JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Joachim on 01.06.2013 at 16:04:23,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A0A872AF-E2C2-4CD1-B3B1-B6616104B595}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\jetpack
Emptied folder: C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\minidumps [173 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.06.2013 at 16:08:06,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ZOEK: Code:
Zoek.exe Version 4.0.0.2 Updated 31-May-2013
Tool run by Joachim on 01.06.2013 at 16:09:41,32.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Creating Sample__1612.zip ======================
Copied file C:\Users\Joachim\setup_Mein_CEWE_FOTOBUCH.exe to sample
sample\setup_Mein_CEWE_FOTOBUCH.exe renamed to 0CFFCFD944D88828EF0841B45B740C7F
C:\Users\Public\Desktop\sample__1612.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{53707962-6F74-2D53-2644-206D7942484F} deleted successfully
HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{53707962-6F74-2D53-2644-206D7942484F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== FireFox Fix ======================
ProfilePath: C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\4mk1y8tf.default
user.js not found
---- Lines conduit removed from prefs.js ----
---- Lines conduit modified from prefs.js ----
user_pref("extensions.enabledItems", "{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51,2020Player@2020Technologies.com:5.0.4.0,engine@conduit.com:3.3.3.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");
---- FireFox user.js and prefs.js backups ----
prefs__1613_.backup
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\Tasks\Desk 365 RunAsStdUser deleted successfully
==== Deleting Files \ Folders ======================
"C:\Windows\System32\Tasks\Desk 365 RunAsStdUser" not found
"C:\Users\All Users\PrintProjects\ContentMan.dll" deleted
"C:\Users\All Users\PrintProjects\npRLViewer.dll" deleted
"C:\Users\All Users\PrintProjects\RLPNUpload.dll" deleted
"C:\Users\All Users\PrintProjects\RocketEngine.dll" deleted
"C:\Users\All Users\Vista32\EBLib.dll" deleted
"C:\Users\All Users\Vista64\EBLib.dll" deleted
"C:\Users\All Users\XP\EBLib.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\AppInfo.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CORE_RL_Magick++_.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CORE_RL_magick_.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CORE_RL_wand_.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWAPM0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWAssistant0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWCore0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWCustomer0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWFoto0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWFotoschauDLL0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWGUIWidgets0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWImageLoader0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWImageProcessing0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWImageProcessingGUI0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWNetworking0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWNetworkingXTCI0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWPriceListDialog0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWProductBase0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWProductProperties0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWStartScreen0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\CWXML0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\exiv2.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\Face.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\fpxjpeg.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\IccProfLib0.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\libeay32.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\libexpat.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\libhunspell.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\PerfectlyClearComprehensive.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\PerfectlyClearCore.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\phonon4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1020.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1120.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1220.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1320.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1420.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1520.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1620.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn1820.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn20.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn20n.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn2220.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn2320.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn2720.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn2920.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn4620.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn4720.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn4820.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn4920.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn5020.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn5120.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn5520.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn5820.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn5920.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn6620.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn6720.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn6820.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn6920.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn7220.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn7320.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8020.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8120.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8220.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8320.