Liste der Anhänge anzeigen (Anzahl: 1) Hi! zu 1. Code:
All processes killed
========== OTL ==========
Prefs.js: "hxxp://search.babylon.com/?babsrc=SP_&q={searchTerms}&mntrId=828709ba0000000000000024d29e9bf1&tlver=1.4.35.10&" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\icqplugin.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cfFncEnabler.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\jswtrayutil deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Spybot-S&D Cleaning deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TOSCDSPD deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ not found.
C:\Programme\Spybot - Search & Destroy\SDHelper.dll moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c819a1f-1f36-11e0-8ac3-001e33cff7e0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c819a1f-1f36-11e0-8ac3-001e33cff7e0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c819a1f-1f36-11e0-8ac3-001e33cff7e0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c819a1f-1f36-11e0-8ac3-001e33cff7e0}\ not found.
File H:\LaunchU3.exe -a not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3178852787-3554339108-3282068971-1000UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3178852787-3554339108-3282068971-1000Core.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B5793894-E78D-4AE4-A5F9-D488211A2A7B}C:\program files\emule\emule.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D21F6919-84A7-4948-89B7-3E177D3BC7B0}C:\program files\emule\emule.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6104B70B-77F3-4F26-A6AD-0B57106CB8CC}C:\program files\emule\emule.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC046933-3444-44D3-B5D0-D883F0CFA85A}C:\program files\emule\emule.exe deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Toshiba
->Temp folder emptied: 154028500 bytes
->Temporary Internet Files folder emptied: 524521267 bytes
->Java cache emptied: 2101205 bytes
->FireFox cache emptied: 228950708 bytes
->Flash cache emptied: 277948 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1151431 bytes
RecycleBin emptied: 2201054761 bytes
Total Files Cleaned = 2.968,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 12062011_202927
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
zu 2.
OTL: Code:
OTL logfile created on: 06.12.2011 20:37:54 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Toshiba\Desktop\SCan
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,87 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 56,43% Memory free
5,94 Gb Paging File | 4,72 Gb Available in Paging File | 79,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,41 Gb Total Space | 85,97 Gb Free Space | 57,54% Space Free | Partition Type: NTFS
Drive E: | 147,21 Gb Total Space | 141,77 Gb Free Space | 96,31% Space Free | Partition Type: NTFS
Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.01 20:13:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Desktop\SCan\OTL.exe
PRC - [2011.11.24 18:01:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.06.14 20:05:57 | 000,244,224 | ---- | M] (AxoNet Software GmbH) -- C:\Programme\Windows Home Server\LightsOutClientGUI.exe
PRC - [2011.06.14 20:05:44 | 000,057,856 | ---- | M] (AxoNet Software GmbH) -- C:\Programme\Windows Home Server\LightsOutClientService.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011.01.10 12:45:48 | 000,239,472 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
PRC - [2011.01.10 12:43:50 | 000,608,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\WHSTrayApp.exe
PRC - [2011.01.10 12:43:46 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\WHSConnector.exe
PRC - [2011.01.10 12:43:46 | 000,097,136 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Home Server\esClient.exe
PRC - [2010.10.26 14:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe
PRC - [2010.08.22 14:49:10 | 012,317,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2010.06.23 17:17:12 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2009.04.11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.26 14:22:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008.08.25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008.07.18 19:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.04.16 23:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008.04.08 14:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.06 13:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.17 15:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007.11.21 16:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.03.21 17:50:10 | 000,163,840 | ---- | M] (Syntek Ltd.) -- C:\Windows\STK02N\STK02NM.exe
PRC - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.24 18:01:11 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.10.12 19:52:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll
MOD - [2011.10.12 19:52:09 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll
MOD - [2011.10.12 18:49:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011.10.11 21:21:19 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.11 21:21:00 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.11 21:20:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.11 21:20:36 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\96db6f1747ad1db24b0bd0bb62edae39\System.Data.ni.dll
MOD - [2011.10.11 21:19:32 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.11 21:19:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009.03.30 05:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.06.14 20:05:44 | 000,057,856 | ---- | M] (AxoNet Software GmbH) [Auto | Running] -- C:\Program Files\Windows Home Server\LightsOutClientService.exe -- (LoClntService)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.01.10 12:45:48 | 000,239,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV - [2011.01.10 12:43:46 | 000,376,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Home Server\WHSConnector.exe -- (WHSConnector)
SRV - [2011.01.10 12:43:46 | 000,097,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Home Server\esClient.exe -- (esClient)
