| cerberus0815 | 21.09.2012 17:19 |
Polizei Virus - Österreich - 100 € Paysafe lösegeld!
Hallo jungs, ich habe hier ein Problem mit Laptop nummero 1:
Polizei Virus Österreichischer Art: OTL Logfile: Code:
OTL logfile created on: 21.09.2012 17:59:35 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 3,01 Gb Available Physical Memory | 77,88% Memory free
7,72 Gb Paging File | 6,93 Gb Available in Paging File | 89,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 121,94 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 207,77 Gb Free Space | 89,37% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 385,97 Gb Free Space | 41,43% Space Free | Partition Type: NTFS
Computer Name: TURBO | User Name: kevin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.21 17:42:31 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\kevin\Desktop\OTL.exe
PRC - [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2012.09.21 17:49:07 | 000,017,920 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\rpcnetp.exe -- (rpcnetp)
SRV:64bit: - [2010.10.26 15:44:00 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.04.06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010.03.15 09:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.02.23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010.02.05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.11.05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.07.28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.05.04 17:47:36 | 000,809,984 | ---- | M] (OptionNV) [Auto | Stopped] -- C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe -- (GtDetectSc)
SRV - [2012.09.21 17:49:07 | 000,017,920 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWow64\rpcnetp.exe -- (rpcnetp)
SRV - [2012.05.14 23:14:05 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.09.01 17:31:50 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Stopped] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.10.26 15:48:14 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.10.26 15:43:56 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.02.25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.02.11 02:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.01.28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.12.04 04:30:18 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.10.06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008.10.09 12:20:02 | 000,055,904 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2008.10.09 12:19:48 | 000,162,456 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE -- (F-Secure Network Request Broker)
SRV - [2008.10.09 12:19:38 | 000,117,400 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2008.10.09 12:18:38 | 000,819,296 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2008.10.09 12:18:12 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2008.10.09 12:17:46 | 000,490,080 | ---- | M] (F-Secure Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\F-Secure\FSAUA\program\fsaua.exe -- (FSAUA)
SRV - [2008.09.29 15:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.08 10:45:30 | 000,070,656 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
DRV:64bit: - [2011.08.08 10:45:30 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
DRV:64bit: - [2010.11.09 21:32:39 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.09.28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.25 20:39:14 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.15 09:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.10 15:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.03 11:04:00 | 000,060,408 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.12 15:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.07 09:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.12.02 15:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.09.24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.28 20:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.19 10:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.11 16:23:16 | 000,086,528 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS)
DRV:64bit: - [2009.06.11 16:22:44 | 000,010,496 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER)
DRV:64bit: - [2009.06.11 16:22:30 | 000,130,048 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.10.09 12:18:38 | 000,091,936 | ---- | M] (F-Secure Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
DRV:64bit: - [2008.10.09 12:18:30 | 000,044,288 | ---- | M] (F-Secure Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
DRV:64bit: - [2008.07.11 08:05:00 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2007.04.20 10:56:24 | 000,112,384 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.10.26 19:04:28 | 000,190,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.10.07 14:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.10.09 12:19:28 | 000,056,288 | ---- | M] (F-Secure Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2008.10.09 12:18:14 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter)
