kornman10 | 31.01.2013 23:21 | OTL Logfile: Code:
OTL Extras logfile created on: 31.01.2013 23:46:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Björn\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,93 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,69% Memory free
3,78 Gb Paging File | 2,08 Gb Available in Paging File | 55,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,66 Gb Total Space | 36,43 Gb Free Space | 37,30% Space Free | Partition Type: NTFS
Drive D: | 71,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 51,39 Gb Total Space | 50,04 Gb Free Space | 97,38% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Björn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-59172816-853816874-2217139011-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"4410:TCP" = 4410:TCP:LocalSubNet:Enabled:Automation License Management
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4410:TCP" = 4410:TCP:LocalSubNet:Enabled:Automation License Management
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"4840:TCP" = 4840:TCP:*:Enabled:UA Local Discovery Server (OPC.TCP 4840)
"52601:TCP" = 52601:TCP:*:Enabled:UA Local Discovery Server (HTTP 52601)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe" = C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2008 Application -- (SIEMENS AG)
"C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe" = C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2008 Trace Server -- (SIEMENS AG)
"C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe" = C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad -- (Siemens AG)
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Toshiba\ConfigFree\CFXFER.exe" = C:\Programme\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
"C:\Programme\devolo\informer\devinf.exe" = C:\Programme\devolo\informer\devinf.exe:*:Enabled:devolo Informer -- (devolo AG)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbsrv9.exe" = C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server -- (iAnywhere Solutions, Inc.)
"C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbeng9.exe" = C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine -- (iAnywhere Solutions, Inc.)
"C:\WINDOWS\system32\s7otbxsx.exe" = C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration -- (SIEMENS AG)
"C:\Programme\Siemens\Step7\S7INF\S7usiapx.exe" = C:\Programme\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox -- (SIEMENS AG)
"C:\Programme\Siemens\Step7\S7BIN\S7tgtopx.exe" = C:\Programme\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager -- (SIEMENS AG)
"C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe" = C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe:LocalSubNet:Enabled:Automation License Manager Service -- (SIEMENS AG)
"C:\Programme\Gemeinsame Dateien\OPC Foundation\UA\v1.0\Bin\Opc.Ua.DiscoveryServer.exe" = C:\Programme\Gemeinsame Dateien\OPC Foundation\UA\v1.0\Bin\Opc.Ua.DiscoveryServer.exe:*:Enabled:UA Local Discovery Server -- (OPC Foundation)
"C:\Programme\Siemens\Automation\WinCC RT Advanced\Miniweb.exe" = C:\Programme\Siemens\Automation\WinCC RT Advanced\Miniweb.exe:LocalSubNet:Enabled:WinCC Runtime Advanced Module MiniWeb -- (Siemens AG)
"C:\Programme\Siemens\Automation\WinCC RT Advanced\SmartServer.exe" = C:\Programme\Siemens\Automation\WinCC RT Advanced\SmartServer.exe:LocalSubNet:Enabled:WinCC Runtime Advanced Module SmartServer -- (Siemens AG)
"C:\Programme\Siemens\Automation\WinCC RT Advanced\HmiLoad.exe" = C:\Programme\Siemens\Automation\WinCC RT Advanced\HmiLoad.exe:LocalSubNet:Enabled:WinCC Runtime Advanced Module HmiLoad -- (Siemens AG)
"C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCAgent.exe" = C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCAgent.exe:LocalSubNet:Enabled:CCAgent -- (SIEMENS AG)
"C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\RedundancyControl.exe" = C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\RedundancyControl.exe:LocalSubNet:Enabled:RedundancyControl -- (SIEMENS AG)
"C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCEServer.exe" = C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCEServer.exe:LocalSubNet:Enabled:CCEServer -- (SIEMENS AG)
"C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe" = C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe:*:Enabled:WinCC flexible RT Module MiniWeb -- (Siemens AG)
"C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe" = C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:*:Enabled:WinCC flexible RT Module SmartServer -- (Siemens AG)
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00FE2935-FB56-4410-AB5F-D6E70C1771D2}" = Garmin WebUpdater
"{0577A2AA-DEA0-4D40-8372-4211102D43E4}" = TOSHIBA Mic Effect
"{068B2432-7CF2-449C-97A6-95E16E7F4880}" = OZ776 SCR Driver V1.1.4.202
"{06960058-76A9-405D-8833-6D38BFC66979}" = OPC .NET API 2.00 Redistributables
"{06AF0F82-E926-48A6-8C5F-ECB195DB2CB4}" = SIMATIC S7-PCT V2.3 Professional 2010 SR2
"{0C2D096D-F90F-406C-863C-3171388526B3}" = i-Plant Client Dependency Installer