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8420.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8520.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8820.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn8920.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn9220.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\picn9320.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtCore4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtGui4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtNetwork4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtOpenGL4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtSvg4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtWebKit4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\QtXml4.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\RecDev.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\RedEye.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\safpx.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\SAFPXLB.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\ssleay32.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\wnaspi32.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\zlib1.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\_ISource30.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\_SAFPX10.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\_SAJ2K10.dll" deleted
"C:\Users\Joachim\Mein CEWE FOTOBUCH\_SARAW10.dll" deleted
"C:\Users\Joachim\setup_Mein_CEWE_FOTOBUCH.exe" deleted
"C:\Users\Joachim\ChromeExtensions" deleted
"C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\4mk1y8tf.default\jetpack" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\4mk1y8tf.default
- Visualisateur 3D de 20-20 - %ProfilePath%\extensions\2020Player@2020Technologies.com
- Amazon-Icon - %ProfilePath%\extensions\amazon-icon@winload.de
- Spartipps von SparPilot.com - %ProfilePath%\extensions\sparpilot@sparpilot.com
- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\4mk1y8tf.default
7ABE33792F2787D599B6963E71B9E8CD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash
AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.70.11
566439A13C0769D8117FC003E84DF383 - C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\4mk1y8tf.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll - 20-20 3D Viewer
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkcedibhemacmilmkpndpkoidlnmgngg - C:\Users\Joachim\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx[]
YouTube - Joachim - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://www.google.com"
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://www.google.com"
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{019CFA91-2EF4-44AB-972D-92AF2531A251} Amazon Url="hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{7C724DBA-E970-4F0E-AD87-7BB4CD9C78C3} eBay Url="hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joachim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joachim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Joachim\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Joachim\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\users\Joachim\AppData\Local\Mozilla\Firefox\Profiles\4mk1y8tf.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Joachim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Joachim\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 01.06.2013 at 16:17:18,80 ====================== OTL: Code:
OTL logfile created on: 01.06.2013 16:21:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joachim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,60% Memory free
7,73 Gb Paging File | 6,21 Gb Available in Paging File | 80,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 47,50 Gb Free Space | 31,87% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 136,73 Gb Free Space | 91,98% Space Free | Partition Type: NTFS
Computer Name: JOACHIM-TOSH | User Name: Joachim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.06.01 16:20:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joachim\Desktop\OTL.exe
PRC - [2013.05.10 09:31:34 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.30 18:04:24 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.30 18:04:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.10.19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012.10.15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2009.10.28 11:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2009.09.08 23:56:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013.05.18 16:52:20 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.14 21:02:41 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.30 18:04:24 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.30 18:04:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.28 19:09:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012.10.15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.10 13:54:54 | 000,824,688 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.11.05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.11.05 10:19:12 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.10.27 20:12:14 | 000,252,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.10.15 17:49:56 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2009.10.06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.09.28 14:46:02 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.30 18:04:27 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.30 18:04:27 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.30 18:04:27 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.01.15 13:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.05 23:15:40 | 000,291,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.10.15 20:11:26 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.10.02 13:33:48 | 000,946,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.09.22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.09 00:31:52 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.24 15:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.20 18:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV - [2011.04.16 22:09:51 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2009.09.22 17:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..\SearchScopes\{019CFA91-2EF4-44AB-972D-92AF2531A251}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..\SearchScopes\{7C724DBA-E970-4F0E-AD87-7BB4CD9C78C3}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: 2020Player%402020Technologies.com:5.0.4.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: amazon-icon%40winload.de:1.0