DRV - [2008.10.09 12:18:14 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer)
DRV - [2008.10.09 12:18:14 | 000,012,896 | ---- | M] () [Kernel | System | Stopped] -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6E374735-8DAD-4507-9906-E16231F5BD37}
IE:64bit: - HKLM\..\SearchScopes\{6E374735-8DAD-4507-9906-E16231F5BD37}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {90619F67-9F8C-4EBF-86DE-E5D0F9E97C71}
IE - HKLM\..\SearchScopes\{90619F67-9F8C-4EBF-86DE-E5D0F9E97C71}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=100582
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=100582
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NG2V5&o=101795&src=crm&q={searchTerms}&locale=de_US&apn_ptnrs=N2&apn_dtid=YYYYYYYYAT&apn_uid=E9C01221-8BF0-4C1E-91C6-0FC7C091BABF&apn_sauid=90EEDB0F-AD09-4584-9824-BEA16819FC42
IE - HKCU\..\SearchScopes\{B7BB6F19-6D84-43E6-A75B-FEF424118815}: "URL" = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
IE - HKCU\..\SearchScopes\{FAD94BDC-73E3-418B-8558-33FCC6680F77}: "URL" = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledAddons: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..extensions.enabledAddons: {9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.12.2.100008
FF - prefs.js..extensions.enabledItems: {FBF6D7FB-F305-4445-BB3D-FEF66579A033}:5.0.1
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NG2V5&o=101795&locale=de_US&apn_uid=E9C01221-8BF0-4C1E-91C6-0FC7C091BABF&apn_ptnrs=N2&apn_sauid=90EEDB0F-AD09-4584-9824-BEA16819FC42&apn_dtid=YYYYYYYYAT&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.04.19 11:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\kevin\AppData\Roaming\13001.019 [2012.07.08 18:21:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.03 19:54:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.14 17:07:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\kevin\AppData\Roaming\13001.019 [2012.07.08 18:21:57 | 000,000,000 | ---D | M]
[2010.11.02 20:51:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kevin\AppData\Roaming\mozilla\Extensions
[2012.05.03 23:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kevin\AppData\Roaming\mozilla\Firefox\Profiles\0k8y9drj.default\extensions
[2011.09.01 17:01:10 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Users\kevin\AppData\Roaming\mozilla\Firefox\Profiles\0k8y9drj.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011.11.21 18:05:20 | 000,002,399 | ---- | M] () -- C:\Users\kevin\AppData\Roaming\mozilla\firefox\profiles\0k8y9drj.default\searchplugins\askcom.xml
[2012.02.10 20:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.08 18:21:57 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\KEVIN\APPDATA\ROAMING\13001.019
[2012.07.03 19:54:37 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.09.15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.03 19:54:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.10 20:13:08 | 000,002,227 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.07.03 19:54:34 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.03 19:54:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.03 19:54:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.03 19:54:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.03 19:54:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GlobeTrotter Connect.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09366E4E-02D7-4A13-8508-74EDA83BD4F7}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BD30CD0-5CB2-4F44-8A54-38798095746B}: DhcpNameServer = 100.100.0.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9578B769-81AF-470A-B6FD-E742C1864167}: DhcpNameServer = 213.162.69.170 213.162.65.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exeC:\Users\kevin\AppData\Roaming\appconf32.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Users\kevin\AppData\Roaming\appconf32.exe) - C:\Users\kevin\AppData\Roaming\appconf32.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3c9e05df-e6ad-11df-a5f4-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{3c9e05df-e6ad-11df-a5f4-e839dff3af0e}\Shell\AutoRun\command - "" = F:\setup.exe AUTORUN=1
O33 - MountPoints2\{45f3cb43-bf79-11e0-bd64-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{45f3cb43-bf79-11e0-bd64-e839dff3af0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{45f3cb56-bf79-11e0-bd64-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{45f3cb56-bf79-11e0-bd64-e839dff3af0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6e407265-a554-11e0-b3fa-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6e407265-a554-11e0-b3fa-e839dff3af0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6e407277-a554-11e0-b3fa-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{6e407277-a554-11e0-b3fa-e839dff3af0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7a3e0c27-db2e-11e0-8021-88ae1dea031b}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3e0c27-db2e-11e0-8021-88ae1dea031b}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7a3e0c29-db2e-11e0-8021-88ae1dea031b}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3e0c29-db2e-11e0-8021-88ae1dea031b}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{874a29a3-ec38-11df-bfd4-e839dff3af0e}\Shell - "" = AutoRun
