Code:
Zoek.exe Version 4.0.0.2 Updated 25-June-2013
Tool run by Kopp Dierkes on 25.06.2013 at 21:23:29,66.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Doro\AppData\Roaming\Mozilla\Firefox\Profiles\sf2d9wzj.default\prefs.js:
user_pref("browser.startup.homepage", "https://navigator.web.de/navigator/show?sid=86d0157f6f0042b34c70da7612ea0338bdc04988839a47e1b061a68b25ff199d3afb709afbd46bb1e3cb2e871848ef6e#home|https://accounts.google.com/ServiceLogin?service=cl&passive=1209600&continue=https://www.google.com/calendar/render?tab%3Dwc%26pli%3D1%26gsessionid%3DZIvUkc7tWdG9uSM9uiM-Zg&followup=hxxp://www.google.com/calendar&scc=1|hxxp://www.gymnasium-walldorf.de/shp/index.php|hxxp://www.rs-walldorf.de/|hxxp://www.bibliotheken.bw-online.de/wwwopac-wiesloch/index.asp?DB=Wiesloch|hxxp://www.onlinetvrecorder.com/v2/index.php?go=home|https://www.facebook.com/?ref=logo");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Doro\AppData\Roaming\Mozilla\Firefox\Profiles\sf2d9wzj.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Jungs\AppData\Roaming\Mozilla\Firefox\Profiles\0diimaah.default\prefs.js:
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Jungs\AppData\Roaming\Mozilla\Firefox\Profiles\0diimaah.default\prefs.js:
Deleted from C:\Users\Kopp Dierkes\AppData\Roaming\Mozilla\Firefox\Profiles\q3mh1z6h.default\prefs.js:
user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Kopp Dierkes\AppData\Roaming\Mozilla\Firefox\Profiles\q3mh1z6h.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
"C:\ProgramData\rebootpending.txt" deleted
"C:\Users\Kopp Dierkes\AppData\Roaming\Phase6" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Doro\AppData\Roaming\Mozilla\Firefox\Profiles\sf2d9wzj.default
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\ich@maltegoetz.de
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Kopp Dierkes\AppData\Roaming\Mozilla\Firefox\Profiles\q3mh1z6h.default
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de
==== Firefox Plugins ======================
Profilepath: C:\Users\Kopp Dierkes\AppData\Roaming\Mozilla\Firefox\Profiles\q3mh1z6h.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
2EA4B85EF64CA48B792FEF23AEEF7DC1 - C:\Users\Kopp Dierkes\AppData\Roaming\Mozilla\plugins\NpFv530.dll - Flatcast Viewer Plugin 5.3.0.784
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://acer.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://acer.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\users\Doro\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\Jungs\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\users\Doro\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\users\Jungs\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Doro\Desktop\Der Herr der Ringe Online™.lnk -
C:\Users\Doro\Desktop\FlashGet.lnk - D:\Program Files (x86)\FlashGet\flashget.exe
C:\Users\Doro\Desktop\Mp3tag.lnk - C:\Users\Doro\Mp3tag\Mp3tag.exe
C:\Users\Doro\Desktop\Netzwerk- und Freigabecenter - Verknüpfung.lnk -
C:\Users\Doro\Desktop\qotr - Verknüpfung.lnk -
C:\Users\Jungs\Desktop\FlashGet downloads.lnk - D:\Program Files (x86)
C:\Users\Jungs\Desktop\FlashGet.lnk - D:\Program Files (x86)\FlashGet\flashget.exe
C:\Users\Jungs\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kopp Dierkes\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Kopp Dierkes\Desktop\DC Universe Online PSG.lnk - C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online PSG\LaunchPad.exe
C:\Users\Kopp Dierkes\Desktop\FlashGet downloads.lnk - D:\Program Files (x86)
C:\Users\Kopp Dierkes\Desktop\FlashGet.lnk - D:\Program Files (x86)\FlashGet\flashget.exe
C:\Users\Kopp Dierkes\Desktop\Star Wars The Force Unleashed.lnk - D:\Program Files (x86)\Star Wars The Force Unleashed\SWTFU Launcher.exe
C:\Users\Phase 6\Desktop\FlashGet downloads.lnk - D:\Program Files (x86)
C:\Users\Phase 6\Desktop\FlashGet.lnk - D:\Program Files (x86)\FlashGet\flashget.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\phase-6 desktop.lnk - C:\Program Files (x86)\phase-6\phase-6\phase-6.exe
C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\RCT3plus.exe
C:\Users\Public\Desktop\WildTangent Games App - acer.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src desktop /dp acerlt
==== shortcuts in Users Start Menu ======================