SRV - [2010.10.26 14:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.11.04 02:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2008.08.25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008.07.18 19:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.04.16 23:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008.04.16 14:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Programme\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008.02.06 13:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.11.21 16:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Running] -- -- (MpKsl1efd65d5)
DRV - [2011.12.06 20:35:41 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{763AACD4-F370-437A-BF76-FAD52624EA2A}\MpKsl6256f1fd.sys -- (MpKsl6256f1fd)
DRV - [2011.05.18 09:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 09:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 09:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 09:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.05.18 09:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.05.18 09:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.11.04 02:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.29 04:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.07.18 17:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008.07.15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008.04.28 15:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.03.12 13:25:24 | 000,101,520 | ---- | M] (Syntek Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\STK02NW2.sys -- (DCamUSBSTK02N)
DRV - [2006.11.20 13:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.11.02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.10.18 10:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.01.23 15:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.04 11:05:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.17 15:19:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.20 15:44:30 | 000,000,000 | ---D | M]
[2011.01.13 18:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Extensions
[2011.11.27 23:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\a4ecf69t.default\extensions
[2011.10.17 15:19:08 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\a4ecf69t.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.01.16 13:30:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\a4ecf69t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.24 21:20:17 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\a4ecf69t.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2011.10.17 15:25:11 | 000,002,354 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\aol-web-search.xml
[2011.12.03 13:49:40 | 000,000,950 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\icqplugin-1.xml
[2011.10.04 16:47:58 | 000,002,966 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\preisvergleich.xml
[2011.09.29 20:57:29 | 000,004,140 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\a4ecf69t.default\searchplugins\youtube.xml
[2011.11.24 18:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.19 07:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A4ECF69T.DEFAULT\EXTENSIONS\CANITBECHEAPER@TRAFFICBROKER.CO.UK.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A4ECF69T.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011.11.24 18:01:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.10.09 09:16:19 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.09 09:16:19 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.09 09:16:19 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.09 09:16:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
Hosts file not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\E-Mail - Verknüpfung.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F423C37-5272-4536-8314-2FD9E60A4B89}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C99F592D-23E0-45F4-B342-22D4FF6139CC}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.06 20:29:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.04 11:09:00 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.04 11:09:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.04 11:08:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.04 11:08:59 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.04 11:08:59 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.04 11:08:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.04 11:08:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.04 11:08:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.04 11:08:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.04 11:08:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.04 11:08:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.04 11:08:58 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.04 11:08:58 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.04 11:08:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.04 11:08:58 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.04 11:08:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.04 11:08:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.04 11:08:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.04 11:08:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.04 11:08:57 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.04 11:08:57 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.04 11:08:57 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.04 11:08:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.04 11:08:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.04 11:08:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.04 11:08:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.04 11:08:56 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.04 11:08:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.04 11:08:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.04 11:08:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.04 11:08:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.04 11:08:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.04 11:08:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.04 11:08:56 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.04 11:08:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.04 11:08:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.04 11:08:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.04 10:23:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.12.04 10:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.12.03 15:23:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