O33 - MountPoints2\{874a29a3-ec38-11df-bfd4-e839dff3af0e}\Shell\AutoRun\command - "" = H:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.21 17:58:53 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012.09.21 17:58:47 | 000,000,000 | ---D | C] -- C:\Users\kevin\AppData\Roaming\Malwarebytes
[2012.09.21 17:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.21 17:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.21 17:58:27 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.21 17:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.21 17:55:00 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\kevin\Desktop\OTL.exe
[2012.09.21 17:51:24 | 000,000,000 | ---D | C] -- C:\Users\kevin\Desktop\anti
[2012.09.06 17:59:32 | 000,000,000 | ---D | C] -- C:\Users\kevin\Desktop\AUDIS
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\kevin\AppData\Roaming\*.tmp files -> C:\Users\kevin\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.21 17:58:53 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012.09.21 17:58:31 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012.09.21 17:50:56 | 001,502,350 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.21 17:50:56 | 000,654,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.21 17:50:56 | 000,617,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.21 17:50:56 | 000,130,442 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.21 17:50:56 | 000,107,458 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.21 17:50:55 | 000,000,188 | ---- | M] () -- C:\Users\kevin\defogger_reenable
[2012.09.21 17:49:13 | 3110,080,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.21 17:49:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.21 17:49:07 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012.09.21 17:49:07 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2012.09.21 17:42:31 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\kevin\Desktop\OTL.exe
[2012.09.21 17:33:29 | 004,503,728 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012.09.21 17:29:46 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.21 17:29:46 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.21 17:22:40 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.21 17:22:37 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2012.09.21 17:22:37 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012.09.16 19:38:33 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.16 08:46:12 | 001,522,192 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.11 22:47:13 | 000,001,882 | ---- | M] () -- C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\kevin\AppData\Roaming\*.tmp files -> C:\Users\kevin\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.21 17:58:31 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012.09.21 17:50:54 | 000,000,188 | ---- | C] () -- C:\Users\kevin\defogger_reenable
[2012.09.11 22:47:13 | 000,001,882 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.09.11 22:47:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.07.08 18:22:10 | 000,179,904 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\AcroIEHelpe162.dll
[2012.07.08 18:22:10 | 000,007,424 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\BAcroIEHelpe162.dll
[2012.07.06 13:15:02 | 000,051,656 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\loaupdt.jpg
[2012.07.05 23:40:38 | 000,007,424 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\BAcroIEHelpe160.dll
[2012.07.02 23:44:33 | 000,007,224 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\BAcroIEHelpe157.dll
[2012.06.21 22:52:01 | 000,000,103 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\urhtps.dat
[2012.06.20 22:55:37 | 000,000,051 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\blckdom.res
[2012.02.10 20:10:49 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012.02.10 20:10:49 | 000,029,706 | ---- | C] () -- C:\Windows\unins000.dat
[2012.01.27 00:47:10 | 000,003,584 | ---- | C] () -- C:\Users\kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.26 19:04:03 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.10.26 18:30:37 | 001,522,192 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.01 10:56:35 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.09.01 10:56:15 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2011.07.26 19:15:20 | 000,117,536 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.11.29 20:04:54 | 000,146,804 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010.11.29 20:04:54 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2010.11.13 16:22:30 | 000,003,086 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\PData.MMM
