| |  Polizei Trojaner
 Hallo Leute,
Und zwar hab ich mir vor ca. 2 Stunden diesen blöden Polizei Trojaner eingefangen und bräuchte unbedingt Hilfe da ich am verzweifeln bin !!
Wie ich in anderen Threads schon gelesen habe sollte man Malwarebytes anti-malware, otl und CCleaner haben was ich auch natürlich runtergeladen und installiert habe !!
Im Anhang findet ihr die otl text datei und extra datei !!
Ich danke euch schon im voraus !!
Mfg Kitty
OTL.text datei PHP-Code: OTL logfile created on: 8/24/2012 9:49:18 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\SORIA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.98 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 51.47% Memory free
7.96 Gb Paging File | 6.20 Gb Available in Paging File | 77.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 177.00 Gb Total Space | 77.77 Gb Free Space | 43.94% Space Free | Partition Type: NTFS
Drive D: | 265.31 Gb Total Space | 52.76 Gb Free Space | 19.89% Space Free | Partition Type: NTFS
Computer Name: SORIA-PC | User Name: SORIA | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/08/24 21:48:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\SORIA\Desktop\OTL.exe
PRC - [2012/08/24 21:47:03 | 001,201,104 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\562C4DD5\19.6.2.10\InstStub.exe
PRC - [2012/08/24 21:41:30 | 000,618,227 | ---- | M] () -- C:\Users\SORIA\Downloads\adwcleaner.exe
PRC - [2012/07/03 13:46:42 | 000,973,488 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/03/19 19:03:06 | 000,102,768 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\Navw32.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/08/24 21:41:30 | 000,618,227 | ---- | M] () -- C:\Users\SORIA\Downloads\adwcleaner.exe
MOD - [2012/08/18 00:28:55 | 000,442,392 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
MOD - [2012/08/18 00:28:54 | 012,236,824 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/18 00:28:52 | 003,997,720 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/18 00:27:23 | 000,144,424 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/18 00:27:22 | 000,266,792 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/18 00:27:21 | 002,480,680 | ---- | M] () -- C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/12/08 18:56:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:[b]64bit:[/b] - [2011/02/08 02:41:16 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2010/09/22 11:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/08/09 21:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/08/21 11:15:53 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/21 07:55:54 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/14 17:28:11 | 004,419,392 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/22 18:26:08 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/17 00:18:36 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\ccSvcHst.exe -- (NAV)
SRV - [2011/12/08 18:56:38 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/12/08 18:56:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/08/19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/06/19 19:56:16 | 004,122,968 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/03/01 14:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 03:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/21 04:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 04:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/08/24 21:47:51 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/01/17 17:46:02 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2012/01/17 17:45:58 | 001,092,728 | R--- | M] (Symantec Corporation) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymEFA64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2012/01/17 17:45:56 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymDS64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2012/01/17 17:35:24 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\Ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2012/01/17 17:33:52 | 000,738,936 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2012/01/17 17:33:52 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2011/11/29 17:44:30 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\ccSetx64.sys -- (ccSet_NAV)