"{0D61D68B-DF5E-4635-82C7-B0C53F0A581B}" = Microsoft SQL Server 2005 Backward compatibility
"{0FC610FE-1612-4226-8147-515D9CF79F49}" = SIMATIC WinCC/Audit Viewer 2008 SP2
"{0FD5FD0B-4BA6-47A1-99C3-F8A964C3CCA5}" = Magellan Communicator
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{134A51EB-1BBB-4249-BAF5-494C3D186A06}" = PKZIP Server for Windows 12.40.0008
"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1CBF27F6-24A4-488D-940A-678F1C691C49}" = SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2 Professional 2010 SR2
"{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}" = VantagePoint
"{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}" = TOSHIBA Sicherheits-Assistent
"{1E8250AD-CC1B-43A4-9E75-321806D6F256}" = WinCC flexible Graphics
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (WINCCFLEXEXPRESS)
"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"{313AE525-5F86-4973-AD27-F0FD1BF58EF3}" = SIMATIC OPC-XML-Gateway V11.0 + SP1
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{327335CE-EDD9-452A-8BC3-32C44E3A9C90}" = SIMATIC PC Adapter USB V2.0
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3696C600-FFBA-4576-98B4-9230E59E3163}" = TIA Portal Single SetupPackage - HWConfig Single SetupPackage V11.0 SP2 UPD4
"{3737619D-5764-4C5D-B296-5FB19E587D24}" = TIA Portal Single SetupPackage - WinCC Single SetupPackage V11.0 + SP1
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A52E924-A331-4020-9E70-0270B37E8899}" = TOSHIBA F3507g Mobile Broadband Device
"{3B8D9FA4-745C-47C9-962D-4ABE6ACE136B}" = TOSHIBA Mobile Extension3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EABECB0-B86C-4206-9EAC-D1A230270A30}" = Presto! BizCard5 SE
"{3FEC5EBE-08CD-44B4-A319-35F97878A18F}" = OPC UA SDK 1.01 Redistributables 314.0
"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer
"{42590FE2-6BD0-429E-8F83-B490B5E51564}" = SIMATIC WinCC flexible 2008 SP2 Upd13
"{4323A3CF-D66F-46BC-AD16-B94D7BF05CF1}" = TOSHIBA Dienstprogramm für duales Zeigegerät
"{46025187-422C-4019-9063-AF014F62D874}" = TIA Portal Single SetupPackage - Support Base Package TO-02 V11.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FF24C45-A4EE-4A99-B287-E3468EC41CBD}" = SIMATIC S7-GRAPH V5.3 + SP7 Professional 2010 SR2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56190F69-01D3-46CA-9861-43377C5E9B87}" = TOSHIBA Utilities
"{56355D45-ED5B-484F-96A4-1163B6C3ABB6}" = SIMATIC Open Communication Wizard
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}" = True Image 2013
"{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible" = True Image 2013
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.05
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B1B0682-EEC6-4EDD-BAB0-3FEC2E55090D}" = SIMATIC S7-SCL V5.3 + SP6 Professional 2010 SR2
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{63D8C3FA-E47B-49E1-B1F1-D1852D6E5699}" = SIMATIC S7-1200 Documentation 04/2012
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69807478-E4AD-451C-9316-AD0C8F145809}" = TIA Portal Single SetupPackage - Hardware Support Base Package 02 V11.0
"{6A0BD730-2800-4891-9A3E-6D6C3DFB24BB}" = Compatibility Check Tool TIA - TIACOMPCHECK Single SetupPackage V11.0 + SP1
"{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}" = Powertoys For Windows XP
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (WINCCPLUSMIG)
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7862BAD8-A379-4128-8AA1-EFD5A9603C53}" = Wireless Hotkey
"{7B427E8E-F76D-4C8C-B155-7F24DF46DB67}" = SIMATIC STEP 7 V5.5 + SP2 Professional 2010 SR2
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F3B0E97-447F-4199-84E3-7745BAA2E497}" = TOSHIBA Cooling Performance Diagnostic Tool
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{943D9211-567E-4DD1-83AD-9A25A6FB0E92}" = TOSHIBA Wireless Manager
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{986A654F-F1E4-11DD-9FCA-005056C00008}" = Paragon Partition Manager™ 11 Personal Demo
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}" = Garmin Lifetime Updater
"{9ACBDDE2-DD2D-4103-8ECE-D1A9F7F03D1A}" = TOSHIBA Power Saver
"{9B29F49D-B6EB-4322-94B2-05BB1B33336B}" = WinCC Runtime Advanced V11 - SIMATIC WinCC Runtime Advanced V11.0 + SP1
"{9D3811E7-AADB-4F95-96FA-3B6AA3BEBCF6}" = TIA Portal Single SetupPackage - Hardware Support Base Package WCF-01 V11.0
"{9D8DA9A0-67B7-44DB-A0C3-2D1DC6880B71}" = OPC .NET API 2.00 Redistributables (x86) 101.0
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A241E18C-B71E-4BE3-B86D-6539EB84755D}" = TIA Portal Single SetupPackage - Hardware Support Base Package 0 V11.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A4A4567C-5C29-4756-992D-F84D8250C435}" = VC User 71 RTL X86 ---
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA7799DA-4165-4210-8DAA-9DAA1838D00E}" = TIA Portal Single SetupPackage - STEP 7 Single SetupPackage V11.0 SP2 UPD4
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AD9F5DB5-ACE0-4538-A272-88B10A6C93C8}" = OPC Core Components Redistributable (x86) 101.2
"{AE533A06-4655-41E8-88BB-48293AAF1FA0}" = SIMATIC Prosave V9.0 incl. SP3