[2010.11.13 16:22:30 | 000,003,086 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\PData.MM1
[2010.11.03 22:19:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.09.25 20:48:09 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010.09.25 20:27:14 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2008.12.09 17:23:13 | 000,051,656 | ---- | C] () -- C:\Users\kevin\AppData\Roaming\appconf32.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
========== LOP Check ==========
[2012.06.23 10:32:40 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.023
[2012.06.24 18:56:59 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.024
[2012.06.25 19:58:18 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.026
[2012.06.26 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.027
[2012.06.30 11:57:02 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.030
[2012.07.03 19:46:46 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12001.031
[2012.06.20 22:55:41 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\12021
[2012.07.03 20:41:25 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\13001.014
[2012.07.05 00:32:20 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\13001.015
[2012.07.05 23:40:25 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\13001.016
[2012.07.06 17:17:15 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\13001.017
[2012.07.08 18:21:57 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\13001.019
[2010.11.13 16:22:30 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\AUTOSICH
[2010.11.09 21:40:01 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\DAEMON Tools Lite
[2012.02.10 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\Easy MP3 Recorder
[2010.11.24 18:46:45 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\Ebner
[2011.10.26 18:37:11 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\F-Secure
[2010.11.26 22:51:03 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\GetRightToGo
[2012.06.20 22:55:25 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\kock
[2010.11.07 19:13:20 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\Notepad++
[2010.11.15 19:34:43 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\Thinstall
[2010.11.02 18:39:38 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\Toshiba
[2010.11.13 23:52:33 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\TuneUp Software
[2012.07.03 22:11:16 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\UAs
[2010.11.02 23:00:28 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\WildTangent
[2012.07.03 22:11:21 | 000,000,000 | ---D | M] -- C:\Users\kevin\AppData\Roaming\xmldm
========== Purity Check ==========
< End of report >
Extra Logfile: Code:
OTL Extras logfile created on: 21.09.2012 17:59:35 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 3,01 Gb Available Physical Memory | 77,88% Memory free
7,72 Gb Paging File | 6,93 Gb Available in Paging File | 89,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 121,94 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 207,77 Gb Free Space | 89,37% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 385,97 Gb Free Space | 41,43% Space Free | Partition Type: NTFS
Computer Name: TURBO | User Name: kevin | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\kevin\Downloads\n11975310_09.JPG-www.facebook.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
"C:\Users\kevin\Downloads\n11975310_09.JPG-www.facebook.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07F4B0FA-F1E1-464D-A493-A9C42DD8C4C3}" = lport=445 | protocol=6 | dir=in | app=system |
"{0BD89B3D-C6EF-4F0D-B004-159E6558239D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C1F0BE5-7760-4A6A-A99F-F17D00266E91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17EB269A-3379-47DF-B6B9-9499EA3D64DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1B527A6F-79F4-41DF-8E7F-6394D3AFAD13}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F3A4F57-D449-4F78-8640-4E281F538524}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{420D0CB1-E0AA-4263-AF4C-5F85537A092C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{497B0953-7072-4675-ABCF-25AB0DF34736}" = lport=139 | protocol=6 | dir=in | app=system |
"{5009BFA7-F9E2-440F-BD4E-83515F229D6C}" = rport=445 | protocol=6 | dir=out | app=system |
"{63EBEBEA-42A2-4EFE-9F3D-00242AC3F941}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64F83F8F-DE54-4510-B557-D30E13A2E03D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{78FD394A-4FE6-4D32-AAE7-B9B947DC868E}" = rport=137 | protocol=17 | dir=out | app=system |