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\RollerCoaster Tycoon® 3.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud\The Happy Cloud.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud\Uninstall.lnk - C:\ProgramData\HappyCloud\Application\uninstaller.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Community Website.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Deinstallieren Der Herr der Ringe Online™.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Der Herr der Ringe Online™.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Kundendienst von Turbine.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\README.lnk - D:\HappyCloud\Cache\The Lord of the Rings Online\de\README.txt
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Turbine, Inc..lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine\The Lord of the Rings Online\Turbinekonto Verwalten.lnk -
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk - C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Handbuch.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\RCT3_MANUAL_DEU.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Liesmich.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\Readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\RollerCoaster Tycoon 3 deinstallieren.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\uninst\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\RollerCoaster Tycoon 3.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\RCT3plus.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Soaked-Handbuch.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\RCT3S_MANUAL_DEU.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Soaked-Readme.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\Soaked_Readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Wild-Handbuch.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\RCT3W_MANUAL_DEU.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari\RollerCoaster Tycoon 3\Wild-Readme.lnk - D:\Program Files (x86)\RollerCoaster Tycoon 3\Wild_Readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Star Wars The Force Unleashed.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk - C:\Windows\SysWOW64\msiexec.exe /x {EA561FC0-A965-11E2-94D3-B8AC6F98CCE3} FEEDBACK=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center\Microsoft-Maus- und Tastatur-Center.lnk - c:\Windows\Installer\{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}\DeviceCenter.ico
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FlashGet.lnk - D:\Program Files (x86)\FlashGet\flashget.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\phase-6 desktop.lnk - C:\Program Files (x86)\phase-6\phase-6\phase-6.exe
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Resume Download - Der Herr der Ringe Online™.lnk -
C:\Users\Doro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\phase-6 desktop.lnk - C:\Program Files (x86)\phase-6\phase-6\phase-6.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk - C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Jungs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk - C:\Program Files (x86)\Acer\Welcome Center\OEMWelcomeCenter.exe
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Phase 6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Phase 6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Phase 6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Phase 6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
==== Silent Runners ======================
"Silent Runners.vbs", revision 69.2, hxxp://www.silentrunners.org/
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
IgfxTray = C:\Windows\system32\igfxtray.exe [Intel Corporation]
HotKeysCmds = C:\Windows\system32\hkcmd.exe [Intel Corporation]
Persistence = C:\Windows\system32\igfxpers.exe [Intel Corporation]
IntelTBRunOnce = wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [MS]
ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe
RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [Realtek Semiconductor]
RtHDVBg_Dolby = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [Realtek Semiconductor]
Power Management = C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [Acer Incorporated]
CanonMyPrinter = C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [CANON INC.]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ {++}
AppRemover = wscript.exe "C:\Users\KOPPDI~1\AppData\Local\Temp\AppRemover_RunBatchSilently.vbs" "C:\Users\KOPPDI~1\AppData\Local\Temp\AppRemover_ToBeDelAfterReboot.bat" [MS]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}
SuiteTray = "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [Egis Technology Inc.]
BackupManagerTray = "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [NTI Corporation]
StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [Advanced Micro Devices, Inc.]