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0
FF - prefs.js..extensions.enabledItems: engine@disabled.com:3.3.3.2
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.18 16:52:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.18 16:52:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.18 16:52:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.18 16:52:16 | 000,000,000 | ---D | M]
[2010.08.28 05:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joachim\AppData\Roaming\mozilla\Extensions
[2013.05.28 20:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joachim\AppData\Roaming\mozilla\Firefox\Profiles\4mk1y8tf.default\extensions
[2012.11.30 18:43:54 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Joachim\AppData\Roaming\mozilla\Firefox\Profiles\4mk1y8tf.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.03.06 18:37:25 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Joachim\AppData\Roaming\mozilla\Firefox\Profiles\4mk1y8tf.default\extensions\2020Player@2020Technologies.com
[2013.05.14 10:53:26 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\Joachim\AppData\Roaming\mozilla\Firefox\Profiles\4mk1y8tf.default\extensions\amazon-icon@winload.de
[2013.05.14 10:53:20 | 000,000,000 | ---D | M] (Spartipps von SparPilot.com) -- C:\Users\Joachim\AppData\Roaming\mozilla\Firefox\Profiles\4mk1y8tf.default\extensions\sparpilot@sparpilot.com
[2013.05.25 17:44:24 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\extensions\toolbar@web.de.xpi
[2013.05.25 17:44:26 | 000,002,418 | ---- | M] () -- C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\searchplugins\englische-ergebnisse.xml
[2013.05.25 17:44:26 | 000,010,701 | ---- | M] () -- C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\searchplugins\gmx-suche.xml
[2013.05.25 17:44:26 | 000,002,432 | ---- | M] () -- C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\searchplugins\lastminute.xml
[2013.05.25 17:44:26 | 000,005,682 | ---- | M] () -- C:\Users\Joachim\AppData\Roaming\mozilla\firefox\profiles\4mk1y8tf.default\searchplugins\webde-suche.xml
[2013.05.18 16:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.18 16:52:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - Extension: YouTube = C:\Users\Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-2316785790-3983578854-3728904588-1000\..Trusted Ranges: Range1 ([*] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48EC04C8-8D13-408D-83BE-06395F61E96E}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE02156B-AD7D-4F4A-8D30-F8B9D6A32CB2}: DhcpNameServer = 192.168.13.65
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{783ab164-b7ff-11df-ace3-705ab6b860cc}\Shell - "" = AutoRun
O33 - MountPoints2\{783ab164-b7ff-11df-ace3-705ab6b860cc}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{86E4D9E7-5085-4CB3-AE29-4CFD782E79DB} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk - C:\PROGRA~2\HEWLET~1\DIGITA~1\bin\hpotdd01.exe - (Hewlett-Packard)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Joachim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zahlungserinnerung.lnk - C:\wzed.exe - ()
MsConfig:64bit - StartUpReg: 00TCrdMain - hkey= - key= - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: avgnt - hkey= - key= - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
MsConfig:64bit - StartUpReg: Conime - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Desk 365 - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: EKStatusMonitor - hkey= - key= - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: HSON - hkey= - key= - C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: HWSetup - hkey= - key= - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
MsConfig:64bit - StartUpReg: KeNotify - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
MsConfig:64bit - StartUpReg: Logitech Download Assistant - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SmartFaceVWatcher - hkey= - key= - C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: SmoothView - hkey= - key= - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SVPWUTIL - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
MsConfig:64bit - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MsConfig:64bit - StartUpReg: Teco - hkey= - key= - C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TOSHIBA Online Product Information - hkey= - key= - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
MsConfig:64bit - StartUpReg: Toshiba Registration - hkey= - key= - C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
MsConfig:64bit - StartUpReg: Toshiba TEMPRO - hkey= - key= - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
MsConfig:64bit - StartUpReg: ToshibaServiceStation - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosNC - hkey= - key= - C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosReelTimeMonitor - hkey= - key= - C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosSENotify - hkey= - key= - C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TosWaitSrv - hkey= - key= - C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TPwrMain - hkey= - key= - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
MsConfig:64bit - StartUpReg: TWebCamera - hkey= - key= - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013.06.01 16:20:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Joachim\Desktop\OTL.exe
[2013.06.01 16:17:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.01 16:14:54 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2013.06.01 16:14:54 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\Temp
[2013.06.01 16:04:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.01 16:04:16 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.01 16:03:36 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Joachim\Desktop\JRT.exe