"{B2583729-8873-4692-8D74-83F6F172FDDE}" = SIMATIC S7 CP PtP Param V5.1 + SP12
"{B4938B26-C719-4AAF-A63C-15AF6AC210BE}" = SIMATIC WinCC flexible Runtime 2008 SP2 Upd13
"{BBF5493A-05FB-4449-90DE-84A61EB78154}" = TOSHIBA SD Memory Boot Utility
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74}" = TOSHIBA Password Utility
"{C5A59C33-1E39-4083-B50B-47C983BF5E21}" = Magellan Device Driver
"{C93B1B46-1D00-4A31-9BBE-1AA0E620CD2F}" = Siemens Automation License Manager V5.1 + SP1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC01ADD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC Device Drivers
"{CCC02FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC HMI Symbol Library
"{CCC03FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC HMI Touch Input
"{CCC147DD-3A54-11D6-92A8-00A0245B3AC6}" = SIEMENS OPC
"{CCC15FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC HMI ProSave
"{CCC16FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC WinCC flexible OCX
"{CCC22FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC HMI License Manager Panel Plugin
"{CCC59FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC WinCC flexible Tag Simulator
"{CCC60FDD-3A54-11D6-92A8-00A0245B3AC6}" = SIMATIC WinCC flexible Simulator
"{CCC710DD-3A54-11D6-92A8-00A0245B3AC6}" = WinCC Runtime Advanced Simulator
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA5DEB6B-E108-4652-BFEC-C9B95446F244}" = Advanced IP Scanner
"{DD304638-64D4-43C9-8B8F-48BE23564791}" = Presto! BizCard 5 SE (Deutsche Version)
"{DDB74C44-6823-447C-9017-C03EE5F699F6}" = TIA Portal Single SetupPackage - Hardware Support Base Package 03 V11.0
"{DDE7681D-439F-48F3-BCA1-A797D079020F}" = TIA Portal Single SetupPackage - TIA ESTOUR V11.0 + SP2
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F028045B-64EC-42B3-9F71-70B057706E13}" = Totally Integrated Automation Portal V11 - TIA Portal Single SetupPackage V11.0 + SP2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FC4C645F-8EBC-4F1E-A517-D1505B43A374}" = TOSHIBA Wireless Key Logon
"{FF7B626B-4340-49CA-B77B-5E7DB1E0E64C}" = TIA Portal Single SetupPackage - Support Base Package TO-01 V11.0
"7-Zip" = 7-Zip 9.20
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AuthorsW" = SIMATIC AuthorsW V2.5 + ServicePack 1
"Avira AntiVir Desktop" = Avira Free Antivirus
"ChatZum Toolbar" = ChatZum Toolbar
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"EasyGPS_is1" = EasyGPS 4.29
"Ext2Ifs_for_NT501" = Ext2 IFS 1.11a for Windows XP
"FileZilla Client" = FileZilla Client 3.5.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"FWOCX" = SIMATIC ProTool/Pro V6.0 Gemeinsame Dateien
"HECI" = Intel(R) Management Engine Interface
"ie8" = Windows Internet Explorer 8
"InstallShield_{068B2432-7CF2-449C-97A6-95E16E7F4880}" = OZ776 SCR Driver V1.1.4.202
"InstallShield_{0FD5FD0B-4BA6-47A1-99C3-F8A964C3CCA5}" = Magellan Communicator
"InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}" = VantagePoint
"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC-Diagnose-Tool
"InstallShield_{42590FE2-6BD0-429E-8F83-B490B5E51564}" = SIMATIC WinCC flexible 2008 SP2 Upd13
"InstallShield_{56190F69-01D3-46CA-9861-43377C5E9B87}" = TOSHIBA Dienstprogramme
"InstallShield_{7F3B0E97-447F-4199-84E3-7745BAA2E497}" = TOSHIBA Kühlleistungs-Diagnosetool
"InstallShield_{9ACBDDE2-DD2D-4103-8ECE-D1A9F7F03D1A}" = TOSHIBA Power Saver
"InstallShield_{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74}" = TOSHIBA Passwort-Utility
"InstallShield_{C5A59C33-1E39-4083-B50B-47C983BF5E21}" = Magellan Device Driver
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MERTEN SCHALTER-MANAGER_is1" = MERTEN SCHALTER-MANAGER 2011 v1.0
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"PROSet" = Intel(R) Network Connections Drivers
"Semiolog2" = Semiolog
"Shockwave" = Shockwave
"Siemens Installer Assistant - HMIRTM_V11" = SIMATIC WinCC Runtime Advanced V11.0 SP1
"Siemens Installer Assistant - TIAP11" = Siemens Totally Integrated Automation Portal V11
"SIMATIC ProTool/Pro CS V6.0" = SIMATIC ProTool/Pro CS V6.0 + ServicePack 3
"SIMATIC ProTool/Pro RT V6.0" = SIMATIC ProTool/Pro RT V6.0 + ServicePack 3
"Startup Delayer" = Startup Delayer v3.0 (build 321)
"TDspBtn" = TOSHIBA Utility zum Bildschirmwechsel
"TeamViewer 7" = TeamViewer 7
"TFNF5" = TOSHIBA Hotkey Utility für Anzeigegeräte
"TME" = Deinstallationsprogamm für TOSHIBA Mobile Extension3
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"VBSdoc" = VBScript-Dokumentation
"VLC media player" = VLC media player 2.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-59172816-853816874-2217139011-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre 7" = PhotoFiltre 7
"WinSetupFromUSB" = WinSetupFromUSB
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.01.2013 13:03:45 | Computer Name = LAPTOP | Source = nview_info | ID = 11141121
Description =
Error - 28.01.2013 13:49:29 | Computer Name = LAPTOP | Source = COM | ID = 10023
Description = Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff
auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen.
Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung
wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung
ändern möchten, wenden Sie sich an den Hersteller der Anwendung.
Error - 28.01.2013 14:17:17 | Computer Name = LAPTOP | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
Error - 29.01.2013 20:01:46 | Computer Name = LAPTOP | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 30.01.2013 11:20:38 | Computer Name = LAPTOP | Source = COM | ID = 10023
Description = Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff
auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen.
Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung
wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung
ändern möchten, wenden Sie sich an den Hersteller der Anwendung.
Error - 30.01.2013 11:38:25 | Computer Name = LAPTOP | Source = nview_info | ID = 11141121
Description =
Error - 30.01.2013 11:38:27 | Computer Name = LAPTOP | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 30.01.2013 12:11:17 | Computer Name = LAPTOP | Source = COM | ID = 10023
Description = Die anwendungsspezifische Sicherheitsbeschreibung für den Zugriff
auf die COM-Serveranwendung c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
ist ungültig. Sie enthält Zugriffssteuerungseinträge mit ungültigen Berechtigungen.
Die angeforderte Aktion wurde daher nicht ausgeführt. Diese Sicherheitsberechtigung
wurde programmgesteuert von der Anwendung festgelegt. Wenn Sie die Sicherheitsberechtigung
ändern möchten, wenden Sie sich an den Hersteller der Anwendung.
Error - 30.01.2013 12:30:01 | Computer Name = LAPTOP | Source = LMS | ID = 2
Description = LMS Service cannot connect to HECI driver
Error - 30.01.2013 19:14:23 | Computer Name = LAPTOP | Source = nview_info | ID = 11141121
Description =
[ System Events ]
Error - 28.01.2013 13:51:12 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
atapi PCIIde
Error - 30.01.2013 11:21:46 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst UA
Local Discovery Server.
Error - 30.01.2013 11:21:46 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UA Local Discovery Server" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 30.01.2013 11:22:01 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
atapi PCIIde
Error - 30.01.2013 12:12:44 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst UA
Local Discovery Server.
Error - 30.01.2013 12:12:44 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UA Local Discovery Server" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 30.01.2013 12:12:44 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Intel(R)
Active Management Technology User Notification Service.
Error - 30.01.2013 12:12:44 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Active Management Technology User Notification
Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053
Error - 30.01.2013 12:12:49 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
atapi PCIIde
Error - 31.01.2013 12:19:08 | Computer Name = LAPTOP | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 192.168.2.100 über die
Netzwerkkarte mit der Netzwerkadresse 002318F7095B ist verloren gegangen.
[ WinCCLog Events ]
Error - 29.08.2012 08:55:41 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 29.08.2012 14:55:33 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 07.09.2012 11:13:41 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 07.09.2012 17:13:40 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 10.09.2012 16:15:50 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 10.09.2012 22:15:44 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 17.09.2012 14:36:02 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 17.09.2012 20:35:56 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 20.09.2012 12:15:09 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 20.09.2012 18:15:08 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 22.09.2012 10:52:19 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 22.09.2012 16:52:18 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 23.09.2012 07:54:01 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 23.09.2012 13:54:00 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 23.09.2012 09:24:43 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 23.09.2012 15:24:42 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 23.09.2012 13:32:14 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 23.09.2012 19:32:13 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
Error - 23.09.2012 19:28:25 | Computer Name = LAPTOP | Source = SystemDiagnosis.DiagnosisClasses | ID = 0
Description = General Information ------------------------------- Machine Name:
LAPTOP Time Stamp: 24.09.2012 01:28:23 Windows Identity:LAPTOP\Björn
Exception
Information ---------------------------------- Message: Es konnte keine Verbindung
hergestellt werden, da der Zielcomputer die Verbindung verweigerte 127.0.0.1:8085
Exception
Type: System.Net.Sockets.SocketException HelpLink: NULL Source: mscorlib TargetSite:
Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
StackTrace
Information ------------------------------------------- Server stack trace: bei
System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
bei System.Net.Sockets.Socket.Connect(EndPoint remoteEP) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket(EndPoint
ipEndPoint) bei System.Runtime.Remoting.Channels.RemoteConnection.CreateNewSocket()
bei System.Runtime.Remoting.Channels.RemoteConnection.GetSocket() bei System.Runtime.Remoting.Channels.SocketCache.GetSocket(String
machinePortAndSid, Boolean openNew) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.SendRequestWithRetry(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream) bei System.Runtime.Remoting.Channels.Tcp.TcpClientTransportSink.ProcessMessage(IMessage
msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders&
responseHeaders, Stream& responseStream) bei System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage
msg) Exception rethrown at [0]: bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.TraceServerDispatcher.Ping()
bei Siemens.Simatic.Hmi.Utah.SystemDiagnosis.Tracer.Connect(Int32 pid)
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 31.01.2013 23:46:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Björn\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,93 Gb Total Physical Memory | 0,52 Gb Available Physical Memory | 26,69% Memory free
3,78 Gb Paging File | 2,08 Gb Available in Paging File | 55,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,66 Gb Total Space | 36,43 Gb Free Space | 37,30% Space Free | Partition Type: NTFS
Drive D: | 71,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 51,39 Gb Total Space | 50,04 Gb Free Space | 97,38% Space Free | Partition Type: NTFS
Computer Name: WURSTMASCHINE | User Name: Björn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Björn\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
PRC - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe (SIEMENS AG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
PRC - C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\SimNetCom\pniomgr.exe (SIEMENS AG)
PRC - C:\Programme\Magellan\VantagePoint\VPLite\VantagePoint Lite.exe (Magellan Navigation, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe (Siemens AG)
PRC - C:\Programme\Siemens\Step7\S7BIN\s7asysvx.exe (SIEMENS AG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe (SIEMENS AG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvbubblex.exe (SIEMENS AG)
PRC - C:\Programme\Siemens\SIMATIC.NET\SimNetCom\pniopcac.exe (SIEMENS AG)
PRC - C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe (SIEMENS AG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\SCSMX.exe (SIEMENS AG)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\S7UBTOOX\S7ubTstx.exe (SIEMENS AG)
PRC - C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe (SIEMENS AG)
PRC - C:\Programme\i-Plant Evolution\service\Notifier.exe (Langner Communications GmbH)
PRC - C:\Programme\i-Plant Evolution\service\Wrapper.exe ()
PRC - C:\Programme\Toshiba\3GUty\tw3gsvc.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\3GUty\tw3gctrl.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\TFNF5.exe (TOSHIBA Corp.)