DRV:[b]64bit:[/b] - [2011/11/15 05:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2011/09/29 09:04:22 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:[b]64bit:[/b] - [2011/08/19 10:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:[b]64bit:[/b] - [2011/08/19 10:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:[b]64bit:[/b] - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2011/07/05 13:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/03/04 09:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011/02/08 21:13:12 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:[b]64bit:[/b] - [2011/02/08 21:13:10 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2011/02/08 21:13:10 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2011/02/08 21:13:10 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2011/02/08 21:13:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2011/01/27 07:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/13 00:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2010/11/10 02:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:[b]64bit:[/b] - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/10/07 04:59:00 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:[b]64bit:[/b] - [2010/09/13 11:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/03/14 04:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120314.019\EX64.SYS -- (NAVEX15)
DRV - [2012/03/14 04:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\VirusDefs\20120314.019\ENG64.SYS -- (NAVENG)
DRV - [2012/01/17 17:35:12 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\IPSDefs\20120202.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/01/17 17:34:24 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\Definitions\BASHDefs\20111201.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/11/24 16:34:44 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/08/09 02:42:10 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{E7E340ED-E137-46D6-B7BA-1E7BF1385A63}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [String data over 1000 bytes]
[color=#E56717]========== FireFox ==========[/color]
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\SORIA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\SORIA\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\SORIA\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/28 00:36:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.6.2.10\IPSFFPlgn\
[2012/01/28 23:14:59 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8524_0\npSkypeChromePlugin.dll
CHR - plugin: WordCaptureX (Enabled) = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\npWCX.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\SORIA\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\SORIA\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Ask Toolbar = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.14.1.20074_0\
CHR - Extension: Fish Tales = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbdnfclkomohljcfokofigmagkpelkg\2.0.0_0\
CHR - Extension: Turn Off the Lights = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.3_0\
CHR - Extension: YouTube = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DealPly = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: Apple Shooter = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbcjjgkapdombcilbfbjapkbpnocbkcf\2.0.0_0\
CHR - Extension: AdBlock = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Gun Blut = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifphbghhodpimajnjejgjlfcjmnnkhci\4.0.0_0\
CHR - Extension: Facemoods = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\
CHR - Extension: Facemoods = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\facemoods\
CHR - Extension: Hkchen = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhbeaddffkfobkdfokddkicdgbikgjld\1.0_0\
CHR - Extension: Autodesk Homestyler = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Skype Click to Call = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8524_0\
CHR - Extension: Word CaptureX Extension = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Nyan Cat Lost In Space = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocolcbginmpjiobmipdgimnpeplgbghg\1.2_0\
CHR - Extension: Peanut Kugel = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejlfinobmkpehdkglppnmcnjkhlcocc\1.5_0\
CHR - Extension: Google Mail = C:\Users\SORIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/08/24 20:08:19 | 000,000,023 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.6.2.10\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [xmlfilter] C:\Users\SORIA\AppData\Local\Microsoft\Windows\4603\xmlfilter.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\SORIA\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Facebook Update] C:\Users\SORIA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\SORIA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\SORIA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\SORIA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\SORIA\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D0C71FC-AF31-45ED-B159-7D490E92AF1A}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E420E3BF-C2A1-4233-BA32-746E24431A49}: DhcpNameServer = 10.0.0.138
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/08/24 21:47:52 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\SORIA\Desktop\OTL.exe
[2012/08/24 21:47:51 | 000,175,736 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/24 21:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/08/24 21:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/08/24 21:47:31 | 001,092,728 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymEFA64.sys