[2013.05.28 20:17:03 | 000,700,783 | R--- | C] (Swearware) -- C:\Users\Joachim\Desktop\dds+.exe
[2013.05.28 19:46:47 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\DoNotTrackPlus
[2013.05.21 10:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.05.21 10:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.05.21 10:30:42 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\Programs
[2013.05.18 16:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.15 22:57:49 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 22:57:48 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 22:57:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.15 22:57:47 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.15 22:57:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.15 22:57:47 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 22:57:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 22:57:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.15 22:57:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.15 22:57:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 22:57:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.15 22:57:46 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 22:57:44 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 22:57:44 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 22:57:43 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 18:14:57 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 18:14:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 18:14:34 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 18:14:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 18:14:33 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 18:14:33 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 18:14:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.15 18:02:20 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.05.14 10:53:25 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\Tempc80783acf6c601f3341ca18a7170d60c
[2013.05.14 10:53:25 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\Temp4d502516002bc02c9b4f3b6331adda13
[2013.05.14 10:53:19 | 000,000,000 | ---D | C] -- C:\Users\Joachim\AppData\Local\Temp867b25cad114cde47b0c1237491f3b1a
[2013.05.11 09:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.05.11 00:47:07 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.11 00:47:07 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.11 00:47:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.11 00:47:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.11 00:47:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.11 00:47:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.11 00:47:07 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.11 00:47:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.11 00:47:06 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.11 00:47:06 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.11 00:47:06 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.11 00:47:06 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.11 00:47:06 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.11 00:47:06 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.11 00:47:06 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.11 00:47:06 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.11 00:47:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.11 00:47:06 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.11 00:47:06 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.11 00:47:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.11 00:47:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.11 00:47:06 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.11 00:47:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.11 00:47:06 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.11 00:47:06 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.11 00:47:05 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.11 00:47:05 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.11 00:47:05 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.11 00:47:05 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.11 00:47:05 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.11 00:47:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.11 00:47:05 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.11 00:47:05 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.11 00:47:05 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.11 00:47:05 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.11 00:47:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.11 00:47:05 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.11 00:47:05 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.11 00:47:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.11 00:47:05 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.11 00:47:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.11 00:47:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.11 00:47:05 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.11 00:47:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.11 00:47:05 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.11 00:47:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.11 00:47:05 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.11 00:47:05 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.11 00:47:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.11 00:47:04 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.11 00:47:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.11 00:47:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.11 00:47:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.10 09:32:10 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2010.09.19 00:07:39 | 008,537,824 | ---- | C] (ashampoo GmbH & Co. KG ) -- C:\Program Files (x86)\ashampoo_burning_studio_6_free_6.77_3639.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.01 16:24:02 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.01 16:24:01 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.01 16:20:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Joachim\Desktop\OTL.exe