PRC - C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TME3\TMERzCtl.exe (TOSHIBA)
PRC - C:\WINDOWS\system32\ThpSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\AMT\LMS.exe (Intel Corporation)
PRC - c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\WINDOWS\system32\java.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Direct Disc Writer\DDWMon.exe (TOSHIBA Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Siemens\SQLANY\dbsrv9.exe (iAnywhere Solutions, Inc.)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TAudEffect\TAudEff.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\ConfigFree\CFSServ.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TME3\TMESRV31.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\DualPointUtility\TEDTray.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TME3\TMEEJME.exe (TOSHIBA)
PRC - C:\WINDOWS\system32\Fast.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\TaskSwitch.exe ()
========== Modules (No Company Name) ==========
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\7256e28382f57416b828a0cc143b67b3\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\80383b3ebbbeb285cb6164b84d3e1e85\System.Xml.Linq.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\04eea38364e5ced71d02bf104cb5892c\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad737988d5bde126a3b7770eacc51e5b\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7376da3c5dca2b5fadfad0b1eaf76da7\System.Web.Services.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\50e710e8fa8439e6b88c90ae8d746d54\System.Design.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\8462c03b4f10c4624feb95790d6d1e30\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\25884c52a01d74137ffacdb51d8f2d04\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\12f94ec43a0160ab9ddd755b0e1be881\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\b8cef9be9e5e7e9c533b639c9ef6dfe8\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3ca69d589c23a0be94f3858f72e7a595\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\471ffd2d91c4e06f89c84c93cfeddedf\PresentationFramework.Classic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a0db56351a1589e44868456609b01737\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\6133e360071a2fa7ba7deb483816e585\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Acronis\TrueImageHome\ti_managers.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Acronis\Home\icudt38.dll ()
MOD - C:\Programme\Acronis\TrueImageHome\ti_managers_proxy_stub.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Acronis\Home\ulxmlrpcpp.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\icudt38.dll ()
MOD - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\system32\sn_regbase.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programme\Magellan\VantagePoint\VPLite\de-de\VantagePoint Lite.resources.dll ()
MOD - C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\Common.Base.LicUtil.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Siemens\SWS\plugins\scp\scpwin32.dll ()
MOD - C:\Programme\i-Plant Evolution\service\Wrapper.exe ()
MOD - C:\Programme\Magellan\VantagePoint\VPLite\RAPIWrapper.dll ()
MOD - C:\Programme\i-Plant Evolution\service\Wrapper.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_de_b77a5c561934e089\System.Data.resources.dll ()
MOD - C:\WINDOWS\system32\nview.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\Extern\Browser.dll ()
MOD - C:\WINDOWS\system32\TosCommAPI.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
MOD - C:\WINDOWS\system32\TaskSwitch.exe ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (afcdpsrv) -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (syncagentsrv) -- C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (JavaQuickStarterService) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
SRV - (S7TraceServiceX) -- C:\Programme\Gemeinsame Dateien\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe (SIEMENS AG)
SRV - (s7oiehsx) -- C:\Programme\Gemeinsame Dateien\Siemens\S7IEPG\s7oiehsx.exe (SIEMENS AG)
SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (s7asysvx) -- C:\Programme\Siemens\Step7\S7BIN\s7asysvx.exe (SIEMENS AG)
SRV - (almservice) -- C:\Programme\Gemeinsame Dateien\Siemens\SWS\almsrv\almsrvx.exe (SIEMENS AG)
SRV - (SCSMonitor) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\SCSMX.exe (SIEMENS AG)
SRV - (RedundancyState) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\RedundancyState.exe (SIEMENS AG)
SRV - (RedundancyControl) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\RedundancyControl.exe (SIEMENS AG)
SRV - (CCEServer) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCEServer.exe (SIEMENS AG)
SRV - (CCEClient) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCEClient.exe (SIEMENS AG)
SRV - (CCAgent) -- C:\Programme\Gemeinsame Dateien\Siemens\ace\bin\CCAgent.exe (SIEMENS AG)
SRV - (UA Local Discovery Server) -- C:\Programme\Gemeinsame Dateien\OPC Foundation\UA\v1.0\Bin\Opc.Ua.DiscoveryServer.exe (OPC Foundation)