[2012/08/24 21:47:31 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymDS64.sys
[2012/08/24 21:47:31 | 000,405,624 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\symnets.sys
[2012/08/24 21:47:31 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtspx64.sys
[2012/08/24 21:47:30 | 000,738,936 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtsp64.sys
[2012/08/24 21:47:30 | 000,190,072 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\Ironx64.sys
[2012/08/24 21:47:30 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\ccSetx64.sys
[2012/08/24 21:47:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2012/08/24 21:47:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A
[2012/08/24 21:47:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2012/08/24 21:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2012/08/24 21:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/08/24 20:22:59 | 000,000,000 | ---D | C] -- C:\Users\SORIA\AppData\Roaming\Malwarebytes
[2012/08/24 20:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/24 20:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/24 20:22:53 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/24 20:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/24 20:08:48 | 000,000,000 | ---D | C] -- C:\Users\SORIA\AppData\Roaming\hellomoto
[2012/08/24 20:08:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/22 09:08:49 | 000,000,000 | ---D | C] -- C:\SunnyHacks
[2012/08/14 10:31:24 | 000,000,000 | ---D | C] -- C:\Users\SORIA\Desktop\sdg
[2012/08/14 07:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2012/08/14 07:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/08/24 21:48:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\SORIA\Desktop\OTL.exe
[2012/08/24 21:47:51 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/08/24 21:47:51 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/24 21:47:51 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/24 21:47:50 | 000,002,469 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/08/24 20:22:54 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/24 20:20:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/24 20:19:58 | 4273,520,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/24 20:17:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/24 20:08:19 | 000,000,023 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/24 19:52:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001UA.job
[2012/08/24 19:37:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001UA.job
[2012/08/23 21:37:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001Core.job
[2012/08/23 20:07:43 | 000,000,111 | ---- | M] () -- C:\Users\SORIA\Desktop\PerX.ini
[2012/08/23 18:21:44 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001Core.job
[2012/08/22 10:58:32 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/22 10:58:32 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/22 07:59:40 | 000,002,449 | ---- | M] () -- C:\Users\SORIA\Desktop\Google Chrome.lnk
[2012/08/21 07:54:31 | 000,277,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/14 07:29:06 | 000,001,163 | ---- | M] () -- C:\prefs.js
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/08/24 21:47:51 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/08/24 21:47:51 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/08/24 21:47:50 | 000,002,469 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2012/08/24 21:47:22 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymEFA.inf
[2012/08/24 21:47:22 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymDS.inf
[2012/08/24 21:47:22 | 000,001,441 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymNet.inf
[2012/08/24 21:47:22 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtsp64.inf
[2012/08/24 21:47:22 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtspx64.inf
[2012/08/24 21:47:22 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\ccSetx64.inf
[2012/08/24 21:47:22 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\Iron.inf
[2012/08/24 21:47:10 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymDS64.cat
[2012/08/24 21:47:10 | 000,007,468 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\ccsetx64.cat
[2012/08/24 21:47:10 | 000,007,462 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtspx64.cat
[2012/08/24 21:47:10 | 000,007,460 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymEFA64.cat
[2012/08/24 21:47:10 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\symnet64.cat
[2012/08/24 21:47:10 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\srtsp64.cat
[2012/08/24 21:47:10 | 000,007,450 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\iron.cat
[2012/08/24 21:47:10 | 000,004,782 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\SymVTcer.dat
[2012/08/24 21:47:10 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1306020.00A\isolate.ini