[2013.06.01 16:15:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.01 16:15:35 | 3112,386,560 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.01 16:13:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2316785790-3983578854-3728904588-1000UA.job
[2013.06.01 16:12:46 | 000,526,763 | ---- | M] () -- C:\Users\Public\Desktop\sample__1612.zip
[2013.06.01 16:09:39 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2013.06.01 16:09:04 | 001,271,244 | ---- | M] () -- C:\Users\Joachim\Desktop\zoek.exe
[2013.06.01 16:03:42 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Joachim\Desktop\JRT.exe
[2013.06.01 13:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.01 12:42:20 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2316785790-3983578854-3728904588-1000Core.job
[2013.05.31 20:27:58 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.31 20:27:58 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.31 20:27:58 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.31 20:27:58 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.31 20:27:58 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.28 20:17:09 | 000,700,783 | R--- | M] (Swearware) -- C:\Users\Joachim\Desktop\dds+.exe
[2013.05.28 20:08:35 | 000,632,031 | ---- | M] () -- C:\Users\Joachim\Desktop\adwcleaner.exe
[2013.05.16 17:41:22 | 000,343,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.14 21:02:41 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.14 21:02:41 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.11 00:47:07 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.11 00:47:07 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.11 00:47:07 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.11 00:47:07 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.11 00:47:07 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.11 00:47:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.11 00:47:07 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.11 00:47:07 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.11 00:47:06 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.11 00:47:06 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.11 00:47:06 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.11 00:47:06 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.11 00:47:06 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.11 00:47:06 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.11 00:47:06 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.11 00:47:06 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.11 00:47:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.11 00:47:06 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.11 00:47:06 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.11 00:47:06 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.11 00:47:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.11 00:47:06 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.11 00:47:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.11 00:47:06 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.11 00:47:06 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.11 00:47:06 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.11 00:47:05 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.11 00:47:05 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.11 00:47:05 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.11 00:47:05 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.11 00:47:05 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.11 00:47:05 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.11 00:47:05 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.11 00:47:05 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.11 00:47:05 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.11 00:47:05 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.11 00:47:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.11 00:47:05 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.11 00:47:05 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.11 00:47:05 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.11 00:47:05 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.11 00:47:05 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.11 00:47:05 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.11 00:47:05 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.11 00:47:05 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.11 00:47:05 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.11 00:47:05 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.11 00:47:05 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.11 00:47:05 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.11 00:47:05 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.11 00:47:04 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.11 00:47:04 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.11 00:47:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.11 00:47:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.11 00:47:04 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.10 09:31:41 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.01 16:14:54 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013.06.01 16:12:46 | 000,526,763 | ---- | C] () -- C:\Users\Public\Desktop\sample__1612.zip
[2013.06.01 16:09:01 | 001,271,244 | ---- | C] () -- C:\Users\Joachim\Desktop\zoek.exe
[2013.05.28 20:08:29 | 000,632,031 | ---- | C] () -- C:\Users\Joachim\Desktop\adwcleaner.exe
[2013.05.11 00:47:06 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.11 00:47:05 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.02.22 17:05:19 | 000,143,569 | ---- | C] () -- C:\Windows\hpwins30.dat
[2013.02.22 17:05:19 | 000,000,682 | ---- | C] () -- C:\Windows\hpwmdl30.dat
[2011.04.16 22:17:26 | 000,000,000 | -H-- | C] () -- C:\Users\Joachim\hpothb07.tif
[2011.04.16 22:17:26 | 000,000,000 | -H-- | C] () -- C:\Users\Joachim\hpothb07.dat
[2010.08.25 08:57:55 | 000,000,367 | ---- | C] () -- C:\Users\Joachim\RecentPlaces.lnk