LManager = C:\Program Files (x86)\Launch Manager\LManager.exe [Dritek System Inc.]
NUSB3MON = "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [Renesas Electronics Corporation]
Dolby Advanced Audio v2 = "C:\Dolby PCEE4\pcee4.exe" -autostart [null data]
ArcadeMovieService = "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [CyberLink Corp.]
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Sun Microsystems, Inc.]
APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.]
CanonSolutionMenuEx = C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [CANON INC.]
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [Apple Inc.]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = Windows Live ID Sign-in Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]
-> {HKLM...Wow...CLSID} = Microsoft-Konto-Anmelde-Hilfsprogramm
\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\(Default) = (no title provided)
-> {HKLM...Wow...CLSID} = IeCatch5 Class
\InProcServer32\(Default) = D:\PROGRA~1\FlashGet\jccatch.dll [FlashGet]
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\(Default) = Canon Easy-WebPrint EX BHO
-> {HKLM...Wow...CLSID} = Canon Easy-WebPrint EX BHO
\InProcServer32\(Default) = C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [CANON INC.]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper
\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = Windows Live ID Sign-in Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]
-> {HKLM...Wow...CLSID} = Microsoft-Konto-Anmelde-Hilfsprogramm
\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]
{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper
\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]
{F156768E-81EF-470C-9057-481BA8380DBA}\(Default) = (no title provided)
-> {HKLM...Wow...CLSID} = gFlash Class
\InProcServer32\(Default) = D:\PROGRA~1\FlashGet\getflash.dll [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
-> {HKCU...CLSID} = UpToDateOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [MS]
SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
-> {HKCU...CLSID} = SyncingOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [MS]
SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524}
-> {HKCU...CLSID} = ErrorOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [MS]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
-> {HKCU...Wow...CLSID} = UpToDateOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]
SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
-> {HKCU...Wow...CLSID} = SyncingOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]
SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524}
-> {HKCU...Wow...CLSID} = ErrorOverlayHandler Class
\InProcServer32\(Default) = C:\Users\Kopp Dierkes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
{ACEF9F57-4DEF-4CC9-A2C0-7A158D967E63} = Device Center Control Panel Property Page
-> {HKLM...CLSID} = Device Center Property Page
\InProcServer32\(Default) = c:\Program Files\Microsoft Mouse and Keyboard Center\cplredirector.dll [MS]
{653DCCC2-13DB-45B2-A389-427885776CFE} = Activities Control Panel Property Page
-> {HKLM...CLSID} = Activities Property Page
\InProcServer32\(Default) = c:\Program Files\Microsoft Mouse and Keyboard Center\ipcplact.dll [MS]
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
<<!>> BootExecute = autocheck autochk *| [file not found]|sdnclean64.exe [file not found]
HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\
MWLIVShellExt\(Default) = {B1B294FE-EC1E-4fef-AF68-D34CE3E38157}
-> {HKLM...CLSID} = MWLIVShell Class
\InProcServer32\(Default) = C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [Egis Technology Inc. ]
-> {HKLM...Wow...CLSID} = MWLIVShell Class
\InProcServer32\(Default) = C:\Program Files (x86)\EgisTec MyWinLocker\MWLIVShellExt.dll [Egis Technology Inc. ]
ShredderContextMenu\(Default) = {521065F1-DE6C-4E46-BBCB-89B0D0BE860D}
-> {HKLM...CLSID} = ShredContextMenu Class
\InProcServer32\(Default) = C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [Egis Technology Inc.]
-> {HKLM...Wow...CLSID} = ShredContextMenu Class
\InProcServer32\(Default) = C:\Program Files (x86)\EgisTec Shredder\x86\ShredderContextMenu.dll [Egis Technology Inc.]
HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\
ACE\(Default) = {5E2121EE-0300-11D4-8D3B-444553540000}
-> {HKLM...CLSID} = SimpleShlExt Class
\InProcServer32\(Default) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [Advanced Micro Devices, Inc.]
igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
-> {HKLM...CLSID} = GraphicsShellExt Class
\InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice.org Column Handler
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll [file not found]
-> {HKLM...Wow...CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
-> {HKLM...Wow...CLSID} = PDF Shell Extension
\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDrives = (REG_DWORD) dword:0x00000000
{unrecognized setting}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDrives = (REG_DWORD) dword:0x00000000
{unrecognized setting}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\
LogonHoursAction = (REG_DWORD) dword:0x00000002
{unrecognized setting}
DontDisplayLogonHoursWarnings = (REG_DWORD) dword:0x00000001
{unrecognized setting}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\
DisableRegistryTools = (REG_DWORD) dword:0x00000000
{unrecognized setting}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Users\Kopp Dierkes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
SCRNSAVE.EXE = C:\Windows\System32\Acer.scr [null data]
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
ATMoviePlayDVDMovieOnArrival\
Provider = clear.fi
InvokeProgID = DVD
InvokeVerb = PlayWithATMovie
HKLM\SOFTWARE\Classes\DVD\shell\PlayWithATMovie\Command\(Default) = "C:\Program Files (x86)\Acer\clear.fi\Movie\discautorun.exe" AUTOPLAY DVD "%L" [CyberLink Corp.]
ATMoviePlaySVCDOnArrival\
Provider = clear.fi
InvokeProgID = SVCD
InvokeVerb = PlayWithATMovie
HKLM\SOFTWARE\Classes\SVCD\shell\PlayWithATMovie\Command\(Default) = "C:\Program Files (x86)\Acer\clear.fi\Movie\discautorun.exe" AUTOPLAY VCD "%L" [CyberLink Corp.]
ATMoviePlayVCDMovieOnArrival\
Provider = clear.fi
InvokeProgID = VCD
InvokeVerb = PlayWithATMovie
HKLM\SOFTWARE\Classes\VCD\shell\PlayWithATMovie\Command\(Default) = "C:\Program Files (x86)\Acer\clear.fi\Movie\discautorun.exe" AUTOPLAY VCD "%L" [CyberLink Corp.]
CanonMPNEX40PictureOnArrival\
Provider = MP Navigator EX Ver4.0
InvokeProgID = MPNavigatorEX40.AutoplayHandler
InvokeVerb = open
HKLM\SOFTWARE\Classes\MPNavigatorEX40.AutoplayHandler\shell\open\command\(Default) = C:\Program Files (x86)\Canon\MP Navigator EX 4.0\mpnex40.exe /AUTOPLAY %1 [CANON INC.]
iTunesBurnCDOnArrival\
Provider = iTunes
InvokeProgID = iTunes.BurnCD
InvokeVerb = burn
HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.]
iTunesImportSongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.ImportSongsOnCD
InvokeVerb = import
HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.]
iTunesPlaySongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.PlaySongsOnCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.]
iTunesShowSongsOnArrival\
Provider = iTunes
InvokeProgID = iTunes.ShowSongsOnCD
InvokeVerb = showsongs
HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.]