[2012/08/24 20:22:54 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/21 07:56:03 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/22 18:26:09 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/03/22 18:26:08 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/02/02 11:17:40 | 000,149,504 | ---- | C] () -- C:\Users\SORIA\AppData\Roaming\chrtmp
[2012/02/02 11:17:37 | 000,061,440 | ---- | C] () -- C:\Users\SORIA\AppData\Roaming\Server.exe
[2011/12/24 16:52:02 | 000,000,412 | ---- | C] () -- C:\Users\SORIA\AppData\Roaming\Metin2_Multibot.cfg
[2011/12/19 03:45:58 | 000,007,605 | ---- | C] () -- C:\Users\SORIA\AppData\Local\Resmon.ResmonCfg
[2011/11/12 12:12:04 | 000,002,114 | ---- | C] () -- C:\Users\SORIA\Samsung Support Center.lnk
[2011/08/19 10:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/08/19 10:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/08/19 10:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/03/18 07:36:45 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2011/03/18 02:56:15 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2011/03/18 01:22:43 | 000,001,898 | ---- | C] () -- C:\Windows\HotFixList.ini
[2011/03/18 01:12:28 | 000,001,641 | ---- | C] () -- C:\Users\SORIA\User Guide.lnk
[2011/03/18 01:10:01 | 000,142,128 | ---- | C] () -- C:\Windows\wiainst64.exe
[color=#E56717]========== LOP Check ==========[/color]
[2011/03/24 15:55:37 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\.minecraft
[2012/07/14 16:48:29 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Aeria Games & Entertainment
[2012/04/01 13:26:12 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\BitTorrent
[2011/12/05 05:18:01 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\DAEMON Tools Lite
[2012/02/04 14:57:06 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\DVDVideoSoft
[2012/02/04 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/04 01:01:59 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Leadertech
[2011/12/04 23:46:39 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\LolClient
[2012/02/04 14:50:06 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\ManyCam
[2012/01/20 08:43:20 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\MW3 FoV Changer
[2011/12/01 16:54:20 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Notepad++
[2011/12/01 03:23:22 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Pamela
[2011/12/17 01:20:42 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Pamela Call Recorder
[2011/12/19 05:19:48 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\PhotoScape
[2011/11/30 01:38:32 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Publish Providers
[2012/03/22 18:26:07 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\PunkBuster
[2012/03/12 14:36:16 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\redsn0w
[2011/11/30 01:39:37 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\Sony
[2011/12/07 01:28:45 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\TeamViewer
[2012/02/03 20:13:00 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\TS3Client
[2012/01/23 14:33:23 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\TuneUp Software
[2012/01/20 05:41:50 | 000,000,000 | ---D | M] -- C:\Users\SORIA\AppData\Roaming\WildTangent
[2012/08/23 18:21:44 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001Core.job
[2012/08/24 19:52:00 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-336442205-827502387-1674173946-1001UA.job
[2012/01/30 11:07:00 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
OTL. extra datei PHP-Code: OTL Extras logfile created on: 8/24/2012 9:49:18 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\SORIA\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.98 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 51.47% Memory free
7.96 Gb Paging File | 6.20 Gb Available in Paging File | 77.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 177.00 Gb Total Space | 77.77 Gb Free Space | 43.94% Space Free | Partition Type: NTFS
Drive D: | 265.31 Gb Total Space | 52.76 Gb Free Space | 19.89% Space Free | Partition Type: NTFS
Computer Name: SORIA-PC | User Name: SORIA | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AEF6CE-D237-4B0E-BF8D-2DD5645901A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{10743EF0-270E-4FD0-B749-E6CD4B077516}" = rport=137 | protocol=17 | dir=out | app=system |
"{22432CC3-3A55-4605-AB16-BDFDBEE98E52}" = lport=445 | protocol=6 | dir=in | app=system |
"{2653C259-D78A-40A9-9796-E95A1CDBAC5A}" = rport=139 | protocol=6 | dir=out | app=system |