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > OTL Extras: Code:
OTL Extras logfile created on: 01.06.2013 16:21:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Joachim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,60% Memory free
7,73 Gb Paging File | 6,21 Gb Available in Paging File | 80,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 47,50 Gb Free Space | 31,87% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 136,73 Gb Free Space | 91,98% Space Free | Partition Type: NTFS
Computer Name: JOACHIM-TOSH | User Name: Joachim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Users\Joachim\Mein CEWE FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Users\Joachim\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Users\Joachim\Mein CEWE FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Users\Joachim\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B996D5-11A2-40DD-8A01-794DBF575723}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{066F3E5B-1820-455C-BDF1-DDF1130A5CB2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A25C65E-B96A-4C16-9A43-D31B5CA87FDC}" = lport=445 | protocol=6 | dir=in | app=system |
"{0F5FD125-7D0F-4FF7-B268-C3C110D1A965}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1DFD958F-72FF-4930-AFE1-64319081379E}" = rport=445 | protocol=6 | dir=out | app=system |
"{31EA1437-C001-4B36-A9EE-40E698CA86A9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{41634F91-81FE-4EF6-898E-A5DB133B6A36}" = rport=139 | protocol=6 | dir=out | app=system |
"{648F21F7-D4B9-4CAD-82A3-45BE3635ED82}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{6EEC44E1-1400-4A01-8298-70A108231B18}" = rport=137 | protocol=17 | dir=out | app=system |
"{715953C9-8742-468E-8ECE-BDFEB0613852}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75EAE794-0DB1-4C8F-9D89-43EA9D49181F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{892190D6-2A5F-431F-8301-6DABC373B592}" = rport=138 | protocol=17 | dir=out | app=system |
"{91138355-7087-4490-8825-EC8406D43D3C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{92174D86-E75C-4FA2-B01F-A0D5CED9DA6E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9798FD34-4C52-423F-B067-696E14B22BD6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B41F8E8-3F8D-4A97-9630-B7C8B61EC147}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A0A17CB1-A95A-4BCF-BB89-4EFE9824F058}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A4828564-43DE-43A2-A744-74C0506F3340}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD6ECB77-2952-422A-897F-A04D7F9570E4}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{AFBDA17E-15A2-4C22-8FE1-FA52D91E149A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B29C0C58-FC25-477C-A4E4-5086025352FE}" = lport=139 | protocol=6 | dir=in | app=system |
"{B97BA032-34B8-47A7-A079-28BD3155C1FB}" = lport=138 | protocol=17 | dir=in | app=system |
"{C4BFC890-C16E-460B-A1B2-47B18F2B34B8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CF834A3A-CA82-44BD-BE08-95CAED9D1801}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CFCA7ED0-A713-4593-81EE-D15F3D7ACF0F}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{E204A757-8E74-4C35-97B8-C06E2AFB8FFF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F071C573-DB0C-4C4C-92BC-6283148810CD}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{FA8CEF57-9B8F-4671-A9EB-CA97148FD37F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAA533DC-6113-42A6-A06F-EBA440FD8552}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023B1FC7-05D6-49BB-BEE3-F959562C8435}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F27EEB2-66DF-4EB2-A081-7183392C0CA7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{202FCE0B-F59D-4A0E-BF33-BDCF85C266D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20E001A0-B76C-48A3-B420-0066BEB8DB78}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{21177402-1B30-40E8-8BB7-2160B11C2935}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{244DCD19-95F6-49B3-964C-47FA1A063924}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{253AB9C4-D21F-4D7E-8BCC-2E15FD921C72}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2B1F6713-1FDC-41DC-8D0B-3E1FE0FCDB6C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2C62A87F-0121-43E7-AE2A-3E5DD6341FD7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3123D533-BD28-4E0B-A65E-CB5AB1E9749C}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{3348A5DD-9DF2-4DC2-AD3D-A08D26EE55B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{369FE4EB-650C-424F-BC70-A2853F7097AA}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{3BCDED8D-514C-4143-83F8-9F0280138B2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3C9BED08-3154-4512-9489-17CD89E969C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41257707-E9EA-4C9D-AB1D-E6934057F87E}" = protocol=6 | dir=out | app=system |
"{56FCFBF3-EEC3-48F1-A301-81260C053458}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{642AA338-F350-402D-8697-747969DE511E}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{67D10FEE-1CDF-4EF8-BD12-BE33C8A0BEA8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D4CA2C1-0E06-4FBA-B73E-724E6080ED36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{783055CD-7964-41AB-8A9E-CDBB6A167A16}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{831E7C09-5A94-4B97-B6A7-474F88E30ADE}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{8D901824-6AB7-48F4-B07D-2F0BAF951221}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B28E88B-65D4-4680-B656-BCD38A751894}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BD0C64C-482D-4FA9-9B78-6F38DD40EEB5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E32C8DA-4DA8-41EB-9B3A-7E60621BA654}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{A1F21204-D6B3-4851-9F2D-14CB43B5D14B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ABDA42FB-798E-437C-A956-E8F18A74B76B}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{B1D40A97-33D8-4445-B9E9-C9DADD45AFC4}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{BBB89F88-B8B7-4C36-9CC7-E2F91865F70B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{BCD0507B-764A-47D6-AB02-F773E70AE71D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BF54CAF4-24A3-408A-9C4B-409F56E4BA90}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C0084A90-EBFD-4DA8-AA0B-B53F7325332D}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{C6D142B3-7C39-4302-9E18-575631CDF838}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{CF1D1B8D-95A0-4CE0-A1E3-50C63E60306B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6949B65-843A-4972-B47A-92A15612D642}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E2F5F709-C3FA-4F30-96D7-2FF7FE9C410C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EE06C282-9C5F-48A4-A867-E0E8F8AA16FC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EF2A8DD8-6006-4279-AD21-A00F1A126BE1}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqkygrp.exe |
