4328',0) < End of report > |
| Themen zu Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert |
| 32 bit, antivir, avira, bho, blockiert, bonjour, computer, converter, der computer ist für die verletzung, error, firefox, flash player, google earth, hijack, hijackthis, home, install.exe, logfile, monitor.exe, mp3, object, office 2007, officejet, plug-in, realtek, remote control, scan, search the web, security, senden, server, software, spotify web helper, svchost.exe, trojaner, vista, visual studio, vodafone |
Baum-Darstellung