"{409DBFE3-BF0F-411D-840F-E2569BD58A84}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41762D66-671F-42FF-960A-A8DBBF4928CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{485738BC-FE77-4D09-A1E1-08925A747CDF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5140347A-4563-45E2-8BE8-60A590FAE2D4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{59BF124E-289C-4938-AD40-640C05E5B63F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F150181-06F5-4B80-8B28-372B356AEFBF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{671A6F92-DD82-4502-8722-381113A6D3CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{803C327C-42AA-4E41-BA51-2B6257B054D7}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C8E152D-5BFE-40D3-95E1-53F88FD721AA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{99648EDE-B632-4A24-A2E5-11B58D98AC4B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0C16592-BAF2-4252-B0DD-45E1CE5E548F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7D31A01-BC27-49DB-8555-CE04C9957506}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADEAAC50-6486-411F-926F-D037B058D22D}" = lport=138 | protocol=17 | dir=in | app=system |
"{B6774D6D-5A48-4733-8BFF-C3642F2E9078}" = lport=139 | protocol=6 | dir=in | app=system |
"{D606900E-9ABF-4906-BC1C-E5B4C2E6B1E6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DD4904FE-43CC-4CFD-AAE7-4A980A13126F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E1D84DED-1200-42E7-9929-1A4C6A73FB8D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E4A81C96-E996-4B34-A8CE-8E076D1F5982}" = rport=138 | protocol=17 | dir=out | app=system |
"{E5537F3C-FAA7-484A-89B0-ADA840C31AE7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA6CCB00-C84F-46C7-8C0D-AFA7E56CA9EB}" = lport=137 | protocol=17 | dir=in | app=system |
"{F768A69F-B9BC-409B-AC0A-D0AFC582336F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0876930A-453E-4A96-B948-D44F0710E04C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0A2EA47C-6A63-418D-860F-636E3811BE80}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0C7A3150-A300-4017-AE67-4998217EAD3D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D4AEEDC-F0F8-4698-A269-CC2BA3EAD880}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{0EB15C0E-F4C3-4103-B296-45C1F3FB3D5F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1069484D-850A-43AE-8724-44C63BC6A54F}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{12338F37-7233-449B-A0C2-E8C8803AB5D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{1756F45F-122A-4832-A4F1-B239C4B8FF29}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17E758DC-45AD-4A22-A897-121621EE990B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{19915A03-929E-4023-9005-6CB5F2E94D08}" = protocol=6 | dir=in | app=c:\program files (x86)\efusion\blackshot\system\blackshot.exe |
"{1AF627B7-9AAB-4996-BCAE-7DE997CFD338}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1CAEDB22-4D3E-4E0F-82A9-6FA7E6224E4C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{1D6F9FE6-BE5E-4D71-8C50-83FF64BECBBF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{1E23183B-FD0D-486B-B17C-FB44BCC1E60E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1FC73D74-DACE-44D5-9C35-8F9AAF86C87D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\condition zero\hl.exe |
"{2214E969-833A-4BD8-9015-4B34C3C91620}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{270D83C6-7862-40BD-B513-E57819FD5561}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BCCFBD8-F72F-4787-BECC-5FED798A19C7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{2DDAAE6B-86B2-4DC5-9761-CD9ED54DF4A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E49064C-7D48-45A7-8EB5-595BA757A540}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2F4F9A99-83D8-41A0-9A24-A7C3A5DA0EC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{31D3E3C6-761A-465E-911A-1D80D96FFE9F}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{337A8FAA-9823-4C5E-B8F3-C90722460CAE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3394B143-32FE-459C-B5C9-1AA375A9775D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3783E183-4719-4B56-BFCF-855379450A51}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{37FD8262-18BD-4F00-861E-C2FEAE20BA60}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{38DEFFCE-7EB8-427E-A105-6E301EEF1DAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\counter-strike\hl.exe |
"{3AE35AD4-C98F-4714-B572-E294F974D9DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4176CD70-D09C-4C5A-93BC-8173CB7AEF17}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{42D89EC4-4429-40C0-B855-C9D4C1BB4C89}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{446AB688-F491-42E2-BF09-E43A9198BFDB}" = protocol=6 | dir=out | app=system |
"{46C06CA3-24C4-498C-BB18-735EB7A0A408}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{48AD6A2C-0AB5-4F93-A6EF-28A4710B1EA0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{49B612A8-B8F5-41F9-BEB2-FD7B9E2F4B02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C369A3E-C94C-4A15-97F6-E45FFDA39DFE}" = protocol=6 | dir=in | app=c:\users\soria\appdata\local\akamai\netsession_win.exe |
"{4F163AED-5299-4694-9F3C-199B6D870D45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\counter-strike\hl.exe |
"{5007E510-13EF-449C-A29E-D3D27193A624}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{506F6570-25C3-46B2-A1EE-85090E62B11C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{51A20AE0-3FE6-4B48-8187-B8430100023A}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe |
"{58B47397-983E-47BB-9DA6-C6B988C215E7}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{5C100519-57B0-4305-99D7-1237CE9B62C5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\condition zero\hl.exe |
"{60342DF5-A86F-4C93-A7FC-576DCCC800B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\counter-strike\hl.exe |
"{6343A35B-B9A9-415C-AA10-21B855E2DF22}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{665A0D43-5B94-4510-A5EA-5730F979E42C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{66D92CBE-8D13-4C13-8A45-059EFB600D19}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{66F78935-8B2B-494E-AA89-18AB98C4448C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6838DC67-D00D-4FC6-87E9-B5A9F020EF9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B0B14F1-628A-492E-AFD7-24CD4A9EDBC0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{6B18DF8C-D0D7-482E-B102-1B4E62A03C94}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{74A97DC2-9FC9-49FB-A4B8-F17965183EA4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7EBFE4E9-0896-499F-AF3F-B638A4A90210}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{80770FAA-3482-40C4-8686-6421C41E9579}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{81AAAAB8-26AC-4388-BDEB-A2ECCADD01C6}" = protocol=17 | dir=in | app=c:\users\soria\appdata\local\akamai\netsession_win.exe |
"{85D16EF5-0E10-47E2-8B4F-18AB4D156454}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{891CC464-1F03-48A0-907D-F2DB4EB82B69}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{8D1C6AC7-5ECF-4239-890F-FFA9A8CEE681}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8E230AC1-4382-47A2-8951-263F497D6150}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8EE1378D-DA0A-4C98-BF3A-01223D798651}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{916689D5-1706-4C8C-ABD8-2096FD7A6E52}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{985C441F-D809-46E7-B51A-53F9F14A9921}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C964C05-4D9A-4D12-A815-7BBCDA50CEEB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9FB38C8B-5E9B-4CA3-B43A-71A2121F3BE1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A3DD5C94-BE10-4EC6-B328-87CB95770DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{ACEEEE2F-ACC0-4479-A2C9-2C3CC5AE215F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BAEB78C3-E096-4C0B-9D5D-D1780AA1CD6B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC5E5F68-3FCA-4D46-9B7A-052607F280BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{BC60C5FD-7384-4751-AC89-3A9655A1AA0A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{C01ADF12-9BC7-4972-9AB0-8355EF7D066D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C0420D92-14CA-4AD9-A5B3-C63014AD1BC4}" = protocol=17 | dir=in | app=c:\program files (x86)\efusion\blackshot\system\blackshot.exe |
"{C5DE9003-59B5-46DB-8B67-6BD19119B11F}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{C8AF464B-3964-467D-9DB3-A3DD457EB853}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CB2852C2-47D9-4370-8B2E-CE0076C2EF6F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{CF12BF1E-161D-47D9-A685-AD33C3A74BAB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D40125EB-9B4E-4690-965A-889627566322}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D6C56002-2AF7-4C49-AEFA-15057937B383}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\cro_cop616\counter-strike\hl.exe |
"{DB686B77-1636-43F3-B91A-02D0BBE7CC8C}" = dir=in | app=c:\users\soria\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E0C825C4-F191-420B-8D5D-5E528D728485}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{E6B9CC2E-B1AE-43C7-B08D-FFD600EDF3F0}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{F247E4D4-6260-49BA-A8CF-5327C810B5DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F494CB33-CF36-40E8-AC4F-8F0BBF143549}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{F4A1A26E-1C3D-452F-BA09-2DE5F461E288}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F9D2A30D-A02B-4E2D-B2A9-736C62F94FBB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{FE4F3BE9-0D65-4CF3-BF4A-2FF719EE3898}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"TCP Query User{09087A27-19F6-487C-849B-0B7E429B77DC}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"TCP Query User{292B2443-9AB3-4FE5-B0AA-64AD2E53B923}C:\users\soria\desktop\tsuyoshi2\metin2client.bin" = protocol=6 | dir=in | app=c:\users\soria\desktop\tsuyoshi2\metin2client.bin |
"TCP Query User{690F8A88-9549-428E-8FB9-ABBEC818B303}C:\users\soria\desktop\king\dragon-heart-network\dragonheart.exe" = protocol=6 | dir=in | app=c:\users\soria\desktop\king\dragon-heart-network\dragonheart.exe |
"TCP Query User{77A11118-8A84-4B66-A161-94296EF3888B}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{D2ADA81C-1F9E-435E-9D98-4CA650B98DFC}C:\users\soria\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\soria\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D6674EA6-03FB-4DAE-8D2F-523DC8A31F45}C:\users\soria\desktop\nrgmt2\metin2client.exe" = protocol=6 | dir=in | app=c:\users\soria\desktop\nrgmt2\metin2client.exe |