"{7CDF7496-3C14-410C-B439-D143C6E396C4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8EB5EA00-46D6-4FB8-9773-C697B40C8259}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{92BFCD54-85BA-464D-A9E2-1F93BB04A259}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B2610199-63DF-4E54-9B8A-FC5511D8B2FB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B39DFB4F-E952-45C5-A66F-6A8CFABC72C1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C17066D0-6D77-4164-9357-1B12088E82EB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CBBE05A6-3BEB-411B-B284-6B4368CC21B1}" = rport=138 | protocol=17 | dir=out | app=system |
"{D18641A5-5187-460F-BD57-36B8FC5F7A84}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D2086CF1-CF64-4B89-A8E5-C1B4431FE27A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC3A35DD-35EB-42FE-B909-E3130AAE19A7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E6E31F88-8851-4F2D-98B6-83478A97CF66}" = lport=137 | protocol=17 | dir=in | app=system |
"{F0E49379-F96E-4443-8211-817A7EFFA4E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5F2FA20-9A3D-4C53-8220-8202137116B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{FC0753F9-BA1A-4100-982D-E6D68ED9BC76}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016B8625-1CCC-451D-9769-A1D7800C2ADB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{054F526A-207B-4B6D-A363-B0EF69A73CD8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B4CDC51-284C-4B19-94AD-BFD68E36C7C8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B846BE0-86DB-4805-A58D-B81763C611AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B900F95-F161-402A-BEF4-9A3082B8468A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0C6B1112-B7C2-4385-A4B1-D486B3170C63}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{10804FF2-FD0B-45F5-B1DA-53A032BBD994}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{10F4EB5F-145B-418F-9370-EAE43CA6B73C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{116968C1-5D33-41BE-AEC2-890EA969FA5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{117EC5D3-371F-4C52-984E-3C309EAE1CAD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{12A168CB-7E3B-4635-9397-88AC53C51D81}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{134B235A-258D-4026-941E-1E1B2DEAE603}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{186DFE4A-709C-484D-96F1-48A8EE0031FB}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{19529FC7-2320-49D9-965D-EF0BE8C88D43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{1BEFD217-AD5F-441B-9235-241B073A7BBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C136616-0197-4BB3-8605-65A106E8B20E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C654198-4CDD-4AB4-A6D7-88671524E432}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F080547-5B17-4CCF-AEAA-6D24CE3242D1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22D35AEE-25A8-41DE-8B11-95B51516AD2D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{239394C2-610C-413B-BD3E-EF89DFCB8AD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{23F5670F-678B-4C48-8BFB-99CF2E2C4DED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{23FD9CF7-8BBA-402D-ABDE-BF20D79555DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{296F8083-A2D8-4FD2-BCA2-68F7BCB20ECA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{29A980EE-86E9-4983-8D83-1D19AC9A0146}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2A8C05D2-B3D4-482B-94A4-C7B2161429CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BA33EAC-BC83-4512-8EB7-F4F9EA17FFC9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2C38E711-13FB-4773-A6B4-4C8508A7E661}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2C4815AD-1D69-47F4-9FE9-7B4DE335133B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2C5E0DA0-9BFA-4A0F-90ED-2C4D20A7DE43}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2CDC8CC7-3665-48D7-9A8B-375D2602E4CE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2FCACE80-F459-46DD-9512-EFD77A59404D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{301DAC32-17B3-4ABD-A5C3-1FB24F159CC4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3040CEEF-0AEB-4DCC-B364-0946A1F805A8}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\apache air assault\launcher.exe |
"{30A86F1A-83A1-4F2F-961B-D0A8AA5BB6C0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3914D428-4CFD-4CBC-B593-A03DAC24C590}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{3A47A44B-37D6-4ACC-8E1B-BEC6B45DF1C6}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{3D65AA97-99EB-41E4-BA9D-F8D286227995}" = protocol=6 | dir=out | app=system |