[2011.12.03 14:07:32 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.12.03 10:47:09 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.12.02 23:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.12.02 23:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.02 19:53:52 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\SCan
[2011.12.02 19:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.12.02 19:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.11.30 21:49:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes
[2011.11.30 21:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.30 21:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.30 21:48:26 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.30 21:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.30 19:10:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.11.30 18:35:21 | 000,000,000 | ---D | C] -- C:\SpybotBootCD
[2011.11.29 18:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.11.29 18:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2011.11.19 07:10:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.11.19 07:10:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.11.19 07:10:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.11.16 20:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.11.10 17:00:33 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Winamp Toolbar
========== Files - Modified Within 30 Days ==========
[2011.12.06 20:39:32 | 000,634,342 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.06 20:39:32 | 000,601,000 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.06 20:39:32 | 000,128,472 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.06 20:39:32 | 000,105,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.06 20:34:48 | 000,002,399 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Home Server.lnk
[2011.12.06 20:32:36 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 20:32:36 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 20:32:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.06 20:31:54 | 3080,736,768 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.04 22:35:01 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.12.04 11:09:07 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.12.04 11:09:07 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.12.04 11:09:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.12.04 11:09:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.12.04 11:08:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.12.04 11:08:59 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.12.04 11:08:59 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.12.04 11:08:59 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.12.04 11:08:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.12.04 11:08:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.12.04 11:08:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.12.04 11:08:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.12.04 11:08:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.12.04 11:08:58 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.12.04 11:08:58 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.12.04 11:08:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.12.04 11:08:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.12.04 11:08:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.12.04 11:08:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.12.04 11:08:58 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.12.04 11:08:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.12.04 11:08:57 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.12.04 11:08:57 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.12.04 11:08:57 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.12.04 11:08:57 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.12.04 11:08:57 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.12.04 11:08:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.12.04 11:08:57 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.12.04 11:08:57 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.12.04 11:08:56 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.12.04 11:08:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.12.04 11:08:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.12.04 11:08:56 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.12.04 11:08:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.12.04 11:08:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.12.04 11:08:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.12.04 11:08:56 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.12.04 11:08:56 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.12.04 11:08:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.12.04 11:08:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.12.04 10:23:31 | 000,002,527 | ---- | M] () -- C:\Users\Toshiba\Desktop\HiJackThis.lnk
[2011.12.02 19:58:25 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2011.12.01 20:17:18 | 000,000,000 | ---- | M] () -- C:\Users\Toshiba\defogger_reenable
[2011.11.30 20:39:00 | 000,321,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.30 19:10:43 | 331,585,915 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.11.29 22:10:07 | 000,057,856 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.28 19:48:40 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.20 23:44:40 | 134,217,728 | ---- | M] () -- C:\Users\Toshiba\Desktop\Time_Hollow.nds
========== Files Created - No Company Name ==========
[2011.12.04 11:08:58 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.12.04 10:23:15 | 000,002,527 | ---- | C] () -- C:\Users\Toshiba\Desktop\HiJackThis.lnk
[2011.12.02 19:58:25 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2011.12.01 20:17:18 | 000,000,000 | ---- | C] () -- C:\Users\Toshiba\defogger_reenable
[2011.11.30 19:10:43 | 331,585,915 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.11.18 20:50:22 | 134,217,728 | ---- | C] () -- C:\Users\Toshiba\Desktop\Time_Hollow.nds