SRV - (iplantevolution) -- C:\Programme\i-Plant Evolution\service\Wrapper.exe ()
SRV - (OpcEnum) -- C:\WINDOWS\system32\OpcEnum.exe (OPC Foundation)
SRV - (TW3GSVC) -- C:\Programme\Toshiba\3GUty\tw3gsvc.exe (TOSHIBA CORPORATION)
SRV - (TNaviSrv) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TPCHSrv) -- C:\Programme\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (Thpsrv) -- C:\WINDOWS\system32\ThpSrv.exe (TOSHIBA Corporation)
SRV - (UNS) -- C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\AMT\LMS.exe (Intel Corporation)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (Tmesrv) -- C:\Programme\TOSHIBA\TME3\Tmesrv31.exe (TOSHIBA)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (CFSvcs) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (InteractiveLogon) -- C:\WINDOWS\system32\Fast.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (NETwNx32) -- system32\DRIVERS\NETwNx32.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (GenericMount) -- system32\DRIVERS\GenericMount.sys File not found
DRV - (Changer) -- File not found
DRV - (ATSWPDRV) -- system32\DRIVERS\ATSwpDrv.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (afcdp) -- C:\WINDOWS\system32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman) -- C:\WINDOWS\system32\drivers\tdrpman.sys (Acronis)
DRV - (tib_mounter) -- C:\WINDOWS\system32\drivers\tib_mounter.sys (Acronis)
DRV - (vididr) -- C:\WINDOWS\system32\drivers\vididr.sys (Acronis)
DRV - (vidsflt) -- C:\WINDOWS\system32\drivers\vidsflt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (fltsrv) -- C:\WINDOWS\system32\drivers\fltsrv.sys (Acronis)
DRV - (s7ousbu32x) -- C:\WINDOWS\system32\drivers\s7ousbu32x.sys (SIEMENS AG)
DRV - (s7otsadx) -- C:\WINDOWS\system32\drivers\s7otsadx.sys (SIEMENS AG)
DRV - (s7otranx) -- C:\WINDOWS\system32\drivers\s7otranx.sys (SIEMENS AG)
DRV - (s7osmcax) -- C:\WINDOWS\system32\drivers\s7osmcax.sys (SIEMENS AG)
DRV - (s7oppinx) -- C:\WINDOWS\system32\drivers\s7oppinx.sys (SIEMENS AG)
DRV - (S7OPCMCX) -- C:\WINDOWS\system32\drivers\s7opcmcx.sys (SIEMENS AG)
DRV - (s7odpx2x) -- C:\WINDOWS\system32\drivers\s7odpx2x.sys (SIEMENS AG)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (SNTIE) -- C:\WINDOWS\system32\drivers\SNTIE.SYS (SIEMENS AG)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (s7sn2srtx) -- C:\WINDOWS\system32\drivers\s7sn2srtx.sys (SIEMENS AG)
DRV - (s7oupc2x) -- C:\WINDOWS\system32\drivers\s7oupc2x.sys (SIEMENS AG)
DRV - (cortkbdrtm) -- C:\WINDOWS\System32\drivers\CoRtKbdRTm.sys (Siemens AG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NPF_devolo) -- C:\WINDOWS\system32\drivers\npf_devolo.sys (CACE Technologies)
DRV - (hotcore3) -- C:\WINDOWS\system32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (dpmconv) -- C:\WINDOWS\system32\drivers\dpmconv.sys (SIEMENS AG)
DRV - (fwkbdrtm) -- C:\WINDOWS\System32\drivers\fwkbdrtm.sys (Siemens AG)
DRV - (S7opcsrtx) -- C:\WINDOWS\system32\drivers\s7opcsrtx.sys (SIEMENS AG)
DRV - (Dpmtrcdd) -- C:\WINDOWS\system32\drivers\dpmtrcdd.sys (SIEMENS AG)
DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (s7snsrtx) -- C:\WINDOWS\system32\drivers\s7snsrtx.sys (SIEMENS AG)
DRV - (vsnl2ada) -- C:\WINDOWS\system32\drivers\vsnl2ada.sys (SIEMENS AG)
DRV - (Ext2fs) -- C:\WINDOWS\system32\drivers\ext2fs.sys (Stephan Schreiber)
DRV - (IfsMount) -- C:\WINDOWS\system32\drivers\ifsmount.sys (Stephan Schreiber)
DRV - (toshgps) -- C:\WINDOWS\system32\drivers\toshgps.sys (Ericsson AB)
DRV - (toshunic) -- C:\WINDOWS\system32\drivers\toshunic.sys (MCCI Corporation)
DRV - (toshmdm2) -- C:\WINDOWS\system32\drivers\toshmdm2.sys (MCCI Corporation)
DRV - (toshmdm) -- C:\WINDOWS\system32\drivers\toshmdm.sys (MCCI Corporation)
DRV - (toshcard) -- C:\WINDOWS\system32\drivers\toshcard.sys (MCCI Corporation)
DRV - (toshbus) -- C:\WINDOWS\system32\drivers\toshbus.sys (MCCI Corporation)
DRV - (toshnd5) -- C:\WINDOWS\system32\drivers\toshnd5.sys (MCCI Corporation)
DRV - (toshmdfl2) -- C:\WINDOWS\system32\drivers\toshmdfl2.sys (MCCI Corporation)
DRV - (toshmdfl) -- C:\WINDOWS\system32\drivers\toshmdfl.sys (MCCI Corporation)
DRV - (Sony_EricssonWWSC) -- C:\WINDOWS\system32\drivers\toshscard.sys (Sony Ericsson)
DRV - (tos_sps32) -- C:\WINDOWS\system32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (TVALZFL) -- C:\WINDOWS\system32\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (e1yexpress) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (HECI) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Thpdrv) -- C:\WINDOWS\system32\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV - (guardian2) -- C:\WINDOWS\system32\drivers\oz776.sys (O2Micro)
DRV - (UVCFTR) -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Thpevm) -- C:\WINDOWS\system32\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (tdudf) -- C:\WINDOWS\system32\drivers\tdudf.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TEchoCan) -- C:\WINDOWS\system32\drivers\TEchoCan.sys (TOSHIBA Corporation)
DRV - (trudf) -- C:\WINDOWS\system32\drivers\trudf.sys (TOSHIBA Corporation)