"{F4BB38D2-1D09-4EDE-A4CF-3420B7012D16}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F666B693-951F-4031-B326-AF58C0777817}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{FED394ED-81F9-4BA7-81B5-4332D13424A3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{32233ADD-02BF-417B-8624-FDE9C6E20E4C}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{32B8DA5E-FD3A-4CB5-A441-92F407543F2E}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{2EE350A6-15A0-44E0-BF5B-A952BDFF757F}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{FC084FFB-5BD9-4244-8929-72FFEE40CE94}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C260A1C3-EB49-F99A-38BA-B59C020D4609}" = ATI Catalyst Install Manager
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E27CF425-D27B-6ED6-D281-D8B26A404E67}" = ccc-utility64
"{E34BAA98-E4EA-4C12-8B9C-ABAE82FECB2D}" = HP Officejet 100 Mobile L411
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00763F56-1FE5-DA9F-A43E-53F5D46D6E7E}" = CCC Help Dutch
"{02F2BA99-3AFA-F0E6-969B-E6443A469967}" = Catalyst Control Center InstallProxy
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{084144E0-8719-9E07-49F9-D728A7533B32}" = CCC Help Russian
"{0CB58D13-A9CB-7599-DE28-D17205A3D381}" = Catalyst Control Center Graphics Previews Common
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{14555947-6F14-421F-8F61-6489E0FDFAE5}" = Toshiba TEMPRO
"{1901B979-96F2-3330-D875-4803F233CF47}" = CCC Help Finnish
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1C84AB70-7851-D03E-14B0-2CE969DD6CBA}" = Photo Service - powered by myphotobook
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2404C7F8-65CC-9408-F08E-73996B998A7D}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{290CD70B-6E45-7381-CDC4-45E582F49C60}" = Catalyst Control Center Graphics Previews Vista
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2FFDADDF-5107-5CB7-1E9C-66E881680F25}" = CCC Help Turkish
"{320F5494-8DB9-10CD-6122-05299B9A4DAD}" = Catalyst Control Center Graphics Full New
"{39987616-5DF2-CDFA-761C-75E66743CE80}" = CCC Help Portuguese
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BCF8458-04BA-EBB7-3EDD-BFD188230DBE}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45D6FC55-A7CA-1EEA-C038-70998C3D190A}" = CCC Help Spanish
"{46D0CFB0-D3F7-6D32-8FBF-2F848F7ECA79}" = CCC Help Italian
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CF0F7CB-0520-4cb1-9CEE-19FA5DE50B9B}" = L411_web
"{4D76C6A4-A8AC-B6FF-C334-E6CBB7471C44}" = Catalyst Control Center Core Implementation
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53173451-0DDE-97E9-B6FE-1D068DBF2AF8}" = CCC Help Chinese Standard
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{58793BC5-EBCE-4e86-9ED2-2410A738AEEB}" = L411_Software_Min
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62B6B7C3-E75B-49E6-A351-6CDD99C39A61}" = calibre
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67753C59-3BB3-7CBB-7B10-F47CE982082F}" = CCC Help German
"{6ABF4A27-C269-88EB-1CA8-5A1D78A2FF08}" = ccc-core-static
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767F1CF5-6140-BCF3-549E-69B273099EC9}" = CCC Help Polish
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4F9145-AEDA-55D4-3F5F-BCA89EA300E2}" = CCC Help Swedish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8D3D00A7-F448-D3A3-BC79-CD603AEBC2F5}" = CCC Help Danish
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9817543D-592D-CDA9-B8E5-E7BB8DA63F45}" = CCC Help Chinese Traditional
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DA30596-3A38-06B3-5EA2-8AF4B4FE27F2}" = CCC Help Hungarian
"{A0A61E1A-47BA-DD0F-8B31-2BA14B059258}" = CCC Help Japanese
"{A2690E7C-D909-4AE6-7C84-F1AC267A9020}" = Catalyst Control Center Graphics Full Existing
"{A35391E7-4D75-FD08-CBE4-0A9DFB944294}" = CCC Help Korean
"{A4BB082D-566E-4E26-9E89-0DB1DF7455C3}" = L411_Help_Web
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.de
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.4 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B5ACFC20-FA4B-3448-431E-D0107C55E435}" = CCC Help English
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D05CD952-F58E-D2AC-D6EA-4178331A356C}" = CCC Help Thai
"{D408ADFE-DC5B-CA9A-4131-E4D870B07354}" = CCC Help Norwegian
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E1FFC21B-CB65-4C06-8FEA-16F47A4222FD}" = eBay
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E8B28B89-FF29-9092-19BC-B2B6779FFA9F}" = Catalyst Control Center Localization All
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7776077-24D8-A51B-1580-46BB742EE0BC}" = CCC Help Greek
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F92DCCC1-0371-916E-78A3-BF9788D39152}" = CCC Help French
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"ElsterFormular" = ElsterFormular
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PrintProjects" = PrintProjects
"Profi cash" = Profi cash
"VLC media player" = VLC media player 1.1.5
"Warcraft III" = Warcraft III
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2316785790-3983578854-3728904588-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 01.06.2013 10:16:44 | Computer Name = Joachim-TOSH | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
< End of report > SystemLook: Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 16:34 on 01/06/2013 by Joachim
Administrator - Elevation successful
========== filefind ==========
Searching for "*qvo6*"
No files found.