"{42DB32D0-794B-4A66-B8DA-10393FA3D8E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{46870469-7E13-4A12-93CF-94ABECAD8CEF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{474E6C7B-F88A-4D91-B1BF-6D850EA3F757}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{485D1D0E-997B-4638-B1CF-57A62F63A6FD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{49B39362-1B12-40E2-88F5-5F9E19091691}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{52B89713-818A-4A45-AA8A-7FF846ACF8FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{556EFF51-68D5-42E2-B65A-BF8F34DD77E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D12304D-0B3F-41A4-8FF3-99C2974ACB4A}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{5F5D1C79-81D0-4DD1-A7DB-42D1AD55F887}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B9FADB5-C42C-4399-B906-AF5F48E3855F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E1D547F-B7FC-42A3-A880-A20FDFA79EB0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6E39F251-E07A-459C-9A28-D605872AAE1C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7321FE46-82A8-420F-AF70-6B7CCE5A75B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7486440F-2F52-4F07-8949-ED6165DD9F8B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{76FE12B9-0B2B-4B14-8E69-5B70C2115CF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{796267D0-3308-4B2C-9D78-23C2FBA6AEB7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A0851F9-93DC-4C5A-B91D-F22CAEC7F242}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7B023CAE-28D7-4AD8-A3A2-8A5A745B3239}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\apache air assault\yuplay\yuplay.exe |
"{7CFD14DA-F77A-45FA-BC31-6E4B52E390DB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7DE8CBB5-E85B-482B-B3B2-754BDAC035D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{84C4CCF8-F14F-4F80-BE4B-D686EC714888}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8513CD5E-07FD-4BBF-A407-17CD75B481EC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8A34F06D-5703-4BB2-928C-F4155026DDD7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8BB89C7F-EF28-4431-9541-B96B34E0E9CF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D8546B2-E847-4520-9EFC-2744316A0DA9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{945E3851-D935-4E9A-8A78-979B76309F89}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{96A70CD0-C607-46B1-B1BC-C8075A2CBA2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{974C9DC9-9006-4816-8119-CA81896AAA61}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{98C3EC77-E28D-4360-BBDE-12398F19C0CB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9BDD2E01-4A4A-4772-BB22-FB03F01B073B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9C1861EC-12C0-4C4F-9A13-BE8B950258CE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C4E924F-B1EE-4B06-AE01-0626AF0848B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9CEEB94C-15DB-45E6-A4D8-4E7398DE17D6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9D064FEB-A0A5-4E5A-B577-C70C57124D26}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9FBD2452-467E-48E1-8F8C-2B661813F675}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{A358329D-4F99-46B6-BF1F-C8E233FD197D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A4E03170-F4CE-479B-B951-9CBB9851C683}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AC3A1281-9F11-429D-ADFD-D6D233994896}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AD82ECA1-EF73-44B4-823D-CA91DE0982DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AFE9F211-42CB-4A84-BF95-6B190409E9D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B102CB9E-9D91-4C65-B662-5119AACBC566}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B48D85FB-EB41-4D9E-922D-BAAD1D300EC6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B74E8E34-8C9B-4796-9586-095446CA42F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B898E544-1D78-459A-8AB6-D5606592C499}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD17135F-1A8E-4DB4-A906-CBE9C0CCFE10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF9B6A5C-8D29-4425-8F0A-FED26F936295}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C00FA24B-DE04-48A2-9526-B9F795A4A92B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C014055A-6C32-4DA5-801B-AE2BCA23EA07}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C19A84D8-393F-4285-8505-36F5D26C8734}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C43C429A-547E-428B-B780-267633A2C885}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{C4BA246A-AEF9-4AAC-BE89-3210FC83B79D}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\apache air assault\yuplay\yuplay.exe |
"{C60F708C-8B82-469A-BFDE-061275B337EB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9E18857-9D3E-42C8-8A36-8E7F46D65AC2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CC580F4C-480D-46BA-B9CC-CCB3F2D3E75A}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{CD93D362-1832-4249-AC51-425B5BF465BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D10DA158-5BA3-4A04-8719-9F424D813A7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D2F96BC3-F71A-4D2A-8A02-C4A35B488759}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D36444D3-6486-481F-8CA5-16B3A5FC2532}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E224BBB5-FC7D-4300-89E7-50B431F5EFCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E3E7A337-DCB8-423D-BCBB-752380C7EA83}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\apache air assault\launcher.exe |