DRV - (TVALZ) -- C:\WINDOWS\system32\drivers\TVALZ.SYS (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (dpmcslv) -- C:\WINDOWS\System32\drivers\dpmcslv.sys (Siemens AG)
DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (TMEI3E) -- C:\WINDOWS\system32\drivers\TMEI3E.sys (Toshiba Corporation)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (fwkbd) -- C:\WINDOWS\System32\drivers\FwKbd.sys ()
DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
DRV - (s7oefs_x) -- C:\WINDOWS\system32\drivers\s7oefs_x.sys (SIEMENS AG)
DRV - (c5511w2k) -- C:\WINDOWS\system32\drivers\c5511w2k.sys (Siemens AG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\ChatZum Toolbar\tbunst23.tmp\tbhelper.dll ()
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-59172816-853816874-2217139011-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-59172816-853816874-2217139011-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKU\S-1-5-21-59172816-853816874-2217139011-500\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\ChatZum Toolbar\tbunst23.tmp\tbhelper.dll ()
IE - HKU\S-1-5-21-59172816-853816874-2217139011-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Search Safer"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: {a95d8332-e4b4-6e7f-98ac-20b733364387}:0.6.3
FF - prefs.js..extensions.enabledAddons: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.4
FF - prefs.js..keyword.URL: "hxxp://utils.chatzum.com/?url="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@MagellanGPS.com/CommunicationPlugin: C:\Programme\Magellan\Magellan Communicator\npMgnPlg.dll (Magellan Navigation, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.04 20:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.04 20:59:48 | 000,000,000 | ---D | M]
[2011.04.27 21:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Extensions
[2012.12.17 23:18:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\extensions
[2012.12.01 13:53:49 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.05.28 19:54:03 | 000,056,640 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi
[2012.12.17 23:18:40 | 000,036,139 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.01.01 21:39:52 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\searchplugins\icqplugin.xml
[2012.09.23 14:59:34 | 000,000,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Mozilla\Firefox\Profiles\u7h9z2nz.default\searchplugins\search-safer.xml
[2012.11.04 20:59:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\BJöRN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\U7H9Z2NZ.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\BJöRN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\U7H9Z2NZ.DEFAULT\EXTENSIONS\{A95D8332-E4B4-6E7F-98AC-20B733364387}.XPI
[2012.11.04 20:59:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.25 19:14:29 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.24 16:52:24 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.25 19:14:29 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.25 19:14:29 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.25 19:14:29 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.25 19:14:29 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\11.0.696.71\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\11.0.696.71\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Programme\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Programme\Google\Chrome\Application\11.0.696.71\gears.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Adobe Acrobat (Disabled) = c:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TBSB09850 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\ChatZum Toolbar\tbunst23.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Programme\ChatZum Toolbar\tbunst23.tmp\tbcore3.dll ()
O3 - HKU\S-1-5-21-59172816-853816874-2217139011-1005\..\Toolbar\WebBrowser: (ChatZum Toolbar) - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Programme\ChatZum Toolbar\tbunst23.tmp\tbcore3.dll ()
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe ()
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [DDWMon] C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [DpUtil] C:\Programme\Toshiba\DualPointUtility\TEDTray.exe (TOSHIBA)
O4 - HKLM..\Run: [FastUser] C:\WINDOWS\system32\Fast.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [ITSecMng] C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [picon] C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [S7UB Start] C:\Programme\Gemeinsame Dateien\Siemens\S7ubtoox\s7ubtstx.exe (SIEMENS AG)
O4 - HKLM..\Run: [SiemensAutomationFileStorage] "C:\Programme\Siemens\Automation\Portal V11\Bin\Siemens.Automation.ObjectFrame.FileStorage.Server.exe" preload File not found
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartupDelayer] C:\Programme\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 Studios)
O4 - HKLM..\Run: [TAudEffect] C:\Programme\TOSHIBA\TAudEffect\TAudEff.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.)
O4 - HKLM..\Run: [ThpSrv] C:\WINDOWS\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Programme\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TMESRV.EXE] C:\Programme\TOSHIBA\TME3\TMESRV31.EXE (TOSHIBA)
O4 - HKLM..\Run: [topi] C:\Programme\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [TOSDCR] C:\WINDOWS\System32\TOSDCR.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TOSHIBA_3G_UTY] C:\Programme\Toshiba\3GUty\tw3gctrl.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinCC flexible Smart Start] C:\Programme\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe (SIEMENS AG)
O4 - HKU\S-1-5-21-59172816-853816874-2217139011-1005..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-59172816-853816874-2217139011-1005..\Run: [VantagePointLite.exe] C:\Programme\Magellan\VantagePoint\VPLite\VantagePoint Lite.exe (Magellan Navigation, Inc.)
O4 - HKU\S-1-5-21-59172816-853816874-2217139011-500..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\i-Plant Evolution Servicetool.lnk = C:\Programme\i-Plant Evolution\service\Notifier.exe (Langner Communications GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-59172816-853816874-2217139011-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-59172816-853816874-2217139011-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DB81CA2-1FDA-4BCA-A63A-D9EDEC316F09}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TosBtNP: DllName - (TosBtNP.dll) - C:\WINDOWS\System32\TosBtNP.dll (TOSHIBA CORPORATION)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Björn\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Björn\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.21 13:21:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.31 17:21:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Björn\Anwendungsdaten\Malwarebytes
[2013.01.31 17:21:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.01.31 17:21:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.01.31 17:21:09 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.01.31 17:21:09 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.01.27 14:43:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PDF24
[5 C:\Dokumente und Einstellungen\Björn\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Björn\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.31 22:58:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.01.31 22:54:19 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 17:21:10 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.31 17:12:48 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 17:12:46 | 000,189,645 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.01.31 17:12:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.30 17:07:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.30 17:07:39 | 2075,381,760 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.27 22:26:58 | 000,596,456 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.01.27 22:26:58 | 000,575,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.27 22:26:58 | 000,131,596 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.01.27 22:26:58 | 000,116,072 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.27 22:17:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.01.27 17:35:25 | 000,003,112 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js
[2013.01.27 17:35:24 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad
[2013.01.27 14:43:45 | 000,001,495 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF24 Editor.lnk
[2013.01.27 14:43:45 | 000,001,480 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF24 Fax.lnk
[2013.01.27 14:00:40 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.01.27 14:00:40 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.01.08 17:43:51 | 000,329,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.06 23:27:37 | 000,007,144 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.06 06:33:34 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[5 C:\Dokumente und Einstellungen\Björn\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Björn\Eigene Dateien\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.31 17:21:10 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.27 17:35:25 | 000,003,112 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.js
[2013.01.27 17:35:22 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0tbpw.pad
[2013.01.27 14:43:45 | 000,001,495 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF24 Editor.lnk
[2013.01.27 14:43:45 | 000,001,480 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PDF24 Fax.lnk
[2012.11.29 16:04:05 | 000,007,144 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.11.05 03:35:09 | 000,327,322 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-59172816-853816874-2217139011-1005-0.dat
[2012.11.05 03:35:08 | 000,327,322 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.08.19 15:19:36 | 000,000,038 | ---- | C] () -- C:\WINDOWS\s7hirtex.INI
[2012.07.16 15:52:12 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Björn\advanced_ip_scanner_MAC.bin
[2012.06.22 16:50:51 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012.06.11 18:57:42 | 000,616,380 | ---- | C] () -- C:\WINDOWS\System32\drivers\fw_5612.bin
[2012.05.25 13:29:34 | 000,028,968 | ---- | C] () -- C:\WINDOWS\System32\ep5612j.dll
[2012.05.07 19:37:14 | 000,628,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\fw_5711n.bin
[2012.03.30 13:22:16 | 000,410,960 | ---- | C] () -- C:\WINDOWS\System32\sn_regbase.dll
[2012.03.07 22:50:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2012.02.15 21:28:51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.10 21:45:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.09.23 15:53:03 | 000,000,930 | ---- | C] () -- C:\WINDOWS\editrex2.INI
[2011.09.20 18:12:02 | 000,000,060 | ---- | C] () -- C:\WINDOWS\HILL.INI
[2011.09.18 19:46:34 | 000,002,858 | ---- | C] () -- C:\Dokumente und Einstellungen\Björn\FileOut.gpx
[2011.06.27 21:56:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2011.06.13 17:36:20 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Björn\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.10 08:10:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\s7fptp_x.INI
[2011.05.08 13:07:17 | 000,000,156 | ---- | C] () -- C:\WINDOWS\HmiSRT.ini
[2011.05.03 20:38:37 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.04.27 22:16:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FwSim.INI
[2011.04.27 22:13:31 | 000,104,633 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwDH485.sys
[2011.04.27 22:13:30 | 000,032,768 | ---- | C] () -- C:\WINDOWS\fwkbd.exe
[2011.04.27 22:13:30 | 000,002,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\FwKbd.sys
[2011.04.27 22:13:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\ptuninst.exe
[2011.04.27 21:31:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.27 21:17:34 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Björn\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2008.07.21 13:24:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.12.19 09:53:33 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- --- |