MSLivePhotoAcquireDropHandler\
Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10
InvokeProgID = Microsoft.LivePhotoAcqDTShim.1
InvokeVerb = open
HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625}
-> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]
MSLiveShowPicturesOnArrival\
Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10
InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1
InvokeVerb = open
HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7}
-> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]
MSPlayCDAudioOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.AudioCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]
MSPlayDVDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.DVD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]
MSPlaySuperVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]
MSPlayVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]
MSWMPBurnCDOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.BurnCD
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]
NTIBurner\
Provider = NTI Media Maker
InvokeProgID = NTIBurnerOpen
InvokeVerb = open
HKLM\SOFTWARE\Classes\NTIBurnerOpen\shell\open\command\(Default) = "C:\Program Files (x86)\NTI\NTI Media Maker 9\Launcher.exe" [null data]
PCinemaPlayCDAudioOnArrival\
Provider = clear.fi
InvokeProgID = AudioCD
InvokeVerb = PlayWithPowerCinema
HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerCinema\Command\(Default) = "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe" AUTOPLAY CD "%L" [Acer Incorporated]
WIA_{14E42EEC-F37B-4CC0-A797-5AF7F0AA8B7B}\
Provider = MP Navigator EX Ver4.0
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;C:\Program Files (x86)\Canon\MP Navigator EX 4.0\mpnex40.exe /StiDevice:%1 /StiEvent:%2;
-> {HKLM...CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]
Startup items in "Kopp Dierkes" & "All Users" startup folders:
--------------------------------------------------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++}
phase-6 Reminder -> shortcut to: C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe [phase-6]
Non-disabled Scheduled Tasks: {++}
-----------------------------
C:\Windows\System32\Tasks
Adobe ARM -> launches: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]
Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]
Adobe Reader Speed Launcher -> launches: "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [file not found]
clear.fi -> (HIDDEN!) launches: "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe" PreLaunch [Acer Incorporated]
clear.fiAgent -> (HIDDEN!) launches: "C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe" [CyberLink Corp.]
CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS]
DMREngine -> (HIDDEN!) launches: "C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe" [CyberLink]
EgisUpdate -> launches: "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d [Egis Technology Inc.]
GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.]
GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]
Microsoft_Hardware_Launch_ipoint_exe -> (HIDDEN!) launches: c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [MS]
Microsoft_Hardware_Launch_itype_exe -> (HIDDEN!) launches: c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [MS]
Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> (HIDDEN!) launches: c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [null data]
Microsoft_MKC_Logon_Task_ipoint.exe -> (HIDDEN!) launches: c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [MS]
Microsoft_MKC_Logon_Task_itype.exe -> (HIDDEN!) launches: c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [MS]
PMMUpdate -> launches: "C:\Program Files\EgisTec IPS\PMMUpdate.exe" [Egis Technology Inc.]
{896E58D1-C528-4FF2-BAD1-806F3DD9284F} -> launches: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar [MS]
C:\Windows\System32\Tasks\Apple
AppleSoftwareUpdate -> launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.]
C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}
-> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
-> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
AitAgent -> launches: aitagent [MS]
ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
-> {HKLM...CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
-> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
-> {HKLM...CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
-> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS]
KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}
-> {HKLM...CLSID} = KernelCeipCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]
UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}
-> {HKLM...CLSID} = UsbCeip
\InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
-> {HKLM...Wow...CLSID} = UsbCeip
\InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}
-> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Location
Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}
-> {HKLM...CLSID} = WinSAT Task Manger Task
\InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
-> {HKLM...Wow...CLSID} = WinSAT Task Manger Task
\InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]
ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]
DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]
ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]
InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]
mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]
MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]
ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]
OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]
OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]
PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]
PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]
PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]
PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]
PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]
RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]
ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]
SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]
StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS]
UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
-> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
-> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
-> {HKLM...CLSID} = HotStart User Agent
\InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\MUI
LPRemove -> launches: %windir%\system32\lpremove.exe [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}
-> {HKLM...CLSID} = Microsoft PlaySoundService Class
\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
-> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class
\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data]
C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\RAC
RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}
-> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler
\InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
-> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler
\InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Ras
MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}
-> {HKLM...CLSID} = RasMobilityManager
\InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Registry
RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}
-> {HKLM...CLSID} = RegistryIdleBackupHandler
\InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Shell
WindowsParentalControls -> (HIDDEN!) launches: {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
-> {HKLM...CLSID} = WpcNotificationsMonitor
\InProcServer32\(Default) = C:\Windows\System32\wpcumi.dll [MS]
-> {HKLM...Wow...CLSID} = WpcNotificationsMonitor
\InProcServer32\(Default) = C:\Windows\SysWOW64\wpcumi.dll [file not found]
C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}
-> {HKLM...CLSID} = GadgetsManager Class
\InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}
-> {HKLM...CLSID} = RunTask
\InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
-> {HKLM...Wow...CLSID} = RunTask
\InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]
IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}
-> {HKLM...CLSID} = MsCtfMonitor task handler
\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
-> {HKLM...Wow...CLSID} = MsCtfMonitor task handler
\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\WDI
ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}
-> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
-> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]
C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS]
C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE
Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1}
-> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000007\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.]