"{E5F696F8-BC8F-48ED-95B8-B3FC971A0F0C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E6B014E1-FA42-478D-BF25-7F15569DD763}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E75DAD02-F70A-4853-988A-E32EFD80B334}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7BFD7FC-C0A9-4B58-951D-4C650041AA2D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E92CEA5F-AD62-4A06-BD4A-492CC6F02196}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F31C0BDF-8CF1-4A75-BCC4-1850B2C8A5A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F668612D-4DD0-4D9C-BA9F-C955CD8FE023}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F79E9DA7-9A58-4469-A7CA-FEAA962A8210}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FA7C77F4-8AA4-4D7B-97BC-FF804B0E735B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEB468E4-B769-4426-BA98-9E18A6AC3B31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FFA453D3-A65B-4278-8367-5320F0B4E5CF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FFF23E98-EABB-4384-B51C-9605A6AE4D18}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{727E94E5-584F-4463-B4F5-93D3779C610B}_x" = GlobeTrotter Connect
"{734BB935-6F4E-27BB-16EB-BFF2843373AD}" = ccc-utility64
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B5896016-3143-B94F-585D-DF75DAF1D879}" = ATI Catalyst Install Manager
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EDC3D528-A5DC-4B28-A278-2E368BED1A81}" = GlobeTrotter Connect
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002C0EFC-6D28-1740-C633-9762D8D823A1}" = Catalyst Control Center Core Implementation
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0C45734A-4776-0437-2A1F-0673B270C037}" = CCC Help Finnish
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{139303FD-A877-D219-DFDE-1FED7BC8E707}" = CCC Help Hungarian
"{146A78DF-CB21-913E-9E4B-F015B07D96DC}" = CCC Help Danish
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20F91DE6-B502-3896-A66C-5B6961875EA1}" = CCC Help Russian
"{21744B1A-8222-2565-0BF4-91933F37CD32}" = Catalyst Control Center Graphics Full Existing
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{25BE0917-2374-4921-7C83-4DEDFE47E6BE}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 22
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2B000B80-A3FA-4B92-A5FF-D9AD402B6701}" = Toshiba TEMPRO
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E13E16A-5E1F-FEB8-6329-EBEEDC34B016}" = CCC Help Chinese Standard
"{3205D813-07EB-B6B5-AE8F-9472FA3AACEB}" = CCC Help Polish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D4735F0-2BB9-0D3E-68EB-7444AE09A850}" = CCC Help Greek
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{41ECCDB3-5898-4EDF-2937-E5A328DF4BD3}" = CCC Help English
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{522B2AFF-08BC-AAE9-C074-6072857415E7}" = CCC Help Swedish
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54D7FE02-8554-471A-B42A-A59E6243302C}" = ClearView
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C4B623D-4F3A-4609-F666-DBD36BFDF8B1}" = CCC Help Korean
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5E4B86E5-CD0E-4D3D-BE21-45A30326850A}" = Microsoft Search Enhancement Pack
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65DD52E5-5BAB-26CB-66DB-0A2C27CE2242}" = CCC Help French
"{6B65AA2D-C096-34DE-22C9-F82BE3F7E492}" = CCC Help Dutch
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{719015FD-7256-F9CD-A6CF-014B3F9D75BE}" = Catalyst Control Center Graphics Full New
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = Moozy
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{839D40C8-00B2-338C-63E6-46E9F03AE114}" = CCC Help Czech
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89277778-ef55-436b-9ee9-20d96d7b6dc3}" = Nero 9
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B2F2B38-E334-4DF1-3268-197213425B8D}" = CCC Help Chinese Traditional
"{8B3953E3-C79C-88AF-CBB7-7C9687557408}" = CCC Help German
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91CD08AA-5402-4C64-A9CA-C7B4A479C003}_is1" = Counter Strike Source v1.0.0.34
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{971CCF2C-4767-7FDA-BD9F-5C1B84FD274F}" = CCC Help Norwegian
"{9763F0A1-05D2-3B8B-69E9-863CBC2BBDC9}" = CCC Help Spanish
"{97893548-d58e-4a72-871e-efd0a7337c70}" =
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9B7923E7-A4B7-672E-17D0-1B9C12CADA88}" = Catalyst Control Center Graphics Light
"{9BB7E2D9-E744-D21F-94D0-ED9DC47B85C3}" = CCC Help Portuguese
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A04FB5AC-FB39-B5CE-BBB4-3E2AA569B6EC}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}" = Sentinel Protection Installer 7.5.0
"{A6F90342-311E-FE77-2461-5B398D395C07}" = Catalyst Control Center Graphics Previews Common
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.de
"{A794ED96-BF39-99BD-ADB4-EE899BAB1275}" = CCC Help Thai