Searching for "*Askcom*"
C:\Windows\System32\taskcomp.dll --a---- 473600 bytes [10:26 02/07/2011] [13:27 20/11/2010] 6DC4A7242F565C9E9C9CCC7BB0FA75C7
C:\Windows\System32\de-DE\taskcomp.dll.mui --a---- 14848 bytes [17:58 14/07/2009] [17:58 14/07/2009] BD0A09B79E8F7F89908E2C94DAE064AF
C:\Windows\SysWOW64\taskcomp.dll --a---- 305152 bytes [10:25 02/07/2011] [12:21 20/11/2010] 1C3E8371377E988B683797A132EFFE1B
C:\Windows\SysWOW64\de-DE\taskcomp.dll.mui --a---- 14848 bytes [17:58 14/07/2009] [17:58 14/07/2009] E758D59C883A37BBF8A72CFE431FBFB7
C:\Windows\winsxs\amd64_microsoft-windows-t..atibility.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ad0d764a76dfc578\taskcomp.dll.mui --a---- 14848 bytes [17:58 14/07/2009] [17:58 14/07/2009] BD0A09B79E8F7F89908E2C94DAE064AF
C:\Windows\winsxs\amd64_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.16385_none_c489ed71f5ecb9f6\taskcomp.dll --a---- 473600 bytes [23:47 13/07/2009] [01:41 14/07/2009] AEFBD8D2C9CE363F84AE0F89036412A6
C:\Windows\winsxs\amd64_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.16699_none_c483245ff5f132b8\taskcomp.dll --a---- 473600 bytes [19:09 15/12/2010] [05:17 02/11/2010] 1B547066D0A6CD40EB3BAAC6A9C7E7A9
C:\Windows\winsxs\amd64_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.20830_none_c5449fff0ee643f4\taskcomp.dll --a---- 473600 bytes [19:09 15/12/2010] [05:23 02/11/2010] B5D8684725908A0E72DCF488DF31F95E
C:\Windows\winsxs\amd64_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7601.17514_none_c6bb0139f2db3d90\taskcomp.dll --a---- 473600 bytes [10:26 02/07/2011] [13:27 20/11/2010] 6DC4A7242F565C9E9C9CCC7BB0FA75C7
C:\Windows\winsxs\x86_microsoft-windows-t..atibility.resources_31bf3856ad364e35_6.1.7600.16385_de-de_50eedac6be825442\taskcomp.dll.mui --a---- 14848 bytes [17:58 14/07/2009] [17:58 14/07/2009] E758D59C883A37BBF8A72CFE431FBFB7
C:\Windows\winsxs\x86_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.16385_none_686b51ee3d8f48c0\taskcomp.dll --a---- 304640 bytes [23:30 13/07/2009] [01:16 14/07/2009] 0D4E8439AD3159A335FA720E043EA22E
C:\Windows\winsxs\x86_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.16699_none_686488dc3d93c182\taskcomp.dll --a---- 305152 bytes [19:09 15/12/2010] [04:40 02/11/2010] EF8808FEA65723214D79734BDB79EBF6
C:\Windows\winsxs\x86_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7600.20830_none_6926047b5688d2be\taskcomp.dll --a---- 305152 bytes [19:09 15/12/2010] [04:28 02/11/2010] 1918ABE8B8670AF68D50FBCFB69FAA52
C:\Windows\winsxs\x86_microsoft-windows-t..duler-compatibility_31bf3856ad364e35_6.1.7601.17514_none_6a9c65b63a7dcc5a\taskcomp.dll --a---- 305152 bytes [10:25 02/07/2011] [12:21 20/11/2010] 1C3E8371377E988B683797A132EFFE1B
Searching for "*Conduit*"
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_868510_864310_DE.xml --a---- 157 bytes [17:45 20/01/2012] [17:45 20/01/2012] 9AE470807868F8CF64B80F6DC781E60F
C:\Users\Joachim\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\B72J4GRZ\storage.conduit[1].xml --a---- 13 bytes [18:46 06/03/2012] [18:46 06/03/2012] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
C:\Users\Joachim\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\WCXEHIFS\facebook.conduitapps[1].xml --a---- 13 bytes [18:46 06/03/2012] [18:46 06/03/2012] C1DDEA3EF6BBEF3E7060A1A9AD89E4C5
========== folderfind ==========
Searching for "*qvo6*"
No folders found.
Searching for "*Askcom*"
No folders found.
Searching for "*Conduit*"
C:\Users\AppData\LocalLow\Conduit d------ [22:11 18/09/2010]
========== regfind ==========
Searching for "qvo6"
No data found.
Searching for "Askcom"
No data found.
Searching for "Conduit"
No data found.
-= EOF =- Gibt bisher keine Probleme mehr mit Qvo6.com. Weder im Firefox noch im IE. Kenne aber auch kein anderes Problem, als das mit der Startseite. |