000000000008\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]
000000000009\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000007\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.]
000000000008\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]
000000000009\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} = Canon Easy-WebPrint EX
-> {HKLM...Wow...CLSID} = Canon Easy-WebPrint EX
\InProcServer32\(Default) = C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [CANON INC.]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} = FlashGet Bar
-> {HKLM...Wow...CLSID} = FlashGet Bar
\InProcServer32\(Default) = D:\PROGRA~1\FlashGet\fgiebar.dll [Amaze Soft]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\
ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004
MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003
CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC}
-> {HKLM...Wow...CLSID} = BlogThisToolbarButton Class
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS]
{D6E814A0-E0C5-11D4-8D29-0050BA6940E3}\
ButtonText = FlashGet
MenuText = &FlashGet
Exec = D:\PROGRA~1\FlashGet\flashget.exe [FlashGet.com]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]
AMD External Events Utility, AMD External Events Utility, C:\Windows\system32\atiesrxx.exe [AMD]
Apple Mobile Device, Apple Mobile Device, "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.]
Application Virtualization Client, sftlist, "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" [MS]
Application Virtualization Service Agent, sftvsa, "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" [MS]
Client Virtualization Handler, cvhsvc, "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" [MS]
Dienst "Bonjour", Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.]
Dritek WMI Service, DsiWMIService, C:\Program Files (x86)\Launch Manager\dsiwmis.exe [Dritek System Inc.]
ePower Service, ePowerSvc, C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [Acer Incorporated]
GREGService, GREGService, C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [Acer Incorporated]
Intel(R) Management and Security Application Local Management Service, LMS, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [Intel Corporation]
Intel(R) Management and Security Application User Notification Service, UNS, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [Intel Corporation]
Intel(R) Rapid Storage Technology, IAStorDataMgrSvc, "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [null data]
iPod-Dienst, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.]
Live Updater Service, Live Updater Service, C:\Program Files\Acer\Acer Updater\UpdaterService.exe [Acer Incorporated]
McAfee McShield, McShield, "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [McAfee, Inc.]
McAfee Validation Trust Protection Service, mfevtp, "C:\Windows\system32\mfevtps.exe" [McAfee, Inc.]
Nero Update, NAUpdate, "C:\Program Files (x86)\Nero\Update\NASvc.exe" [Nero AG]
NTI IScheduleSvc, NTI IScheduleSvc, C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [NTI Corporation]
Office Software Protection Platform, osppsvc, "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [MS]
Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS]
Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\
<<!>> PEVSystemStart, Service
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\
<<!>> PEVSystemStart, Service
Print Monitors:
---------------
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Canon BJ Language Monitor MG5200 series\Driver = CNMLMAE.DLL [CANON INC.]
Canon BJNP Port\Driver = CNMN6PPM.DLL [CANON INC.]
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Doro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Doro\AppData\Local\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jungs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kopp Dierkes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kopp Dierkes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Phase 6\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Doro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Jungs\AppData\Local\Mozilla\Firefox\Profiles\0diimaah.default\Cache emptied successfully
C:\users\Kopp Dierkes\AppData\Local\Mozilla\Firefox\Profiles\q3mh1z6h.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Doro\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\users\Jungs\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\KOPPDI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Doro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 25.06.2013 at 21:39:05,37 ======================
Hallo Ryder,
ich glaube, dank deiner Hilfe habe ich es geschafft! :rofl:
Grüße
Fidus |
SecurityCheck und:
