| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nixWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.02.2012, 16:03
| #1 |
| |  50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix Hallo ihr lieben. Ich habe bereits den großteil heute in eurem Forum verbracht.Wie bereits oben geschrieben, habe ich mir den 50€ Virus eingefangen. Ich habe den Malwarebytes bereits durchlaufen lassen und die bestehenden Objekte gelöscht. Als ich aber wieder nach dem Neustart wieder ganz normal mit dem Laptop arbeiten wollte, kam immer noch die tolle schwarz-rot-gold Meldung. Was kann ich noch tun? Bitte helft mir! Ich habe nämlich nicht wirklich Ahnung von PC und co. Bitte eine idiotensichere Hilfestellung.... Vielen Dank!  |
|
20.02.2012, 16:06
| #2 |
| /// Malware-holic   |  50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix hi,
__________________1. neustarten, f8 drücken abgesicherter modus mit netzwerk wählen. 2. malwarebytes öffnen, logdateien, ergebnisse posten. 3. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
20.02.2012, 16:11
| #3 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix alwarebytes Anti-Malware (Test) 1.60.1.1000
__________________Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.02.20.01 Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 ProMarkt :: PROMARKT-PC [Administrator] Schutz: Deaktiviert 20.02.2012 13:22:57 mbam-log-2012-02-20 (13-22-57).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 523645 Laufzeit: 1 Stunde(n), 55 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 2 C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Löschen bei Neustart. C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll (Adware.MyWebSearch) -> Löschen bei Neustart. Infizierte Registrierungsschlüssel: 237 HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\FunWebProducts.DataControl.1 (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\FunWebProducts.DataControl (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.FunWebProducts) -> Keine Aktion durchgeführt. HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094 2012/02/20 15:22:00 +0100 PROMARKT-PC ProMarkt MESSAGE Executing scheduled update: Daily 2012/02/20 15:22:09 +0100 PROMARKT-PC ProMarkt MESSAGE Scheduled update executed successfully: database updated from version v2012.02.20.01 to version v2012.02.20.02 2012/02/20 15:23:14 +0100 PROMARKT-PC ProMarkt MESSAGE Starting protection 2012/02/20 15:23:17 +0100 PROMARKT-PC ProMarkt MESSAGE Protection started successfully 2012/02/20 15:23:20 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection 2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully 2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE Starting database refresh 2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE Stopping IP protection 2012/02/20 15:23:27 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection stopped 2012/02/20 15:23:30 +0100 PROMARKT-PC ProMarkt MESSAGE Database refreshed successfully 2012/02/20 15:23:31 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection 2012/02/20 15:23:35 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully 2012/02/20 15:41:40 +0100 PROMARKT-PC ProMarkt MESSAGE Starting protection 2012/02/20 15:41:43 +0100 PROMARKT-PC ProMarkt MESSAGE Protection started successfully 2012/02/20 15:41:46 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection 2012/02/20 15:41:51 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully so dass sind schon mal diese Lod-Dateien.Ich lad mir jetzt diesen Oldtimer runter. |
|
20.02.2012, 16:51
| #4 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix so hier jetzt die OTL.TxT Datei OTL logfile created on: 20.02.2012 16:16:46 - Run 1 OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free 6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2012.02.07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012.01.21 10:12:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012.02.14 20:57:36 | 000,076,800 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko9.dll MOD - [2012.01.21 10:12:14 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011.12.12 13:40:04 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll und die Extras-Txt.: OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1 OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free 6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] |
|
20.02.2012, 16:53
| #5 |
| /// Malware-holic | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix das sieht irgendwie unvollständig aus, poste die logs noch mal bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.02.2012, 17:12
| #6 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free
6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DAB8F7-2498-4CC1-91F3-AFD2B2E4782F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20A5C5DA-EB9E-479F-BF64-24FDAC295AF6}" = rport=138 | protocol=17 | dir=out | app=system |
"{23D379B7-EEF2-4632-BA1F-3D1A60338CE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B0E0A74-A19F-4944-A4B1-33A7DAE6C1AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31D0DCB8-819E-4073-8E4B-37F5D3D121CE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{34790652-788B-4285-A1FE-C849A4C4EBF8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5CF9C06D-C484-4A3D-9BB0-B376443979FB}" = lport=139 | protocol=6 | dir=in | app=system |
"{65283B25-86FA-48C2-BAFC-BA081087F8DA}" = rport=137 | protocol=17 | dir=out | app=system |
"{6AB1A956-D6A2-4E59-97E9-9FA914FE6DC4}" = lport=445 | protocol=6 | dir=in | app=system |
"{6D8130F7-AABA-408C-979E-EA403FAF8E3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E4897E4-0389-4C68-8C44-EBE0AE05FDA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A3E05D2-FFE0-4A1C-A5C7-C7110171220B}" = rport=445 | protocol=6 | dir=out | app=system |
"{7C7BEA30-2D39-4D11-895A-52EC00306236}" = lport=137 | protocol=17 | dir=in | app=system |
"{8CC79FA7-1E5E-4839-8781-61B34DA6C635}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8FA544CD-BE52-455B-9352-A7782BD4DC1C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9BE45BE5-4840-4C5D-9A9B-1DFFBF40500C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B6711F87-19DF-4C0E-9E51-43219754C3D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BB55D5AC-A1E0-4EA4-947E-CD0CDFD51E39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BCB9C679-75D9-4FBE-954A-3842018D3D64}" = rport=139 | protocol=6 | dir=out | app=system |
"{C81C1B58-F72D-4BFC-80F9-CECE270F4FDB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3CF8E4C-47CD-4E4C-B6A3-E4BB3AF71A01}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D640AA19-70B8-4EA8-93D5-F1BAC175516D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D90FB387-61C7-4FAD-8246-B1E0135033F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E64AB04F-3747-48C6-AC3C-8CF59BC11C53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9138026-2C89-49EE-A214-D2A1E4A817BF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022EF97B-5F85-4C19-8EE5-B8EFB9D4B1DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{02C1B8B9-221B-46AB-9B5C-540D708B178F}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe |
"{0370BD5E-B0AF-4F78-A4D6-9214A21CB6CE}" = protocol=6 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe |
"{04268B23-C847-4E72-A157-60103B8D4F02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08B88178-DB22-48AE-87C8-D559A4F7BF07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{095F2DA3-80F9-4537-B8C3-ED6A21894140}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{10639845-8177-49F3-996B-6E3B8D41B4F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{16B95E55-E9FC-44C1-A21F-0F618C88CDE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{19495C47-BE96-4A13-92F9-D5364AF0DCF1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1CEA12EF-C4E9-4A55-B352-93DA9618CB99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{1E3A6BEA-978F-4722-9561-F0668E465991}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1EF501BA-6AAA-415F-BED4-5E2CAB1C46F7}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{21156917-730D-47EA-A749-7D5670503EDA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{23A27F83-0D31-4534-9A76-E87E8D252482}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2583223A-0718-480C-9E6F-8D4FCA1D5005}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2B73ED2E-ABE3-42FE-9BFC-25A1896DF625}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe |
"{325C9D50-9BB1-43D6-B6B2-E6438185F96B}" = dir=in | app=e:\setup\hpznui01.exe |
"{34F1C6AA-65F8-4CFE-8365-6E77236090D8}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe |
"{3A248AC8-8B60-4552-86F4-E936EF4C4B96}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3EC7A865-5CD5-4465-ABD2-9E0EF0B0B934}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{40F2DAA3-93F6-4604-9C54-80AA7493862D}" = protocol=17 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe |
"{44A20107-13FD-4874-89C3-5EE178434513}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4CA4991C-6B3A-44C2-B620-C39E82B5DBAF}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe |
"{555A893E-FDF2-4317-BFA8-665946763BC8}" = protocol=6 | dir=out | app=system |
"{5816B92A-2E89-48BC-841B-7EB6F4DB4C4F}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{5C9D91D1-40A0-4A68-8473-43B4E4F1B637}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5CEEDEF3-F127-4D34-B08C-FE9852021697}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{5D4B36F6-D572-48FD-B032-48137B4FE23A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe |
"{63962F54-74EB-4384-BD28-ACCDD6255C5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63F7DC3E-C7B6-4576-ACBF-5D5ABBDB6F7E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{69F0AFA1-010C-41A4-B5B8-DF7D48116C0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{6F25D84B-F0D6-47C9-8246-4F161594CA77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{705E6D35-48FF-4252-BB42-80C6FC0111F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73BD1927-8439-49A7-B345-997ED83A1122}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{74D33E81-4C09-491F-9876-08B0BA200C7E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{78A582DB-FFF5-487A-A48B-9B919EB84705}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe |
"{795E5D3E-56A1-469A-9B3A-89E52817D535}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7B4BD0CA-50CA-44B4-93A6-C5B64496DCFB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8025C76D-E90A-453A-AF22-73E1D18561D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82C655CC-30DD-4C39-8AF3-6E56F03469B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83EFE8DA-8C7B-44D0-ADAD-B6F8DEAD5DA2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{847E1B7F-36A7-4D38-875C-F427A36A705F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{869B4F14-AB44-429B-BD01-99EF89DB640F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89CDE994-D4F8-4CF9-9EF2-AAF163CF8248}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{8D2A95AF-3D82-4211-8973-65616543EEDD}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8F16B1E7-AE4D-4C9C-BAAC-9E51A793C3C3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9CC2F7D1-6037-4615-90D1-5C912A338863}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A3008DBD-41C8-41A2-9C7F-2329F3B95DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A517C3DA-65EA-48A9-A9E8-2DE69B9D0D86}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{ADC028AF-7DFC-4B66-B79B-7D8E0EE325E1}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{BAD62B64-FC49-48C5-BDD9-524EB6B6B59B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe |
"{BB0C0896-E775-4FB8-9064-590E5320A637}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC51C0DA-2477-48AA-8FC8-81124A1E4F1E}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{BC853D97-08B9-4586-9C43-DFA3C33392F6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C0541715-F39B-49DB-B10A-1A98A97FBBA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD168752-FF31-49A6-9642-43CFF3604F8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{CE59635E-0C5C-465B-8B6B-E210C46F4027}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D4043BB7-E6E8-4353-8ECF-C681E9414180}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{D48400D1-A452-447E-8C56-51C39CBB38B3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe |
"{D6C20B96-A7E5-4D41-BB65-8BDDBA63895E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE434559-6B73-4579-9337-7D96FACAC8B9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E8CFAEEE-E28F-4ED4-9C9A-690429F35CE3}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{EA2AB6F6-D385-4F1F-A5BA-DAB4210751C0}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{ECC0E031-7E87-45F5-A5F8-9ECF26EA4B73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{F12BF12D-1359-4BA5-A4AE-21B0F639DEDE}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe |
"{F217BB12-3012-4973-A266-6F3936724FE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2C6065F-CB6F-42F9-873D-139BB74FC505}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe |
"{F31BA15B-E47E-4CD2-9138-26F49E183C79}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F7C7DF0C-DE83-49CC-AAD3-364482A75374}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{F808A2E2-9E57-4128-8C93-A01AABADABFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{2E10178D-5EBA-44C9-AD5A-9366393EA43A}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"TCP Query User{4A38F161-D678-4318-BBCE-1ECF809BD066}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{5057036A-FCAD-4108-9FE6-44CBEDBBEAD2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{54D41A2D-05BC-4B30-A956-B9D5DA55AA07}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{5F63B3AC-2FAA-4ABC-BA71-A76DA10A5444}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{8DA1BF8B-1D86-4ADD-9EC8-B32D2DDEF3F8}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe |
"TCP Query User{9E205BE3-1A54-49B9-B6D9-3D77E290D760}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe |
"TCP Query User{A320ABF8-3945-4CAA-AAEF-FF9662B592D1}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{A81A1FE5-96A9-45EB-A04E-03C85F850FE6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{E10C278F-2A1E-4308-BC93-CC1B14B00985}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{F1024B5E-3CBA-497C-9CF3-EE33B439444A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0F06F252-F68A-4F17-A3E4-61A8278AA0E5}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{37345880-D1F4-43AA-9E27-8429ADBD73AD}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{3ADBB293-033D-449E-86C0-D9CC14C5FDCB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{3ADEAE7F-A8A2-41A6-89A1-8C21121BD4A0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3B471DAC-9DD3-4D5C-B611-13564A2F036B}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe |
"UDP Query User{4D906713-D34E-4859-B938-1018C6D57D79}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"UDP Query User{57D31400-75FF-4746-B9FC-AE5B1DE16940}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{61B3C153-5CEB-47CD-B21F-0620EBAF41E1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{CBC23B42-9538-4058-98B7-BAC9DF8FEBB2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{CF929AE1-7C52-433F-950A-B13A59CB63F2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{EB111ED2-1147-4942-89A4-AA73C6B55896}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation
"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{402BFE8F-E223-4215-BCCE-7634FB202909}" = Journey of Hope
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian
"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A11948E-8521-43B8-BBBD-5C24B804F0A3}" = Samsung PC Studio 3
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing
"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C97698A-FAB5-41DB-ADB0-5FCB2BC84588}" = InternetExplorer-GMX-Addon
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean
"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113219527}" = Gemsweeper
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119633810}" = Club Der Ermittlerinnen - 4 Kleine dunkle Lügen
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119974283}" = Jar of Marbles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119988867}" = Fear for Sale - Mystery of McInroy Manor
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005202}" = Magical Mysteries
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005245}" = Jewel Match 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005390}" = The Agency of Anomalies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005401}" = Dream Woods 2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{847378DE-A6F2-4D63-ADA5-FE90496222D5}" = O&O CleverCache
"{85916CB0-4F79-4672-9E74-2F08B8A7157F}" = Das Seelenschiff
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish
"{A48A1D1C-307A-46F9-983E-9762863D15F1}" = GMX Toolbar MSVC100 CRT x86
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins
"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility
"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek
"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish
"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light
"{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}" = Nokia Software Updater
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish
"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = Die Sims - Complete Collection
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"04d1a5ee752ea0bba32187facb004bdc" = The Magician's Handbook - Cursed Valley
"0f39ccaa11c9cd1f89baf152791761e4" = G.H.O.S.T. Hunters
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = GMX Toolbar für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = GMX Toolbar für Internet Explorer
"14d282e311142e19fed42f537b66812d" = Golden Trails - The New Western Rush
"20 days to find Amy_is1" = 20 days to find Amy
"3579ddfd54c5f785ab5b7ad236e820d2" = Golden Trails 2 - The Lost Legacy
"37e10e4eaf44e0b4f634b76a940b6c2d" = A Gypsy's Tale - The Tower of Secrets
"3d6591571f4d1f2816b51fa639cc3064" = Adventure Chronicles
"3d6a0fd7d50d9d5415e8469c14994675" = Campfire Legends - The Last Act Premium Edition
"422f8c51dc38c8f457f34177464aa4cd" = Mortimer Beckett and the Secrets of Spooky Manor
"477ddef69c1f5f948c934c84eb573b5e" = Gold Rush - Treasure Hunt
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"510005627" = Macabre Mysteries - Curse of the Nightingale
"54b97cd87dc11fb7a021ff00eb405c94" = Big City Adventure - San Francisco
"85f3d7b141ab87ca6b3046789c286c75" = Mysteryville
"868b646b464ed3353ca94b579eee1a61" = Jewel Match 2
"ABAEnglish" = ABAEnglish 2.0
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Alamandi" = Alamandi
"Amazing Adventures The Caribbean Secret" = Amazing Adventures The Caribbean Secret
"Ancient Secrets" = Ancient Secrets (entfernen)
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"b3a4763adf0308bdc9d700912dd19bad" = The Treasures of Mystery Island
"BabylonToolbar" = Babylon toolbar on IE
"Bejeweled 3" = Bejeweled 3
"Bejeweled Twist 1.0.3.8137" = Bejeweled Twist 1.0.3.8137
"bf28585d035ebda81d8dad6bba4b578b" = Voodoo Whisperer - Curse of a Legend
"BFGC" = Big Fish Games: Game Manager
"Cave Quest" = Cave Quest
"Cradle of Rome_is1" = Cradle of Rome
"d1add0d29cc2e71c1ce9672c8016211f" = Little Shop of Treasures 2
"Das mysteriöse Drachenrad" = Das mysteriöse Drachenrad
"Das Vermächtnis der Insel 2" = Das Vermächtnis der Insel 2
"Der Exorzist II" = Der Exorzist II
"DFX for Windows Media Player" = DFX for Windows Media Player
"Diamantenfee 2" = Diamantenfee 2
"Diamond Drop 2" = Diamond Drop 2
"Die 4 Elemente II" = Die 4 Elemente II
"Die Matroschka-Morde" = Die Matroschka-Morde
"Die Wiege Ägyptens" = Die Wiege Ägyptens
"Die Wiege Olympias 3" = Die Wiege Olympias 3
"DivX Setup" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"e57b471cf4eded51f540b1940d35d50d" = Mortimer Beckett and the Time Paradox
"ea8d1486bb53de1d7add0a3a48600ba8" = Romance of Rome
"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL
"Elementals: Der Magische Schlüssel" = Elementals: Der Magische Schlüssel (entfernen)
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Firefox 3.5 GMX Edition" = Firefox 3.5 GMX Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"GamesBar" = GamesBar 2.0.1.109
"Geheime Fälle: Die gestohlene Venus" = Geheime Fälle: Die gestohlene Venus (entfernen)
"Geheime Fälle: Vermisst in Rom - Spezialversion" = Geheime Fälle: Vermisst in Rom - Spezialversion
"Geheimnis von Montezuma 3" = Geheimnis von Montezuma 3
"Ghost Town Mysteries" = Ghost Town Mysteries
"Google Chrome" = Google Chrome
"Hide and Secret 4: Die verlorene Welt" = Hide and Secret 4: Die verlorene Welt
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"iMesh 1 MediaBar" = MediaBar
"incredibar" = Incredibar Toolbar on IE and Chrome
"InstallShield_{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InternetExplorer-GMX-Addon" = InternetExplorer-GMX-Addon
"jetztspielenob.de Toolbar" = jetztspielenob.de Toolbar
"Jewel Quest II_is1" = Jewel Quest II
"Karthago 3" = Karthago 3
"Kfz-Kosten senken_is1" = Kfz-Kosten senken 1.1.8
"Kinder des Mondes" = Kinder des Mondes
"Laura Jones" = Laura Jones
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Encyclopedia 2: Mondschein" = Magic Encyclopedia 2: Mondschein (entfernen)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Meine kleine Farm: Das antike Rom" = Meine kleine Farm: Das antike Rom
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Midnight Mysteries" = Midnight Mysteries
"Midnight Mysteries: Teufel auf dem Mississippi Sammleredition" = Midnight Mysteries: Teufel auf dem Mississippi Sammleredition
"Millionaire Manor: Die Wimmelbildshow" = Millionaire Manor: Die Wimmelbildshow
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MyPlayCity Toolbar" = MyPlayCity Toolbar
"Mystery of Unicorn Castle_is1" = Mystery of Unicorn Castle
"Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I. - The Curious Case of Counterfeit Cove
"Nightfall Mysteries - Die Ashburg Verschwörung_is1" = Nightfall Mysteries - Die Ashburg Verschwörung
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019
"Nokia Ovi Suite" = Nokia Ovi Suite
"NSS" = Norton Security Scan
"ORTMANN Media-Verlag Cross Stitch Designer 4.0" = ORTMANN Cross Stitch Designer 4.0
"Phantasmat" = Phantasmat
"PROHYBRIDR" = 2007 Microsoft Office system
"Red Crow Mysteries: Legion" = Red Crow Mysteries: Legion
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Rune Of Fate_is1" = Rune Of Fate
"Sacra Terra: Nacht der Engel" = Sacra Terra: Nacht der Engel
"Samantha Swift 4" = Samantha Swift 4
"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Sarah’s Ranch" = Sarah’s Ranch
"Schätze der geheimnisvollen Insel: Das Geisterschiff" = Schätze der geheimnisvollen Insel: Das Geisterschiff
"screensaver_wnw_v2_400_euro_fi_is1" = screensaver_wnw_v2_400_euro_fi
"Sherlock Holmes und der Hund der Baskervilles" = Sherlock Holmes und der Hund der Baskervilles
"Shop for HP Supplies" = Shop for HP Supplies
"Snark Busters: Willkommen im Club" = Snark Busters: Willkommen im Club
"Spiegelwelten" = Spiegelwelten
"Sprill & Ritchie: Abenteuerliche Zeitreisen" = Sprill & Ritchie: Abenteuerliche Zeitreisen (entfernen)
"Steam App 38190" = Romance of Rome
"Steam App 91820" = Cloning Clyde Demo
"Tatort Museum" = Tatort Museum
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Clumsys 2 - Butterfly Effect" = The Clumsys 2 - Butterfly Effect (entfernen)
"The Fool" = The Fool
"The Island: Castaway" = The Island: Castaway
"The Lost Kingdom Prophecy" = The Lost Kingdom Prophecy (entfernen)
"The Wizard's Pen 1.01" = The Wizard's Pen 1.01
"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Vacation Quest - Australia" = Vacation Quest - Australia
"VLC media player" = VLC media player 1.0.5
"WildTangent wildgames Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"World Mosaics 4" = World Mosaics 4
"WTA-30a74d62-0d10-4278-8fa1-af57463c6487" = Isla Dorada - Episode 1: The Sands of Ephranis
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DragonStone Deluxe" = DragonStone Deluxe
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.12.2010 13:42:49 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.12.2010 15:35:20 | Computer Name = ProMarkt-PC | Source = Application Hang | ID = 1002
Description = Programm GPlayer.exe, Version 1.2010.6.23 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1338 Anfangszeit: 01cba142df5a63dc Zeitpunkt der
Beendigung: 9
Error - 21.12.2010 19:33:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 07:48:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 09:00:54 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 15:14:06 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 02:28:46 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 05:54:00 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 11:09:43 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 13:39:50 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 20.02.2012 10:45:08 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 20.02.2012 10:46:32 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 20.02.2012 10:49:18 | Computer Name = ProMarkt-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.02.2012 um 15:47:14 unerwartet heruntergefahren.
Error - 20.02.2012 10:49:41 | Computer Name = ProMarkt-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 20.02.2012 10:49:53 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:03 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:07 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.02.2012 10:51:08 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
< End of report >
|
|
20.02.2012, 17:14
| #7 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix und X-trasOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free
6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS
Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DAB8F7-2498-4CC1-91F3-AFD2B2E4782F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20A5C5DA-EB9E-479F-BF64-24FDAC295AF6}" = rport=138 | protocol=17 | dir=out | app=system |
"{23D379B7-EEF2-4632-BA1F-3D1A60338CE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B0E0A74-A19F-4944-A4B1-33A7DAE6C1AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{31D0DCB8-819E-4073-8E4B-37F5D3D121CE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{34790652-788B-4285-A1FE-C849A4C4EBF8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5CF9C06D-C484-4A3D-9BB0-B376443979FB}" = lport=139 | protocol=6 | dir=in | app=system |
"{65283B25-86FA-48C2-BAFC-BA081087F8DA}" = rport=137 | protocol=17 | dir=out | app=system |
"{6AB1A956-D6A2-4E59-97E9-9FA914FE6DC4}" = lport=445 | protocol=6 | dir=in | app=system |
"{6D8130F7-AABA-408C-979E-EA403FAF8E3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E4897E4-0389-4C68-8C44-EBE0AE05FDA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A3E05D2-FFE0-4A1C-A5C7-C7110171220B}" = rport=445 | protocol=6 | dir=out | app=system |
"{7C7BEA30-2D39-4D11-895A-52EC00306236}" = lport=137 | protocol=17 | dir=in | app=system |
"{8CC79FA7-1E5E-4839-8781-61B34DA6C635}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8FA544CD-BE52-455B-9352-A7782BD4DC1C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9BE45BE5-4840-4C5D-9A9B-1DFFBF40500C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B6711F87-19DF-4C0E-9E51-43219754C3D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BB55D5AC-A1E0-4EA4-947E-CD0CDFD51E39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BCB9C679-75D9-4FBE-954A-3842018D3D64}" = rport=139 | protocol=6 | dir=out | app=system |
"{C81C1B58-F72D-4BFC-80F9-CECE270F4FDB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3CF8E4C-47CD-4E4C-B6A3-E4BB3AF71A01}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D640AA19-70B8-4EA8-93D5-F1BAC175516D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D90FB387-61C7-4FAD-8246-B1E0135033F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E64AB04F-3747-48C6-AC3C-8CF59BC11C53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9138026-2C89-49EE-A214-D2A1E4A817BF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022EF97B-5F85-4C19-8EE5-B8EFB9D4B1DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{02C1B8B9-221B-46AB-9B5C-540D708B178F}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe |
"{0370BD5E-B0AF-4F78-A4D6-9214A21CB6CE}" = protocol=6 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe |
"{04268B23-C847-4E72-A157-60103B8D4F02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08B88178-DB22-48AE-87C8-D559A4F7BF07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{095F2DA3-80F9-4537-B8C3-ED6A21894140}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{10639845-8177-49F3-996B-6E3B8D41B4F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{16B95E55-E9FC-44C1-A21F-0F618C88CDE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{19495C47-BE96-4A13-92F9-D5364AF0DCF1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1CEA12EF-C4E9-4A55-B352-93DA9618CB99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{1E3A6BEA-978F-4722-9561-F0668E465991}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1EF501BA-6AAA-415F-BED4-5E2CAB1C46F7}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{21156917-730D-47EA-A749-7D5670503EDA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{23A27F83-0D31-4534-9A76-E87E8D252482}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2583223A-0718-480C-9E6F-8D4FCA1D5005}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2B73ED2E-ABE3-42FE-9BFC-25A1896DF625}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe |
"{325C9D50-9BB1-43D6-B6B2-E6438185F96B}" = dir=in | app=e:\setup\hpznui01.exe |
"{34F1C6AA-65F8-4CFE-8365-6E77236090D8}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe |
"{3A248AC8-8B60-4552-86F4-E936EF4C4B96}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3EC7A865-5CD5-4465-ABD2-9E0EF0B0B934}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{40F2DAA3-93F6-4604-9C54-80AA7493862D}" = protocol=17 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe |
"{44A20107-13FD-4874-89C3-5EE178434513}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4CA4991C-6B3A-44C2-B620-C39E82B5DBAF}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe |
"{555A893E-FDF2-4317-BFA8-665946763BC8}" = protocol=6 | dir=out | app=system |
"{5816B92A-2E89-48BC-841B-7EB6F4DB4C4F}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{5C9D91D1-40A0-4A68-8473-43B4E4F1B637}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5CEEDEF3-F127-4D34-B08C-FE9852021697}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{5D4B36F6-D572-48FD-B032-48137B4FE23A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe |
"{63962F54-74EB-4384-BD28-ACCDD6255C5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63F7DC3E-C7B6-4576-ACBF-5D5ABBDB6F7E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{69F0AFA1-010C-41A4-B5B8-DF7D48116C0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{6F25D84B-F0D6-47C9-8246-4F161594CA77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{705E6D35-48FF-4252-BB42-80C6FC0111F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73BD1927-8439-49A7-B345-997ED83A1122}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{74D33E81-4C09-491F-9876-08B0BA200C7E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{78A582DB-FFF5-487A-A48B-9B919EB84705}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe |
"{795E5D3E-56A1-469A-9B3A-89E52817D535}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7B4BD0CA-50CA-44B4-93A6-C5B64496DCFB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8025C76D-E90A-453A-AF22-73E1D18561D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82C655CC-30DD-4C39-8AF3-6E56F03469B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83EFE8DA-8C7B-44D0-ADAD-B6F8DEAD5DA2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{847E1B7F-36A7-4D38-875C-F427A36A705F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{869B4F14-AB44-429B-BD01-99EF89DB640F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89CDE994-D4F8-4CF9-9EF2-AAF163CF8248}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{8D2A95AF-3D82-4211-8973-65616543EEDD}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8F16B1E7-AE4D-4C9C-BAAC-9E51A793C3C3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9CC2F7D1-6037-4615-90D1-5C912A338863}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A3008DBD-41C8-41A2-9C7F-2329F3B95DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A517C3DA-65EA-48A9-A9E8-2DE69B9D0D86}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{ADC028AF-7DFC-4B66-B79B-7D8E0EE325E1}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{BAD62B64-FC49-48C5-BDD9-524EB6B6B59B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe |
"{BB0C0896-E775-4FB8-9064-590E5320A637}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC51C0DA-2477-48AA-8FC8-81124A1E4F1E}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{BC853D97-08B9-4586-9C43-DFA3C33392F6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C0541715-F39B-49DB-B10A-1A98A97FBBA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD168752-FF31-49A6-9642-43CFF3604F8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{CE59635E-0C5C-465B-8B6B-E210C46F4027}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D4043BB7-E6E8-4353-8ECF-C681E9414180}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{D48400D1-A452-447E-8C56-51C39CBB38B3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe |
"{D6C20B96-A7E5-4D41-BB65-8BDDBA63895E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE434559-6B73-4579-9337-7D96FACAC8B9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E8CFAEEE-E28F-4ED4-9C9A-690429F35CE3}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{EA2AB6F6-D385-4F1F-A5BA-DAB4210751C0}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"{ECC0E031-7E87-45F5-A5F8-9ECF26EA4B73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{F12BF12D-1359-4BA5-A4AE-21B0F639DEDE}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe |
"{F217BB12-3012-4973-A266-6F3936724FE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2C6065F-CB6F-42F9-873D-139BB74FC505}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe |
"{F31BA15B-E47E-4CD2-9138-26F49E183C79}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F7C7DF0C-DE83-49CC-AAD3-364482A75374}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{F808A2E2-9E57-4128-8C93-A01AABADABFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{2E10178D-5EBA-44C9-AD5A-9366393EA43A}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"TCP Query User{4A38F161-D678-4318-BBCE-1ECF809BD066}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{5057036A-FCAD-4108-9FE6-44CBEDBBEAD2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{54D41A2D-05BC-4B30-A956-B9D5DA55AA07}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{5F63B3AC-2FAA-4ABC-BA71-A76DA10A5444}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{8DA1BF8B-1D86-4ADD-9EC8-B32D2DDEF3F8}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe |
"TCP Query User{9E205BE3-1A54-49B9-B6D9-3D77E290D760}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe |
"TCP Query User{A320ABF8-3945-4CAA-AAEF-FF9662B592D1}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{A81A1FE5-96A9-45EB-A04E-03C85F850FE6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{E10C278F-2A1E-4308-BC93-CC1B14B00985}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{F1024B5E-3CBA-497C-9CF3-EE33B439444A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0F06F252-F68A-4F17-A3E4-61A8278AA0E5}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{37345880-D1F4-43AA-9E27-8429ADBD73AD}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{3ADBB293-033D-449E-86C0-D9CC14C5FDCB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{3ADEAE7F-A8A2-41A6-89A1-8C21121BD4A0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3B471DAC-9DD3-4D5C-B611-13564A2F036B}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe |
"UDP Query User{4D906713-D34E-4859-B938-1018C6D57D79}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe |
"UDP Query User{57D31400-75FF-4746-B9FC-AE5B1DE16940}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{61B3C153-5CEB-47CD-B21F-0620EBAF41E1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{CBC23B42-9538-4058-98B7-BAC9DF8FEBB2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{CF929AE1-7C52-433F-950A-B13A59CB63F2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{EB111ED2-1147-4942-89A4-AA73C6B55896}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation
"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{402BFE8F-E223-4215-BCCE-7634FB202909}" = Journey of Hope
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian
"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A11948E-8521-43B8-BBBD-5C24B804F0A3}" = Samsung PC Studio 3
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing
"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C97698A-FAB5-41DB-ADB0-5FCB2BC84588}" = InternetExplorer-GMX-Addon
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean
"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113219527}" = Gemsweeper
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119633810}" = Club Der Ermittlerinnen - 4 Kleine dunkle Lügen
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119974283}" = Jar of Marbles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119988867}" = Fear for Sale - Mystery of McInroy Manor
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005202}" = Magical Mysteries
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005245}" = Jewel Match 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005390}" = The Agency of Anomalies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005401}" = Dream Woods 2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{847378DE-A6F2-4D63-ADA5-FE90496222D5}" = O&O CleverCache
"{85916CB0-4F79-4672-9E74-2F08B8A7157F}" = Das Seelenschiff
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish
"{A48A1D1C-307A-46F9-983E-9762863D15F1}" = GMX Toolbar MSVC100 CRT x86
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins
"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility
"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek
"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish
"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light
"{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}" = Nokia Software Updater
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish
"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = Die Sims - Complete Collection
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"04d1a5ee752ea0bba32187facb004bdc" = The Magician's Handbook - Cursed Valley
"0f39ccaa11c9cd1f89baf152791761e4" = G.H.O.S.T. Hunters
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar FF" = GMX Toolbar für Mozilla Firefox
"1&1 Mail & Media GmbH Toolbar IE8" = GMX Toolbar für Internet Explorer
"14d282e311142e19fed42f537b66812d" = Golden Trails - The New Western Rush
"20 days to find Amy_is1" = 20 days to find Amy
"3579ddfd54c5f785ab5b7ad236e820d2" = Golden Trails 2 - The Lost Legacy
"37e10e4eaf44e0b4f634b76a940b6c2d" = A Gypsy's Tale - The Tower of Secrets
"3d6591571f4d1f2816b51fa639cc3064" = Adventure Chronicles
"3d6a0fd7d50d9d5415e8469c14994675" = Campfire Legends - The Last Act Premium Edition
"422f8c51dc38c8f457f34177464aa4cd" = Mortimer Beckett and the Secrets of Spooky Manor
"477ddef69c1f5f948c934c84eb573b5e" = Gold Rush - Treasure Hunt
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"510005627" = Macabre Mysteries - Curse of the Nightingale
"54b97cd87dc11fb7a021ff00eb405c94" = Big City Adventure - San Francisco
"85f3d7b141ab87ca6b3046789c286c75" = Mysteryville
"868b646b464ed3353ca94b579eee1a61" = Jewel Match 2
"ABAEnglish" = ABAEnglish 2.0
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Alamandi" = Alamandi
"Amazing Adventures The Caribbean Secret" = Amazing Adventures The Caribbean Secret
"Ancient Secrets" = Ancient Secrets (entfernen)
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"b3a4763adf0308bdc9d700912dd19bad" = The Treasures of Mystery Island
"BabylonToolbar" = Babylon toolbar on IE
"Bejeweled 3" = Bejeweled 3
"Bejeweled Twist 1.0.3.8137" = Bejeweled Twist 1.0.3.8137
"bf28585d035ebda81d8dad6bba4b578b" = Voodoo Whisperer - Curse of a Legend
"BFGC" = Big Fish Games: Game Manager
"Cave Quest" = Cave Quest
"Cradle of Rome_is1" = Cradle of Rome
"d1add0d29cc2e71c1ce9672c8016211f" = Little Shop of Treasures 2
"Das mysteriöse Drachenrad" = Das mysteriöse Drachenrad
"Das Vermächtnis der Insel 2" = Das Vermächtnis der Insel 2
"Der Exorzist II" = Der Exorzist II
"DFX for Windows Media Player" = DFX for Windows Media Player
"Diamantenfee 2" = Diamantenfee 2
"Diamond Drop 2" = Diamond Drop 2
"Die 4 Elemente II" = Die 4 Elemente II
"Die Matroschka-Morde" = Die Matroschka-Morde
"Die Wiege Ägyptens" = Die Wiege Ägyptens
"Die Wiege Olympias 3" = Die Wiege Olympias 3
"DivX Setup" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"e57b471cf4eded51f540b1940d35d50d" = Mortimer Beckett and the Time Paradox
"ea8d1486bb53de1d7add0a3a48600ba8" = Romance of Rome
"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL
"Elementals: Der Magische Schlüssel" = Elementals: Der Magische Schlüssel (entfernen)
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Firefox 3.5 GMX Edition" = Firefox 3.5 GMX Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"GamesBar" = GamesBar 2.0.1.109
"Geheime Fälle: Die gestohlene Venus" = Geheime Fälle: Die gestohlene Venus (entfernen)
"Geheime Fälle: Vermisst in Rom - Spezialversion" = Geheime Fälle: Vermisst in Rom - Spezialversion
"Geheimnis von Montezuma 3" = Geheimnis von Montezuma 3
"Ghost Town Mysteries" = Ghost Town Mysteries
"Google Chrome" = Google Chrome
"Hide and Secret 4: Die verlorene Welt" = Hide and Secret 4: Die verlorene Welt
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"iMesh 1 MediaBar" = MediaBar
"incredibar" = Incredibar Toolbar on IE and Chrome
"InstallShield_{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InternetExplorer-GMX-Addon" = InternetExplorer-GMX-Addon
"jetztspielenob.de Toolbar" = jetztspielenob.de Toolbar
"Jewel Quest II_is1" = Jewel Quest II
"Karthago 3" = Karthago 3
"Kfz-Kosten senken_is1" = Kfz-Kosten senken 1.1.8
"Kinder des Mondes" = Kinder des Mondes
"Laura Jones" = Laura Jones
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic Encyclopedia 2: Mondschein" = Magic Encyclopedia 2: Mondschein (entfernen)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Meine kleine Farm: Das antike Rom" = Meine kleine Farm: Das antike Rom
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Midnight Mysteries" = Midnight Mysteries
"Midnight Mysteries: Teufel auf dem Mississippi Sammleredition" = Midnight Mysteries: Teufel auf dem Mississippi Sammleredition
"Millionaire Manor: Die Wimmelbildshow" = Millionaire Manor: Die Wimmelbildshow
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MyPlayCity Toolbar" = MyPlayCity Toolbar
"Mystery of Unicorn Castle_is1" = Mystery of Unicorn Castle
"Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I. - The Curious Case of Counterfeit Cove
"Nightfall Mysteries - Die Ashburg Verschwörung_is1" = Nightfall Mysteries - Die Ashburg Verschwörung
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019
"Nokia Ovi Suite" = Nokia Ovi Suite
"NSS" = Norton Security Scan
"ORTMANN Media-Verlag Cross Stitch Designer 4.0" = ORTMANN Cross Stitch Designer 4.0
"Phantasmat" = Phantasmat
"PROHYBRIDR" = 2007 Microsoft Office system
"Red Crow Mysteries: Legion" = Red Crow Mysteries: Legion
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Rune Of Fate_is1" = Rune Of Fate
"Sacra Terra: Nacht der Engel" = Sacra Terra: Nacht der Engel
"Samantha Swift 4" = Samantha Swift 4
"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Sarah’s Ranch" = Sarah’s Ranch
"Schätze der geheimnisvollen Insel: Das Geisterschiff" = Schätze der geheimnisvollen Insel: Das Geisterschiff
"screensaver_wnw_v2_400_euro_fi_is1" = screensaver_wnw_v2_400_euro_fi
"Sherlock Holmes und der Hund der Baskervilles" = Sherlock Holmes und der Hund der Baskervilles
"Shop for HP Supplies" = Shop for HP Supplies
"Snark Busters: Willkommen im Club" = Snark Busters: Willkommen im Club
"Spiegelwelten" = Spiegelwelten
"Sprill & Ritchie: Abenteuerliche Zeitreisen" = Sprill & Ritchie: Abenteuerliche Zeitreisen (entfernen)
"Steam App 38190" = Romance of Rome
"Steam App 91820" = Cloning Clyde Demo
"Tatort Museum" = Tatort Museum
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Clumsys 2 - Butterfly Effect" = The Clumsys 2 - Butterfly Effect (entfernen)
"The Fool" = The Fool
"The Island: Castaway" = The Island: Castaway
"The Lost Kingdom Prophecy" = The Lost Kingdom Prophecy (entfernen)
"The Wizard's Pen 1.01" = The Wizard's Pen 1.01
"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Vacation Quest - Australia" = Vacation Quest - Australia
"VLC media player" = VLC media player 1.0.5
"WildTangent wildgames Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"World Mosaics 4" = World Mosaics 4
"WTA-30a74d62-0d10-4278-8fa1-af57463c6487" = Isla Dorada - Episode 1: The Sands of Ephranis
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DragonStone Deluxe" = DragonStone Deluxe
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.12.2010 13:42:49 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.12.2010 15:35:20 | Computer Name = ProMarkt-PC | Source = Application Hang | ID = 1002
Description = Programm GPlayer.exe, Version 1.2010.6.23 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1338 Anfangszeit: 01cba142df5a63dc Zeitpunkt der
Beendigung: 9
Error - 21.12.2010 19:33:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 07:48:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 09:00:54 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2010 15:14:06 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 02:28:46 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 05:54:00 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 11:09:43 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2010 13:39:50 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 20.02.2012 10:45:08 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 20.02.2012 10:46:32 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 20.02.2012 10:49:18 | Computer Name = ProMarkt-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.02.2012 um 15:47:14 unerwartet heruntergefahren.
Error - 20.02.2012 10:49:41 | Computer Name = ProMarkt-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 20.02.2012 10:49:53 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:03 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:07 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.02.2012 10:51:08 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005
Description =
< End of report >
|
|
20.02.2012, 17:16
| #8 |
| /// Malware-holic | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix warum 2 mal extras, ich brauche einmal otl.txt und einmal extras.txt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.02.2012, 17:39
| #9 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix sorry, ich habe das durcheinander gebracht.... c ========== Win32 Services (SafeList) ========== SRV - [2012.02.15 05:13:49 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.02.07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2011.07.01 16:15:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.28 13:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService) SRV - [2011.04.27 09:08:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.04.04 00:27:42 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games) SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.12.25 19:50:46 | 001,214,352 | ---- | M] (mquadr.at softwareengineering und consulting gmbh) [Auto | Stopped] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig) SRV - [2009.12.09 12:46:48 | 000,701,768 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\CleverCache\ooccag.exe -- (O&O CleverCache) SRV - [2009.04.07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Stopped] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service) SRV - [2008.08.14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Stopped] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007.05.08 17:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) [Auto | Stopped] -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe -- (KMWDSERVICE) ========== Driver Services (SafeList) ========== DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.07.01 16:15:40 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.01 16:15:40 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.11.22 09:25:22 | 000,046,184 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Stopped] -- C:\Program Files\Free Ride Games\X6XSEx.Sys -- (X6XSEx) DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009.12.27 09:25:06 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.09.05 13:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009.08.22 03:26:32 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.28 04:16:09 | 001,019,392 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009.04.01 22:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service) DRV - [2009.03.19 04:06:27 | 004,386,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2009.03.19 02:33:13 | 000,093,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008.12.24 09:39:43 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2008.11.03 08:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.08.11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008.05.29 17:21:04 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby) DRV - [2008.05.29 01:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s) DRV - [2008.04.28 14:26:41 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2008.04.07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER) DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2007.05.02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007.05.02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007.05.02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer Inc. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyPlayCity Search IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = GMX - E-Mail, FreeMail, De-Mail, Themen- & Shopping-Portal - kostenlos IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = GMX Suche - einfach besser finden! [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = MyPlayCity Search [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = GMX Suche - einfach besser finden! IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 E2 B5 F1 70 FE CA 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No CLSID value found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbhelper.dll () IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found IE - HKCU\..\URLSearchHook: {eecbb8d2-b448-4b01-a402-969e4d5847e5} - No CLSID value found IE - HKCU\..\URLSearchHook: {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - No CLSID value found IE - HKCU\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..Keyword.Enabled: "true" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.order.2: "WEB.DE Suche" FF - prefs.js..browser.search.order.3: "1und1 Suche" FF - prefs.js..browser.search.order.4: "amazon.de" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749" FF - prefs.js..browser.search.selectedEngine: "MyPlayCity Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://search.imesh.com/" FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.60 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.0 FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5 FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.4 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.) FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll File not found FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.08 19:25:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 20:49:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\ [2011.07.18 22:29:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.15 14:44:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gtffxtbr@GamingWonderland.com: C:\Program Files\GamingWonderland\bar\1.bin [2012.02.20 15:20:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.21 10:12:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.21 21:20:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.08 19:25:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 20:49:24 | 000,000,000 | ---D | M] [2009.12.25 19:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Extensions [2012.02.20 12:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions [2010.05.13 21:48:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.02.16 19:09:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2009.12.25 19:36:14 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66} [2012.02.10 20:42:15 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{A9897564-CA29-4CAE-8A26-453035570837} [2010.10.11 12:52:02 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.02.17 23:06:48 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\AppGraffiti@AppGraffiti.com [2011.04.20 21:09:08 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\engine@conduit.com [2012.02.09 16:43:40 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\ffxtlbr@babylon.com [2012.02.18 04:21:00 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\gamesbar@oberon-media.com [2012.02.13 16:35:37 | 000,000,000 | ---D | M] (GamingWonderland) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\gtffxtbr@GamingWonderland.com [2012.02.20 11:28:31 | 000,000,933 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\11-suche.xml [2009.12.25 19:37:37 | 000,005,599 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\1und1-suche.xml [2009.12.25 19:37:36 | 000,001,381 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\amazonde.xml [2011.01.02 18:03:18 | 000,002,333 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\askcom.xml [2010.05.27 21:37:46 | 000,001,819 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\bing.xml [2010.10.23 11:30:23 | 000,000,873 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\conduit.xml [2012.02.20 11:28:31 | 000,002,419 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\englische-ergebnisse.xml [2009.12.25 19:37:36 | 000,010,613 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\gmx-suche.xml [2012.02.20 11:28:31 | 000,002,457 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\lastminute.xml [2012.01.31 07:20:08 | 000,002,013 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\myplaycity-search.xml [2012.02.12 19:37:51 | 000,002,203 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\MyStart Search.xml [2010.10.01 10:55:35 | 000,010,017 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\mywebsearch.xml [2010.04.24 16:33:45 | 000,001,418 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\preisvergleich.xml [2010.10.05 14:04:35 | 000,001,734 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\search-the-web.xml [2010.10.29 17:02:36 | 000,003,915 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\sweetim.xml [2009.12.25 19:37:36 | 000,005,596 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\webde-suche.xml [2011.11.23 14:54:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions () (No name found) -- C:\USERS\PROMARKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPDBEJHM.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI () (No name found) -- C:\USERS\PROMARKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPDBEJHM.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI [2012.01.21 10:12:15 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.01.21 10:12:10 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.09 00:26:48 | 000,002,309 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.01.21 10:12:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.01.21 10:12:10 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.01.21 10:12:10 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.18 06:00:57 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober7058904.xml [2012.01.21 10:12:10 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.21 10:12:10 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: MyPlayCity Search (Enabled) CHR - default_search_provider: search_url = hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files\Free Ride Games\npExentCtl.dll CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: GamingWonderland = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajkbpchnjjpgpgpmmpadhknfkfcodnh\1.12.0.21354_0\ CHR - Extension: Die FreeRide Games Bar = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\flolnhkojafikhpkpidiphabnpgedplh\2.3.3.3_0\ CHR - Extension: BILD.de aktuell = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbhljbfcnnkedjdogkhnikeaeanifkg\1.7_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll (Crawler, LLC) O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll () O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL (Omega Partners Ltd) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.) O2 - BHO: (WEB.DE Browser Configuration) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll () O2 - BHO: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.) O2 - BHO: (TBSB07116 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll () O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll () O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll () O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll File not found O3 - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EECBB8D2-B448-4B01-A402-969E4D5847E5} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - No CLSID value found. O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DATAMNGR] C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE (iMesh, Inc) O4 - HKLM..\Run: [DisableS3S4] c:\DisableS3S4.cmd File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe" KMConfig.exe File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH) O4 - HKLM..\Run: [SiteRanker] C:\Program Files\SiteRanker\SiteRankTray.exe (Crawler, LLC) O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit) O4 - HKCU..\Run: [Alamandi tray notifier] C:\Program Files\Intenium\Alamandi\TaskBarNotifier.exe (Intenium) O4 - HKCU..\Run: [Binary Noise] C:\Users\ProMarkt\AppData\Roaming\7993F0.exe () O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [EPSON SX100 Series (Kopie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.) O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\SearchEngineProtection.exe (Oberon Media ) O4 - HKCU..\Run: [SkypeM] C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe (Provtech Limited) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O8 - Extra context menu item: &Search - Reg Error: Value error. File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll () O9 - Extra 'Tools' menuitem : MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Jewel%20Quest%20Mysteries%20-%20Curse%20of%20the%20Emerald%20Tear/Images/stg_drm.ocx (SpinTop DRM Control) O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Magician's%20Handbook%20-%20Cursed%20Valley/Images/armhelper.ocx (ArmHelper Control) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} Download Games | Free Download Games at I-play Games (Oberon Flash Game Host) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C696D423-73DB-45AF-93DF-B60D64A84E33}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\datamngr.dll (iMesh, Inc) O20 - AppInit_DLLs: (C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS3.jpg O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS3.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{736601a3-c48a-11df-91da-90e6ba061ea6}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {045BB1B4-243F-92D7-2768-CCED9B4BA607} - DirectX ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {11775326-DDFD-465E-9DF5-00EE8605E24D} - GMX Browser Add-on ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {65331F58-91DC-4555-AEFB-840EB40D0022} - GMX Update ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {92C927EC-AAB0-C8C0-A731-55438062590A} - ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C37126B4-F30C-FDFD-AFF2-0CCB1D4F8839} - Microsoft Windows Media Player ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - ActiveX: >{D507B452-F6F2-477B-AFCF-C12FC21A2782} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012.02.20 16:14:16 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Users\ProMarkt\Desktop\OTL.exe [2012.02.20 13:22:00 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Malwarebytes [2012.02.20 13:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.20 13:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.20 13:21:52 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.20 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.20 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Desktop\mama filme [2012.02.20 09:23:25 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{06E08FEB-F9D0-4C6B-86DB-EE04BEB1F083} [2012.02.20 09:22:49 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{9A95A3FB-0E8B-4313-AFC7-1786623FA5B1} [2012.02.19 22:16:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\SprillRichiGerman [2012.02.19 22:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprill & Ritchie Abenteuerliche Zeitreisen [2012.02.19 22:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sprill & Ritchie Abenteuerliche Zeitreisen [2012.02.19 22:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elementals Der Magische Schlüssel [2012.02.19 22:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Elementals Der Magische Schlüssel [2012.02.19 20:09:52 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{CBB4D619-6001-439C-BB67-BEFD8C2D1E57} [2012.02.19 20:09:17 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{31B75D80-6FA9-474C-9075-EBD864DCB9C7} [2012.02.19 17:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb [2012.02.19 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung [2012.02.19 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\1&1 Mail & Media GmbH [2012.02.19 17:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\GMX Toolbar [2012.02.19 13:05:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Frogwares [2012.02.19 12:31:58 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\AlderGames [2012.02.19 10:43:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\TimeParadox [2012.02.19 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals [2012.02.19 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{80AEF285-8834-4CC5-9DE8-821973FACB33} [2012.02.19 08:08:11 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EE9E2CC6-BDBA-41FB-8911-98A44E02C590} [2012.02.18 21:05:03 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\JaiboGames [2012.02.18 20:37:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Absolutist [2012.02.18 20:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Absolutist [2012.02.18 19:50:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Sahmon Games [2012.02.18 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D7C1555B-132E-4E79-A017-E37408320DFA} [2012.02.18 16:26:03 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{235AAB52-B5B1-4AF8-B96D-E842C4EF3905} [2012.02.18 16:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Cateia Games [2012.02.18 15:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\934bcbfe-35c5-4039-88e2-8d1494de198e [2012.02.18 06:01:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I-play [2012.02.18 06:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media SIDR [2012.02.18 04:25:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{BB8C1D98-1E90-432D-A256-B73D4AAB682D} [2012.02.18 04:25:00 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{3EDEA8D6-AD2A-4029-9BEE-DF640A676F8C} [2012.02.18 04:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar [2012.02.18 04:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\GamesBar [2012.02.18 04:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\GamesBar [2012.02.17 20:45:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TheLostKingdomProphecy [2012.02.17 20:45:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Lost Kingdom Prophecy [2012.02.17 20:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Lost Kingdom Prophecy [2012.02.17 20:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\The Lost Kingdom Prophecy [2012.02.17 20:33:19 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\BanzaiInteractive [2012.02.17 20:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\BanzaiInteractive [2012.02.17 20:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Clumsys 2 - Butterfly Effect [2012.02.17 20:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\The Clumsys 2 - Butterfly Effect [2012.02.17 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ancient Secrets [2012.02.17 20:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ancient Secrets [2012.02.17 19:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\Magic Encyclopedia 2 Mondschein [2012.02.17 16:24:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{71C7EEAC-BF91-4907-BBC3-A563B6D05967} [2012.02.17 16:23:57 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{F2B444A1-9445-41C6-8B17-172C48C4A8AC} [2012.02.17 14:50:13 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Orneon [2012.02.17 14:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Meine Spiele [2012.02.17 14:43:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\gemsweeperextractedgfx [2012.02.17 14:43:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Documents\Meine Spiele [2012.02.17 14:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy_Rome [2012.02.17 04:23:28 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7DDFBC75-72A9-4A32-9C22-355DEDA415F8} [2012.02.17 04:22:55 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{8BBCAFC6-A441-441A-994B-55828691DED6} [2012.02.16 21:24:06 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\LogMeIn Hamachi [2012.02.16 21:14:16 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys [2012.02.16 21:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012.02.16 21:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012.02.16 16:22:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{FFA1D6E0-7B01-4CB9-A24B-E954262DD2C4} [2012.02.16 16:21:43 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{6E23B8C3-455A-40EE-88E0-2A46DCDE2E7A} [2012.02.15 22:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Geheime Fälle Die gestohlene Venus [2012.02.15 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Playrix Entertainment [2012.02.15 15:14:50 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B15F08F5-FECD-4891-8069-3952DB4CD910} [2012.02.15 15:14:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{4C8DDA8B-BE6F-4FD3-A0B0-6EF37C675244} [2012.02.15 00:52:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{C100873D-0FE4-4C55-9DE9-AF379642D061} [2012.02.15 00:52:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{2DD21489-E014-41AA-80F3-292904E80307} [2012.02.14 23:28:48 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\MumboJumbo [2012.02.13 17:47:51 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1002 [2012.02.13 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\GameHouse [2012.02.13 16:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderland [2012.02.13 16:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderlandEI [2012.02.13 16:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\20 days to find Amy [2012.02.13 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreshGames [2012.02.13 07:25:42 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5012C643-FEA1-4C99-8308-885D4876F9FA} [2012.02.13 07:25:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EF916465-00DB-4F71-9226-DD0DC17E08CE} [2012.02.12 19:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com [2012.02.12 15:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TERMINAL Studio [2012.02.12 14:22:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{A959CC99-D2C8-4805-9CDF-03285680BDB3} [2012.02.12 14:22:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D9A02749-05D6-4531-A022-FBF1FA525DA7} [2012.02.11 22:01:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Deep Shadows [2012.02.11 19:04:54 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\ElementalsTheMagicKey [2012.02.11 11:22:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{427124AA-53F1-40C1-9046-9DA98D7259F7} [2012.02.11 11:22:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{28E234F3-6D72-4F30-A82F-96C2BD001969} [2012.02.10 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Meridian93 [2012.02.10 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity Toolbar [2012.02.10 20:30:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5F3B5C97-ADDF-476C-AF74-2A8618A96239} [2012.02.10 20:30:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E00623D7-F44C-4AEB-9CD2-F3A974502414} [2012.02.10 01:37:20 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5CFC722E-3948-4C99-9E4B-3DCCAE97F4BA} [2012.02.10 01:36:58 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7F239678-DB51-4026-AFE6-64B998748F66} [2012.02.09 19:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Astar Games [2012.02.09 19:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB [2012.02.09 19:42:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\PC_Drivers_Headquarters [2012.02.09 19:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters [2012.02.09 19:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective [2012.02.09 19:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters [2012.02.09 19:13:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\MissTeriTale3 [2012.02.09 12:45:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{60B1E8D0-BC75-4E9E-A534-1FEAB593320E} [2012.02.09 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{58EDA5B4-10C2-4A0B-8988-CA5F0231CF3A} [2012.02.09 00:28:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC [2012.02.09 00:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Vlcclassic [2012.02.09 00:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012.02.08 23:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\GAMEON [2012.02.08 23:44:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\EnchantedCavern [2012.02.08 23:43:57 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Exent Technologies [2012.02.08 23:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\EscapeTheMuseum [2012.02.08 22:07:37 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Anarchy [2012.02.08 20:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\The Mirror Mysteries [2012.02.08 20:24:21 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Documents\Green Gamer [2012.02.08 20:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent-Spiele [2012.02.08 20:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\WildGames [2012.02.08 20:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games [2012.02.08 20:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\WildTangent Games [2012.02.08 20:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent [2012.02.08 19:49:26 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Gamers Digital [2012.02.08 19:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Gamers Digital [2012.02.08 19:32:11 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games [2012.02.08 19:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games [2012.02.08 19:31:46 | 000,000,000 | ---D | C] -- C:\Remote Programs [2012.02.08 19:31:21 | 000,053,314 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe [2012.02.08 19:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games [2012.02.08 19:23:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{C42C1BE5-3E6E-46F2-A29A-6FF51C8D586F} [2012.02.08 19:23:19 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{983158F5-263E-4D27-B542-B0AE3A25E2C5} [2012.02.07 15:31:26 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E7F691EB-AAFA-4201-9B8A-490F5CF6C13D} [2012.02.07 15:31:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7ECF17CC-407C-4925-B2BF-28CBCFB1934F} [2012.02.06 13:01:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{1D55E09F-38DB-420B-A1B5-40B38AA77A8C} [2012.02.05 10:23:29 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5DAAFD8A-E80F-4474-8789-C99A2F0C3EE0} [2012.02.04 16:36:42 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{515A6089-9675-42FB-A9E1-01EB81FC8C18} [2012.02.01 21:21:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D85FD3BD-1552-4A95-A82A-FD83C7FA6C6D} [2012.02.01 21:21:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{6DC96AFD-E276-4EBE-86A0-F6185C98ADA8} [2012.01.31 21:34:06 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\FairyTale [2012.01.31 21:32:05 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012.01.31 21:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\jetztspielenob.de [2012.01.31 20:01:38 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{1293461A-2CFE-41B4-8F33-5A4ADE0D3CD1} [2012.01.31 20:01:16 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{F96C6EBE-B8CC-4E2C-A1AB-9919481F3B29} [2012.01.30 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E3210B31-AFBA-4DF1-8FFA-4D5CF9BE2537} [2012.01.30 13:59:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EDEC5CBF-E58B-4597-88E8-4D6D76C14BAF} [2012.01.29 11:57:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Desktop\MAMA spiele [2012.01.27 13:48:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{336317F9-66AF-4DC2-A77A-10418222093B} [2012.01.27 13:48:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B92669F0-F649-4A83-A555-6DD5E5EF5EC6} [2012.01.25 15:44:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B3F65651-7C5C-433F-952C-2EC49A479D08} [2012.01.25 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{A1F1D5CC-60E0-4579-BA64-D51E75995E0C} [2012.01.23 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.01.23 21:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2012.01.23 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{08E3915A-FDF0-4413-9C16-AF8EF0DE24DB} [2012.01.23 14:08:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{ED1A674B-035F-4500-A2AB-D0B63D1928D7} [2012.01.22 11:42:21 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{FA2C414B-E9B1-4AE7-B8EE-15E9DF27581A} [2012.01.22 11:41:59 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7A92DDBD-4C08-47F7-B6A6-3AC3F83BC8DB} [2010.02.19 19:43:47 | 000,000,010 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\hhxprot5 [2010.02.13 21:37:50 | 000,103,936 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.26 20:20:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2009.12.20 13:48:41 | 001,185,008 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\UserTile.png [2009.12.20 13:43:38 | 000,000,680 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\d3d9caps.dat [2009.12.16 17:42:38 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.12.11 17:10:04 | 000,003,362 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\wklnhst.dat [2009.12.05 20:50:20 | 000,077,921 | -HS- | C] () -- C:\Users\ProMarkt\AppData\Roaming\7993F0.exe [2009.12.02 15:19:39 | 000,115,544 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\GDIPFONTCACHEV1.DAT [2008.10.14 22:57:58 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.20 16:14:17 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\ProMarkt\Desktop\OTL.exe [2012.02.20 15:49:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.20 15:39:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2012.02.20 15:39:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.20 15:38:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.20 15:38:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.20 15:23:17 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.02.20 13:21:54 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.20 13:14:37 | 000,103,936 | ---- | M] () -- C:\Users\ProMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.20 03:57:07 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ProMarkt.job [2012.02.19 17:34:13 | 000,002,032 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Amazon.lnk [2012.02.19 17:34:13 | 000,002,026 | ---- | M] () -- C:\Users\ProMarkt\Desktop\GMX.lnk [2012.02.19 17:34:13 | 000,002,024 | ---- | M] () -- C:\Users\ProMarkt\Desktop\eBay.lnk [2012.02.19 14:17:45 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\GAME CENTER.lnk [2012.02.19 12:58:41 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Die Wiege Ägyptens.lnk [2012.02.19 12:58:06 | 000,000,680 | ---- | M] () -- C:\Users\ProMarkt\AppData\Local\d3d9caps.dat [2012.02.19 12:47:17 | 000,000,199 | ---- | M] () -- C:\Users\Public\Desktop\Play More Great Games!.url [2012.02.19 12:31:23 | 000,001,158 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Yahoo! Spiele.lnk [2012.02.18 13:04:13 | 000,001,863 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Continue SweetIM Installation.lnk [2012.02.18 04:20:41 | 000,001,152 | ---- | M] () -- C:\Users\ProMarkt\Desktop\iPlay Games.lnk [2012.02.17 20:35:09 | 000,001,931 | ---- | M] () -- C:\Users\ProMarkt\Desktop\MyPlayCity Games.lnk [2012.02.16 23:41:08 | 000,001,217 | ---- | M] () -- C:\Users\Public\Desktop\Das Vermächtnis der Insel 2.lnk [2012.02.16 17:10:01 | 000,422,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.16 16:28:54 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.02.16 16:28:54 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.02.16 16:28:54 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.02.16 16:28:53 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.02.13 17:47:44 | 000,000,194 | ---- | M] () -- C:\Users\Public\Desktop\Weitere tolle Spiele!.url [2012.02.12 19:39:48 | 000,001,060 | ---- | M] () -- C:\Users\ProMarkt\Desktop\VLC.lnk [2012.02.12 19:38:02 | 000,000,506 | ---- | M] () -- C:\user.js [2012.02.12 14:37:57 | 000,001,165 | ---- | M] () -- C:\Users\Public\Desktop\Cross Stitch Designer v4.lnk [2012.02.11 20:25:10 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Bejeweled 3.lnk [2012.02.10 20:42:53 | 000,001,966 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Jewel Quest II.lnk [2012.02.09 00:26:46 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Babylon.lnk [2012.01.31 21:49:21 | 000,001,146 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Jetztspielen.de.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.20 13:21:54 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.19 17:34:13 | 000,002,032 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Amazon.lnk [2012.02.19 17:34:13 | 000,002,026 | ---- | C] () -- C:\Users\ProMarkt\Desktop\GMX.lnk [2012.02.19 17:34:13 | 000,002,024 | ---- | C] () -- C:\Users\ProMarkt\Desktop\eBay.lnk [2012.02.19 12:57:22 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Die Wiege Ägyptens.lnk [2012.02.19 12:47:17 | 000,000,199 | ---- | C] () -- C:\Users\Public\Desktop\Play More Great Games!.url [2012.02.18 04:20:41 | 000,001,152 | ---- | C] () -- C:\Users\ProMarkt\Desktop\iPlay Games.lnk [2012.02.16 23:59:51 | 000,001,158 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Yahoo! Spiele.lnk [2012.02.16 23:41:08 | 000,001,217 | ---- | C] () -- C:\Users\Public\Desktop\Das Vermächtnis der Insel 2.lnk [2012.02.12 19:39:48 | 000,001,060 | ---- | C] () -- C:\Users\ProMarkt\Desktop\VLC.lnk [2012.02.12 14:36:37 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\Cross Stitch Designer v4.lnk [2012.02.11 20:25:10 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Bejeweled 3.lnk [2012.02.10 20:42:53 | 000,001,966 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Jewel Quest II.lnk [2012.02.10 20:41:52 | 000,001,931 | ---- | C] () -- C:\Users\ProMarkt\Desktop\MyPlayCity Games.lnk [2012.02.10 20:36:32 | 000,001,863 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Continue SweetIM Installation.lnk [2012.02.09 00:26:55 | 000,000,506 | ---- | C] () -- C:\user.js [2012.01.15 00:52:59 | 000,000,000 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\{87C5DD2F-19FD-4DE8-ABEC-E0AB347F9F07} [2011.12.16 08:51:41 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe [2011.12.10 04:00:34 | 001,431,120 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1.dll [2011.01.13 20:38:18 | 000,233,481 | ---- | C] () -- C:\Windows\hpoins47.dat [2010.12.16 17:39:02 | 000,000,552 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\d3d8caps.dat [2010.11.19 18:50:46 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2010.11.13 20:24:19 | 000,000,195 | ---- | C] () -- C:\Windows\SIERRA.INI [2010.04.01 00:39:01 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat [2010.03.26 21:58:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.19 12:39:43 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.03.19 12:39:43 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.02.21 14:50:30 | 000,015,602 | ---- | C] () -- C:\Windows\System32\SELF32.INI [2010.02.20 22:37:49 | 000,017,408 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\WebpageIcons.db ========== LOP Check ========== [2012.02.16 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\.minecraft [2012.02.19 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\1&1 Mail & Media GmbH [2010.02.19 19:43:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\10-Sekunden-Haushaltsbuch [2011.07.24 05:56:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\2monkeys [2009.12.05 21:48:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\7Wonders [2012.02.19 10:06:21 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals [2012.02.18 20:37:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Absolutist [2011.05.07 23:58:17 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alawar [2012.02.15 00:29:24 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alawar Entertainment [2012.02.19 12:31:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\AlderGames [2011.05.08 01:17:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\aliasworlds [2010.10.30 18:39:45 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alle meine Adressen [2010.12.23 08:52:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\alot [2011.05.01 19:54:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Anabel [2012.02.08 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Anarchy [2011.05.31 21:04:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Ancient Quest of Saqqarah_alawar [2011.07.12 19:32:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Arkadium [2011.05.27 19:59:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Artifex Mundi [2010.11.01 21:43:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Artogon [2010.12.23 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Ashampoo [2010.05.25 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Avery [2012.02.18 17:40:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Awem [2011.04.16 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Azuaz Games [2011.04.14 21:25:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Babylon [2012.02.17 20:33:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\BanzaiInteractive [2010.10.26 19:40:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Big Fish Games [2010.12.30 14:26:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Buhl Data Service GmbH [2009.12.24 19:19:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\BVS Solitaire Collection [2010.12.30 20:54:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\cerasus.media [2012.02.11 22:01:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Deep Shadows [2010.10.31 21:03:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Dragon Altar Games [2011.09.21 21:42:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoft [2011.05.22 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoftIEHelpers [2011.09.11 22:00:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EleFun Games [2012.02.15 22:23:43 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\ElementalsTheMagicKey [2012.02.09 00:37:54 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EnchantedCavern [2010.05.25 19:40:02 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EPSON [2012.02.08 23:43:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Exent Technologies [2012.01.31 21:34:06 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FairyTale [2011.07.24 04:47:56 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Flood Light Games [2011.06.26 09:25:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Floodlight Games [2011.05.31 19:51:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FloodLightGames [2010.04.16 12:18:00 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FOG Downloader [2011.06.21 19:51:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Friday's games [2012.02.19 13:05:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Frogwares [2010.11.12 21:41:49 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gaijin Ent [2012.02.13 17:08:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GameHouse [2012.02.08 19:49:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gamers Digital [2011.01.20 20:57:25 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Games [2012.02.17 14:44:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\gemsweeperextractedgfx [2010.01.10 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GMX [2012.02.09 14:04:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gogii [2011.12.01 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GTM_Bodie [2010.12.25 23:52:56 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\HdO Adventure [2010.12.16 18:35:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\HitPoint Studios [2010.12.12 14:49:54 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\ICQ [2010.10.25 18:55:44 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Intenium [2011.06.07 03:44:41 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\IObit [2010.11.01 20:40:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\iWin [2012.02.18 21:05:03 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\JaiboGames [2012.02.17 14:38:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Jewel Match 3 [2010.01.23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\KfzKostenSenken [2010.10.23 19:56:09 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Lazy Turtle Games [2011.05.27 16:57:49 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Legends of pirates [2010.03.18 20:56:31 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Magic Academy [2011.04.16 05:18:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Magic Academy 2 [2011.12.29 20:35:10 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MagicIndie [2011.03.13 21:26:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MAI [2011.12.31 18:57:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\md studio [2012.02.10 20:44:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Meridian93 [2010.12.23 19:55:20 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Merscom [2012.02.09 19:14:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MissTeriTale3 [2012.02.14 23:28:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MumboJumbo [2011.06.14 00:02:15 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Mystery of Mortlake Mansion [2010.03.08 