[2011.10.20 00:27:19 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.10.19 21:19:06 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.10.19 21:16:51 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2011.03.12 19:24:41 | 000,057,856 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.14 17:54:52 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.14 17:54:52 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.01.13 19:44:29 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.01.12 23:59:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.07.06 09:42:45 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2010.07.06 09:42:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2010.07.06 09:42:45 | 000,009,480 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2010.07.06 09:42:45 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009.12.03 08:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2008.08.11 15:09:58 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.08.11 15:09:58 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.08.11 15:09:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.08.11 15:09:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.08.11 15:09:58 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.08.11 15:09:58 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.08.11 15:01:25 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008.08.11 14:46:57 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008.08.11 14:46:57 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008.08.11 14:46:55 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.08.11 14:46:54 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008.08.11 14:00:09 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.01.21 08:15:58 | 000,634,342 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,128,472 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.12.09 04:54:38 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,321,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,601,000 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,105,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2011.08.21 16:45:47 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\fotofotoSoftware
[2011.07.29 11:48:55 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\ICQ
[2011.02.03 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\IrfanView
[2011.11.10 22:17:45 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Nokia
[2011.03.26 11:44:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Nokia Ovi Suite
[2011.01.23 15:56:25 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\PC Suite
[2011.04.03 21:47:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2011.05.01 09:01:30 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Windows Home Server
[2011.12.06 20:30:58 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\Program Files\Windows Home Server:{4D006700-7700-7900-7200-460069007300}
< End of report >
Extra: Code:
OTL Extras logfile created on: 06.12.2011 20:37:54 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Toshiba\Desktop\SCan
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,87 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 56,43% Memory free
5,94 Gb Paging File | 4,72 Gb Available in Paging File | 79,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,41 Gb Total Space | 85,97 Gb Free Space | 57,54% Space Free | Partition Type: NTFS
Drive E: | 147,21 Gb Total Space | 141,77 Gb Free Space | 96,31% Space Free | Partition Type: NTFS
Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DFBC474-5F46-4140-874D-015C57DEE933}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{224C751D-C0FC-49DB-A94B-1078655F8762}" = lport=56000 | protocol=6 | dir=in | name=tcp 56000 |
"{31FD1B61-8476-4F6B-8030-9F59FF2FB2A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{321CE147-0518-4598-BB28-7EE3C1D5D8C3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{36BDB386-4263-41C0-8DC5-234B7ADF9E43}" = lport=1138 | protocol=6 | dir=in | name=transport tcp 1138 |
"{3EF364BC-4068-481F-8053-BC308F799A8E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48ECDF5F-AF8B-4B34-9F88-69F2881AEA03}" = lport=8912 | protocol=6 | dir=in | name=acer hsra tcp |
"{4EA33CB7-DDD2-491D-8065-4D895D558DE1}" = lport=8912 | protocol=17 | dir=in | name=acer hsra udp |
"{53F06326-E759-4590-B972-C1AEAB7C9CE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62217852-48C6-4B7E-AEFF-32B6AD0F897A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7A72FA4F-5B23-46BB-89A1-2F2F21A4348A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7AFC267B-EACB-49F5-944F-4AB2B8811EF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{85B59043-EE97-4EE3-99DA-BD6C98E03C45}" = rport=139 | protocol=6 | dir=out | app=system |
"{880D69E8-6C3A-495A-9FAE-4020341E1F53}" = rport=10243 | protocol=6 | dir=out | app=system |
"{88370B5C-2198-49CA-A45B-00EE03767AEC}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B85B041-FC06-4919-8A74-9995E0F53F82}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{935EA94C-262D-4102-93A2-ABD4529A6CB8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{952C8DF0-15F4-4B80-A1B7-233DBB1DEEB4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A53F97DE-3BE4-4163-ACE0-3FDC070CCD31}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A599A5C6-47B2-4A08-854C-990EEDDCFD4F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADCC2561-3215-4AA3-9EBE-648C0E763C7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B57BA05E-8E06-4E5D-8C6A-7C09B08191F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCAE50D1-0F96-4CAE-B799-EC855EAC9B58}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C39297F0-01AA-44FC-98FB-7747FAC8FA4D}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5C9EF23-9FD5-4A3F-A433-A3414E3AA3AC}" = rport=445 | protocol=6 | dir=out | app=system |
"{D09D31F5-5E00-4793-BF5B-4EF1E2664969}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D376DCA2-AE42-44C9-AD31-0C9C9481A842}" = lport=138 | protocol=17 | dir=in | app=system |
"{D664CE48-BEE8-41C9-AF74-BFDF390E04F9}" = lport=55000 | protocol=6 | dir=in | name=tcp 55000 |
"{E429DF69-A996-419B-A009-F9CE02F001EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAE3E43A-F8B1-46EA-80AB-C25176F4AE36}" = rport=138 | protocol=17 | dir=out | app=system |
"{F6F7B72C-1EDB-4FEB-92CD-3318D818ED96}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FACE101B-CB9D-4CDE-A7E0-A1FA8EE0EC6A}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049A79FD-46B1-4317-AED1-26AF424A00BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{08DFCFD6-CFE1-4716-968C-7564DF09CA64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0FE1D884-4107-4DE4-9C5D-61703C0AB1B3}" = protocol=17 | dir=in | app=c:\program files\windows home server\discovery.exe |