"TCP Query User{EEA9C0E3-7400-4DAD-ABD7-123F94FD5A90}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{0CEFEC09-D52E-4EE1-BFC7-73228967D341}C:\users\soria\desktop\nrgmt2\metin2client.exe" = protocol=17 | dir=in | app=c:\users\soria\desktop\nrgmt2\metin2client.exe |
"UDP Query User{0E3167C1-CE5C-4871-B434-DC60ED549981}C:\users\soria\desktop\king\dragon-heart-network\dragonheart.exe" = protocol=17 | dir=in | app=c:\users\soria\desktop\king\dragon-heart-network\dragonheart.exe |
"UDP Query User{68838456-B3D8-43B6-B248-ED844179EF15}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{6DE0BC75-C497-434F-A76F-9037B602BC5F}C:\users\soria\desktop\tsuyoshi2\metin2client.bin" = protocol=17 | dir=in | app=c:\users\soria\desktop\tsuyoshi2\metin2client.bin |
"UDP Query User{7261C12A-2C95-4364-B3C0-D9DBCF33D330}C:\users\soria\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\soria\appdata\local\akamai\netsession_win.exe |
"UDP Query User{93605CFB-51F8-435D-8192-0C6279068820}C:\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam-de\wolfteam.bin |
"UDP Query User{F79B71BB-1848-435A-BF08-354A05996B92}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-X64 8.0.7.2_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}" = WordCaptureX Pro
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16880765-677F-440B-B16A-BFD9B9C00012}" = EasyFileShare
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21B49B4A-BBC3-4A09-9C68-6C3CC0B1EA01}" = Windows Live Messenger
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{21F221E8-5997-4F37-962E-44E5B4DED7E3}" = Aeria Ignite
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34AB675C-1965-44B5-B5A7-B02EE6196AD3}" = Windows Live Messenger
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}" = PhoneShare
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Start
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}" = Movie Color Enhancer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8732818E-CA78-4ACB-B077-22311BF4C0E4}" = Easy Network Manager
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center 1.0
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDAE128F-A355-42B1-8422-1AF3ACEE34F4}" = SISShortcut
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFD0E594-823B-4E2B-B680-720B3C852588}" = BatteryLifeExtender
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.9.1511" = Aeria Ignite
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"DealPly" = DealPly
"DivX Setup" = DivX-Setup
"facemoods" = Facemoods Toolbar
"Fraps" = Fraps
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"Game Console - WildGames" = WildTangent ORB Game Console
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"IsoBuster_is1" = IsoBuster 2.8.5
"M2Fish" = M2Fish 4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"ManyCam" = ManyCam 2.6.65 (remove only)
"Metin2_is1" = Metin2
"NAV" = Norton AntiVirus
"Notepad++" = Notepad++
"PamelaCR" = Pam Call Recorder 4.8
"PhotoScape" = PhotoScape
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 550" = Left 4 Dead 2
"Steam App 80" = Counter-Strike: Condition Zero
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live 程式集
"WolfTeam-DE" = WolfTeam-DE
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
Error - 5/9/2012 4:34:16 AM | Computer Name = SORIA-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
Error - 5/9/2012 5:14:35 AM | Computer Name = SORIA-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 1. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 5/9/2012 5:34:35 AM | Computer Name = SORIA-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 5/10/2012 9:32:32 AM | Computer Name = SORIA-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 5/10/2012 9:32:52 AM | Computer Name = SORIA-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 7/5/2012 9:00:58 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656368)
Error - 7/7/2012 7:47:05 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2604121)
Error - 7/7/2012 7:47:05 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2686827)
Error - 7/7/2012 7:47:19 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656405)
Error - 7/7/2012 7:47:19 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656368)
Error - 7/7/2012 9:00:39 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2604121)
Error - 7/7/2012 9:00:39 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2686827)
Error - 7/7/2012 9:00:55 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656405)
Error - 7/7/2012 9:00:55 PM | Computer Name = SORIA-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2656368)
Error - 7/8/2012 7:18:46 PM | Computer Name = SORIA-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?07.?2012 um 03:38:44 unerwartet heruntergefahren.
< End of report >
|
24.08.2012, 21:28
Linear-Darstellung