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Nokia [2010.03.08 20:18:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Nokia Ovi Suite [2012.02.18 06:01:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Oberon Media [2011.06.18 14:21:30 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Oberonv1002 [2009.12.23 16:26:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\OpenOffice.org [2009.12.04 19:32:12 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Opera [2012.02.17 14:50:13 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Orneon [2010.03.08 20:16:31 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PC Suite [2010.12.02 17:28:10 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PeaceCraft2 [2009.12.20 13:48:41 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PeerNetworking [2011.06.07 02:37:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Phantasmat_intenium_se [2010.12.24 19:26:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Pirateville [2011.07.09 20:00:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PlayFirst [2011.07.09 20:18:22 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PlayPond [2012.02.15 22:28:52 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Playrix Entertainment [2011.05.31 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PoBros [2012.02.13 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1002 [2010.11.06 08:19:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1003 [2010.11.05 19:47:15 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1006 [2010.12.23 08:53:02 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PriceGong [2011.05.27 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Princess Isabella [2010.11.19 23:30:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\rondomedia [2012.02.18 19:50:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Sahmon Games [2009.12.26 20:23:06 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Samsung [2010.10.29 17:33:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SecretIslandDeuBF [2011.12.25 21:48:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Silverback Productions [2010.10.23 20:11:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Sky Bros [2010.11.01 20:31:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SpinTop [2012.02.19 12:48:36 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SpinTop Games [2011.05.31 21:29:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SprillBermudeEng [2012.02.19 22:17:07 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SprillRichiGerman [2010.10.10 19:06:04 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SultansLabyrinth [2009.12.11 17:13:43 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Template [2011.06.26 17:07:44 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TFS2 [2010.10.26 18:37:04 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TikisLab [2011.06.26 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TOMI3 [2011.07.28 21:41:35 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Top Evidence [2011.07.09 01:31:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Total Eclipse [2012.01.28 21:47:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TS3Client [2010.11.19 18:51:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Twintale Entertainment [2010.12.29 17:06:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Uniblue [2010.12.02 19:36:25 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\URSE Games [2010.12.27 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\V-Games [2010.10.24 21:27:00 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\VampireSaga [2010.12.29 22:36:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Vast Studios [2012.01.21 02:01:28 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\wargaming.net [2011.07.14 02:00:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Windows Live Writer [2011.07.06 21:50:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\World-Loom [2011.03.13 21:48:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Zylom [2012.02.20 13:11:12 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2009.12.02 15:34:13 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2011.03.06 11:41:45 | 000,000,000 | ---D | M] -- C:\AbaEnglishCourse [2010.11.05 14:57:22 | 000,000,000 | -H-D | M] -- C:\ASUS.DAT [2011.06.26 09:14:56 | 000,000,000 | ---D | M] -- C:\BigFishGamesCache [2009.12.27 12:42:10 | 000,000,000 | -HSD | M] -- C:\Boot [2012.02.19 17:34:11 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.11.16 23:15:31 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft [2012.01.21 01:25:00 | 000,000,000 | ---D | M] -- C:\Games [2009.08.22 02:23:56 | 000,000,000 | RH-D | M] -- C:\MSOCache [2010.10.09 20:07:00 | 000,000,000 | ---D | M] -- C:\Nexon [2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.02.20 15:20:59 | 000,000,000 | R--D | M] -- C:\Program Files [2012.02.20 13:21:53 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.02.08 19:31:46 | 000,000,000 | ---D | M] -- C:\Remote Programs [2010.03.04 20:46:05 | 000,000,000 | ---D | M] -- C:\Softwarenetz [2010.01.02 19:10:02 | 000,000,000 | ---D | M] -- C:\SPIELE [2012.02.19 19:37:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2009.12.02 15:18:53 | 000,000,000 | R--D | M] -- C:\Users [2012.02.20 13:12:36 | 000,000,000 | ---D | M] -- C:\Windows [2012.02.19 10:40:23 | 000,000,000 | ---D | M] -- C:\Zylom Games < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: AHCIX86S.SYS > [2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\drivers\ahcix86s.sys [2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_c617648e\ahcix86s.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.02.22 05:59:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=76D70915EB81608DC6ACA87887FAB38F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys [2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_3d9c5057\atapi.sys [2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2009.08.22 02:47:35 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2009.08.22 02:47:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2009.08.22 02:47:34 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2009.08.22 02:47:35 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2011.03.19 10:04:09 | 000,068,629 | ---- | M] () -- C:\Users\ProMarkt\Crazy Factory Piercing - Brustwarzenpiercings.htm [2012.02.20 16:16:31 | 004,194,304 | -HS- | M] () -- C:\Users\ProMarkt\ntuser.dat [2012.02.20 16:16:31 | 000,262,144 | -H-- | M] () -- C:\Users\ProMarkt\ntuser.dat.LOG1 [2009.12.02 15:18:54 | 000,000,000 | -H-- | M] () -- C:\Users\ProMarkt\ntuser.dat.LOG2 [2012.02.20 15:38:03 | 000,065,536 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012.02.20 15:38:03 | 000,524,288 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2009.12.02 15:36:10 | 000,524,288 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009.12.02 15:18:54 | 000,000,020 | -HS- | M] () -- C:\Users\ProMarkt\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp  1B5B4F1@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:58600DC1 @Alternate Data Stream - 155 bytes -> C:\ProgramData\Temp:26B7B9EA @Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:8AB6C1D7 @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:23CB5E78 @Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:CF2C26D2 @Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:2A8CD561 @Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:260575F1 @Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:85649C7B @Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp B051353@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:ABD3B354 @Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:23B8DEE6 @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:F74B380E @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A9D9351A @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:9E22BBE8 @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:580E04D8 |
|
20.02.2012, 17:43
| #10 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix und der bittere Rest. ich hofe, das es jetzt richtig ist... @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:0D31DA45 @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:F1FE38D7 @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:A3642ED6 @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:8F7ECF6A @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:46545F5C @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:91CF76E3 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E35A81F4 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:2FAFBD6A @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:1198CD34 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:072B9E55 @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:5690D76E @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:52FE3CCD @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:B894C266 @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0E660858 @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:62197B73 @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp 93DCF15@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:B54E4B5A @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:891A7A73 @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4C8FA829 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:BE1DA945 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp B8C1C95@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:6499508E @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:4A448DB2 @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp AFAF1BF@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:C22674B6 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:5AC256BC @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:43ABA97D @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:F4BE8180 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:26140299 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:24DC7949 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:8F925134 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:6C491D31 @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4220A65C @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:1BFEE019 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E9CB5ECC @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:CA0CE093 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2A0E0B9F @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1316EAD4 @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp 3A89E47@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:FC420CE6 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:F6424B89 @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:3DD2AE2E @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:C24B973A @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:51F17BB8 @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:0E22C5DB @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:3FBB88CF @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp 8A9F240@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:3086B95F @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1E3397DC @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:FAFEC4B9 @Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:C8E82994 @Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:B2735F9E @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:409A775B @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:0ED4AC2F @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:3E06C78F @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:95198126 @Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:330E66BD @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp 650D56C< End of report >0 |
|
20.02.2012, 17:51
| #11 |
| /// Malware-holic | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix hi dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - HKCU..\Run: [SkypeM] C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe (Provtech Limited)
O4 - HKCU..\Run: [Binary Noise] C:\Users\ProMarkt\AppData\Roaming\7993F0.exe ()
:Files
C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe
C:\Users\ProMarkt\AppData\Roaming\7993F0.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.02.2012, 18:34
| #12 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix es hat sich nach dem neustart leider kein textdokument geöffnet.es war auch auf dem desktop keines sichtbar. ich fahre einfach weiter ort... |
|
20.02.2012, 18:47
| #13 |
| | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix der upload hat problemlos geklappt.... soweit kommt auch im normalen modus keine meldung mehr. heisst das etwa, dass jetzt wieder alles okay ist?! vielen lieben dank an dich...alleine wäre ich untergegangen und im pc-laden abgezogen worden.... vielen dank auch ür deine geduld! |
|
20.02.2012, 19:07
| #14 |
| /// Malware-holic | 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix hi, danke dir für den upload. wir müssen noch weiter suchen, und sicherheitslücken schließen, deswegen, bis wir fertig sind, nicht im netz surfen, außer auf von mir benannten seiten. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.[list][*] Besuche folgende Seite für Downloadlinks und Anweisungen für dieses Tool Ein Leitfaden und Tutorium zur Nutzung von ComboFix [*] Hinweis: Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix |
| 50€ virus, ahnung, arbeiten, bereits, eurem, forum, funktionier, funktioniert, gelöscht, helft, heute, laptop, liebe, malwarebytes, neustart, objekte, porblem besteht weiterhin, scan durchgelaufen, sichere, tolle, virus, wirklich |
Linear-Darstellung