"{152963BD-134B-45C9-8B74-3194B3866CA3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{1B1A4A06-690D-4615-9964-64D740FBEED2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1FF8E7FA-6C71-48C0-854F-0E2E0CB52194}" = protocol=6 | dir=in | app=f:\acer_serverrecovery_utility.exe |
"{31458054-17EE-4BD2-A234-A888E9EB2B82}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{354F7A5D-B463-44F8-B4D4-00385ECE5D40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3D12C25A-3EAD-4A3B-9D28-218FE8A4B452}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{4A929108-81E4-442E-94B4-11AC57EACE53}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{4AB84A85-AED9-4001-8079-74D9A8D04871}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D984CD4-37F6-42DA-A7C8-5510A4C513ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63CEE630-97F4-482B-844B-790B2DA2458E}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{782FB6C4-2CE8-4EF4-B71C-DAC2083E6FCE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84D82842-62E5-4BD9-A97C-64A27534F474}" = protocol=6 | dir=out | app=system |
"{901E4AD2-D75D-4092-9845-8D788113079C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{96BD28AD-0545-4475-9B5E-91CD971F3379}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{973854CD-DF16-4006-8378-5293C9BE0116}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A603BA8-2F18-4E24-B216-7FBE904DAC60}" = dir=in | app=c:\users\toshiba\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{AA3FB517-2645-4D24-BD2A-FF675CCCB942}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AFDF5297-1D35-46C7-AB87-D1F3230D8714}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6E9BD8C-4DC4-4057-994D-C4B596B238B3}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{B815CA39-C407-4E3D-BC81-4E00199D3D30}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{BB5D5A0F-BFE6-4599-859A-AA5972C67ECC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C4194684-089C-449A-8C19-25DDD0C0DEBE}" = protocol=6 | dir=in | app=c:\program files\windows home server\discovery.exe |
"{C71668B9-5B91-41EF-B2F7-8D83A3C55F48}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{CE7E7030-674D-4637-9BDB-12A63863DB1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF6034CD-317B-4DD2-80BE-2D8600680F59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D34F3D41-F2B4-49D2-BDD0-6C60BE9BA069}" = protocol=17 | dir=in | app=f:\acer_serverrecovery_utility.exe |
"{D35517F6-AA64-4480-8337-6DF23BFFF395}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{25339E9D-5A81-4D5E-B664-26925CE0554B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{4B5C541D-475A-4D3A-8039-E96A5C81E2BE}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6A995EEE-B94D-4085-9908-C105B80D816C}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{75EDE074-9D9A-4C5E-BE03-A316906FCAAC}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{CF1D2F81-F457-4EC0-95E6-E74E02B6451D}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{E5F01D50-703F-492D-A01A-B19EFD3A700E}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{E72342AE-19DD-4858-88B1-C32B5AACEB33}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{EFD1E86F-AD9D-41AA-B07A-CF890FC9E885}C:\program files\nero\nero8\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero showtime\showtime.exe |
"TCP Query User{F8BF7938-D675-473A-968D-1AD0CF7BB436}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{426BD1FD-242A-4A37-BD69-6554D2BCEF35}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"UDP Query User{4A3889BC-B674-4591-AD38-ACF3875F11BA}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{6FB94AA0-BEE0-48FB-A501-F164253CD377}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{7990E138-CE3D-4CEF-AB6B-B9C6255D3D03}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{87C60C38-02A2-498D-B23C-634716CC9AC4}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{96BA55CD-4F0E-46D5-84A0-3304067E0928}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B6871F75-B3A9-451F-B0C7-25194424794B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{D18DD614-AF85-4116-9EA3-B83BF5EBF1F7}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{DCC80224-CF5A-4B41-BA04-5938212986B8}C:\program files\nero\nero8\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero showtime\showtime.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0D8E81A5-B61C-4360-910C-A738FD1B220A}" = Toshiba TEMPRO
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server-Connector
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3714B980-2324-3E8C-F87C-1D118558C4E9}" = fotofoto Software
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{692F4201-AB4C-4795-9F42-123F0601F8B7}" = LightsOut Client
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}" = Nero 8
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}" = STK02N 2.0
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AudibleManager" = AudibleManager
"Body Fat Scale_is1" = Body Fat Scale 1.0
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8)
"eMule" = eMule
"fotofotoSoftware" = fotofoto Software
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"LightsOut Client" = LightsOut Client
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"myphotobook" = myphotobook 3.6
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Picasa2" = Picasa 2
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Abenteuer Pferdecamp" = Abenteuer Pferdecamp
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Winamp Toolbar" = Winamp Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.11.2011 18:37:20 | Computer Name = Toshiba-PC | Source = Google Update | ID = 20
Description =
Error - 30.11.2011 18:46:48 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.11.2011 19:01:48 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.11.2011 19:44:36 | Computer Name = Toshiba-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tdy6xgmv.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, fehlerhaftes Modul tdy6xgmv.exe, Version 1.0.15.15641, Zeitstempel
0x4e21f2b1, Ausnahmecode 0xc0000005, Fehleroffset 0x0000c676, Prozess-ID 0xcbec,
Anwendungsstartzeit 01ccafb98e60c795.