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95654B2-4E5B-E98D-C3AA-34037DEBDE65}" = CCC Help Italian
"{AA891DD9-E2ED-D5FE-F303-CD8D1DD5DC4E}" = Catalyst Control Center Localization All
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{B01E17BB-55FE-E2DA-7594-63201FC82A21}" = Catalyst Control Center Graphics Previews Vista
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{bd8defa4-19fa-4964-9692-f1122d8a62d9}}_is1" = Apache: Air Assault 1.0.0.1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CF0F1BD6-C030-4B82-ABF5-B06A2D154DF9}" = RealFlight G5 Demo
"{CFF6A98F-90C1-4977-9C8A-70B259DEB139}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D33B41E6-D2B2-4841-A24E-2D3FB791AE72}_is1" = Steig ein! 9.3
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DCE2759D-DB67-0558-6A51-C54775CEED71}" = Catalyst Control Center InstallProxy
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}" = Lock On: Modern Air Combat
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9FABC27-A955-4EDC-7732-F5BADB80F546}" = ccc-core-static
"3D Bowling" = 3D Bowling
"Adobe AIR" = Adobe AIR
"BabylonToolbar" = Babylon toolbar on IE
"Bigfoot 4x4 Challenge_is1" = Bigfoot 4x4 Challenge
"Call of Duty Black Ops_is1" = Call of Duty Black Ops
"DemolitionCompanyDE_is1" = Demolition Company
"ENTERPRISE" = Microsoft Office Enterprise 2007
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"FMS" = FMS
"F-Secure Anti-Virus" = F-Secure Client Security - AntiVirus & AntiSpy-Schutz
"F-Secure E-mail Scanning" = F-Secure Client Security - E-Mail-Scanning
"F-Secure HIPS" = F-Secure Client Security - Systemsteuerung
"F-Secure Internet Shield" = F-Secure Client Security - Internet-Schutzschild
"F-Secure Protocol Scanner" = F-Secure Client Security - Web-Datenverkehr-Scanning
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"JDownloader" = JDownloader
"LineRider" = Line Rider
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Pool Hall Pro" = Pool Hall Pro
"Schrottplatz-Simulator 2011_is1" = Schrottplatz-Simulator 2011
"Shockwave" = Shockwave
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Steam App 240" = Counter-Strike: Source
"TOSHIBA Game Console" = WildTangent ORB Game Console
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 1.1.4
"web'n'walk Manager 1.6" = web'n'walk Manager 1.6
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"sc11-AT_ORF_MAIN" = Ski Challenge 11 (AT)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.04.2012 15:28:13 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.04.2012 15:28:13 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 59814901
Error - 23.04.2012 15:28:13 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 59814901
Error - 23.04.2012 15:28:14 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.04.2012 15:28:14 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 59815900
Error - 23.04.2012 15:28:14 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 59815900
Error - 23.04.2012 15:28:15 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.04.2012 15:28:15 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 59817007
Error - 23.04.2012 15:28:15 | Computer Name = Turbo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 59817007
Error - 27.04.2012 17:23:36 | Computer Name = Turbo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1051,
Zeitstempel: 0x4b9e4ab6 Name des fehlerhaften Moduls: atiadlxx.dll, Version: 6.14.10.1054,
Zeitstempel: 0x4b9e3dbe Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001e858
ID
des fehlerhaften Prozesses: 0x4c4 Startzeit der fehlerhaften Anwendung: 0x01cd231fa21fee0a
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\atieclxx.exe Pfad des fehlerhaften
Moduls: C:\Windows\system32\atiadlxx.dll Berichtskennung: 3f6b42cd-90af-11e1-a31e-88ae1dea031b
[ Media Center Events ]
Error - 25.12.2011 07:58:01 | Computer Name = Turbo | Source = MCUpdate | ID = 0
Description = 12:58:01 - Fehler beim Herstellen der Internetverbindung. 12:58:01
- Serververbindung konnte nicht hergestellt werden..
Error - 25.12.2011 07:58:13 | Computer Name = Turbo | Source = MCUpdate | ID = 0
Description = 12:58:06 - Fehler beim Herstellen der Internetverbindung. 12:58:06
- Serververbindung konnte nicht hergestellt werden..
Error - 29.12.2011 01:48:45 | Computer Name = Turbo | Source = MCUpdate | ID = 0
Description = 06:48:45 - Fehler beim Herstellen der Internetverbindung. 06:48:45
- Serververbindung konnte nicht hergestellt werden..
Error - 05.01.2012 02:32:45 | Computer Name = Turbo | Source = MCUpdate | ID = 0
Description = 07:32:45 - Fehler beim Herstellen der Internetverbindung. 07:32:45
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
Error - 21.09.2012 12:00:35 | Computer Name = Turbo | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "WINDOWS" den Befehl "chkdsk" aus.
< End of report >
Wäre euch sehr verbunden mir diese Daten auszuwerten und um abhilfe zu schaffen!
Danke im Voraus,
cerberus! |