Error - 01.12.2011 12:45:13 | Computer Name = Toshiba-PC | Source = Perflib | ID = 1010
Description =
Error - 01.12.2011 13:55:59 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.12.2011 14:31:47 | Computer Name = Toshiba-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 724 Anfangszeit: 01ccb052783ab331 Zeitpunkt
der Beendigung: 60
Error - 01.12.2011 14:50:31 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.12.2011 15:22:15 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.12.2011 14:43:07 | Computer Name = Toshiba-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 23.01.2011 14:19:30 | Computer Name = Toshiba-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 30.01.2011 13:57:03 | Computer Name = Toshiba-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%886 Fehlercode:
0x8007042c Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe
konnte nicht gestartet werden. Ursache: %%892
Error - 30.01.2011 13:57:21 | Computer Name = Toshiba-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%886 Fehlercode:
0x8007042c Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe
konnte nicht gestartet werden. Ursache: %%892
Error - 30.01.2011 14:08:57 | Computer Name = Toshiba-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%886 Fehlercode:
0x8007042c Fehlerbeschreibung: Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe
konnte nicht gestartet werden. Ursache: %%892
Error - 02.02.2011 17:01:26 | Computer Name = Toshiba-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen. Neue Signaturversion:
Vorherige Signaturversion: 1.97.840.0 Aktualisierungsquelle: %%859 Aktualisierungsstufe:
%%854 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.6502.0 Fehlercode:
0x80070643 Fehlerbeschreibung: Schwerwiegender Fehler bei der Installation.
Error - 02.02.2011 17:02:39 | Computer Name = Toshiba-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 10.02.2011 14:09:45 | Computer Name = Toshiba-PC | Source = DCOM | ID = 10005
Description =
Error - 10.02.2011 14:09:45 | Computer Name = Toshiba-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 10.02.2011 14:09:45 | Computer Name = Toshiba-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 09.03.2011 17:45:33 | Computer Name = Toshiba-PC | Source = DCOM | ID = 10010
Description =
< End of report >
zu 3.
Habe ich gemacht! zu 4. Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 12/06/2011 at 10:56 PM
Application Version : 5.0.1136
Core Rules Database Version : 8020
Trace Rules Database Version: 5832
Scan type : Complete Scan
Total Scan Time : 01:47:16
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator
Memory items scanned : 724
Memory threats detected : 0
Registry items scanned : 38157
Registry threats detected : 0
File items scanned : 36953
File threats detected : 6
Adware.Tracking Cookie
media.mtvnservices.com [ C:\WINDOWS\$NTUNINSTALLKB17282$\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
objects.tremormedia.com [ C:\WINDOWS\$NTUNINSTALLKB17282$\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
servestats.com [ C:\WINDOWS\$NTUNINSTALLKB17282$\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
servestats.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\BXRAGM36 ]
zu 5. (Esset Online Scanner)
Habe ich gemacht! Nix gefunden! Auch die Netzlaufwerke auf dem WHS
wurden gescannt!
Aktueller Zustand! Die Windoof Firewall lässt sich immer noch nicht starten! (siehe Anhang):balla:
Sonst sieht wieder alles sehr gut aus!!!:applaus:
Gruß,
Sammii |
