|
Plagegeister aller Art und deren Bekämpfung: Automatische Startseite searchplusnetwork.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.12.2012, 22:37 | #16 |
| Automatische Startseite searchplusnetwork.com hier das Ergebnis des adwCleaner: Code:
ATTFilter # AdwCleaner v2.104 - Datei am 29/12/2012 um 22:35:24 erstellt # Aktualisiert am 29/12/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : sam - SAM-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\sam\Desktop\adwcleaner.exe # Option [Suche] **** [Dienste] **** ***** [Dateien / Ordner] ***** ***** [Registrierungsdatenbank] ***** Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl ***** [Internet Browser] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Die Registrierungsdatenbank ist sauber. ************************* AdwCleaner[R1].txt - [8617 octets] - [28/12/2012 13:39:19] AdwCleaner[R2].txt - [814 octets] - [29/12/2012 22:35:24] AdwCleaner[S1].txt - [8560 octets] - [28/12/2012 13:45:01] ########## EOF - C:\AdwCleaner[R2].txt - [933 octets] ########## |
30.12.2012, 01:26 | #17 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Automatische Startseite searchplusnetwork.com adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________
Danach eine Kontrolle mit OTL bitte:
__________________ |
30.12.2012, 11:13 | #18 |
| Automatische Startseite searchplusnetwork.com Hi.
__________________zur info. als ich dden rechner vorhin hochgefahren habe wurde erstmal die Registry aktuallisiert und der internet explorer hat mich gefragt ob er als standard programm eingerichtet werden soll - hab ja gesagt. der code Button geht jetzt auch wieder... hier die txt zum adwCleaner: Code:
ATTFilter # AdwCleaner v2.104 - Datei am 30/12/2012 um 11:08:01 erstellt # Aktualisiert am 29/12/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : sam - SAM-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\sam\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Die Registrierungsdatenbank ist sauber. ************************* AdwCleaner[R1].txt - [8617 octets] - [28/12/2012 13:39:19] AdwCleaner[R2].txt - [1001 octets] - [29/12/2012 22:35:24] AdwCleaner[S1].txt - [8560 octets] - [28/12/2012 13:45:01] AdwCleaner[S2].txt - [936 octets] - [30/12/2012 11:08:01] ########## EOF - C:\AdwCleaner[S2].txt - [995 octets] ########## OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.12.2012 11:20:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sam\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,80 Gb Total Physical Memory | 4,31 Gb Available Physical Memory | 74,30% Memory free 11,60 Gb Paging File | 9,93 Gb Available in Paging File | 85,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 449,55 Gb Total Space | 388,60 Gb Free Space | 86,44% Space Free | Partition Type: NTFS Drive E: | 480,09 Mb Total Space | 337,88 Mb Free Space | 70,38% Space Free | Partition Type: FAT Computer Name: SAM-PC | User Name: sam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\sam\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\sam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () PRC - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros) PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) PRC - C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () MOD - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll () ========== Services (SafeList) ========== SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV:64bit: - (Live Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3324255846-2831237359-2093235203-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3324255846-2831237359-2093235203-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3324255846-2831237359-2093235203-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.27 09:38:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120922191706.dll File not found O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120922191706.dll File not found O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [InstantUpdate] C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe () O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\sam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3324255846-2831237359-2093235203-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39D0735F-6B08-4EA5-8A6C-65BBEC5A2074}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49EA5171-923D-44DF-89C1-81CE2A6C3195}: DhcpNameServer = 141.18.30.1 141.18.30.2 141.18.30.3 141.18.30.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4FA8760-7487-4D1E-B6F8-1190C9325F16}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.30 11:17:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sam\Desktop\OTL.exe [2012.12.30 00:38:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.12.30 00:38:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.12.30 00:38:56 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.12.30 00:38:56 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.12.30 00:38:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.12.30 00:38:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.12.30 00:38:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.12.30 00:38:56 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.12.30 00:38:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.12.30 00:38:56 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.12.30 00:38:56 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.12.30 00:38:56 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.12.30 00:38:56 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.12.30 00:38:56 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.12.30 00:38:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.12.30 00:38:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.12.30 00:38:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.12.30 00:38:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.12.30 00:38:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.12.30 00:38:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.12.30 00:38:56 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.12.30 00:38:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.12.30 00:38:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.12.30 00:38:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.12.30 00:38:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.12.30 00:38:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.12.30 00:38:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.12.30 00:38:56 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.12.30 00:38:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.12.30 00:38:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.12.30 00:38:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.12.30 00:38:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.12.30 00:38:56 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.12.30 00:38:56 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.12.30 00:38:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.12.30 00:38:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.12.30 00:38:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.12.30 00:38:56 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.12.30 00:38:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.12.30 00:38:56 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.12.30 00:38:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.12.30 00:38:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.12.30 00:38:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.12.30 00:38:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.12.30 00:38:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.12.30 00:38:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.12.30 00:38:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.12.30 00:38:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.12.30 00:38:56 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.12.30 00:38:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.12.30 00:38:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.12.30 00:38:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.12.30 00:38:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.12.30 00:38:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.12.30 00:38:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.12.30 00:38:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.12.30 00:38:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.12.30 00:38:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.12.30 00:38:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.12.30 00:38:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.12.30 00:38:56 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.12.30 00:38:56 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.12.30 00:38:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.12.30 00:38:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.12.30 00:38:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.12.30 00:38:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.12.30 00:38:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.12.30 00:38:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.12.30 00:38:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.12.30 00:38:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.12.30 00:38:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.12.30 00:38:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.12.29 10:30:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.12.29 09:53:22 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.12.29 09:46:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.12.29 09:46:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.12.29 09:46:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.12.29 09:46:41 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.12.29 09:46:25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.12.29 09:46:05 | 005,015,489 | R--- | C] (Swearware) -- C:\Users\sam\Desktop\ComboFix.exe [2012.12.28 23:50:22 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.12.28 23:34:40 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\sam\Desktop\tdsskiller.exe [2012.12.28 23:10:48 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\sam\Desktop\aswMBR.exe [2012.12.28 20:13:20 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012.12.28 20:06:10 | 000,000,000 | ---D | C] -- C:\Users\sam\Desktop\mbar [2012.12.28 17:47:16 | 000,000,000 | ---D | C] -- C:\Users\sam\Desktop\Bafög Antrag SS 2013 [2012.12.28 12:45:13 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Local\Programs [2012.12.28 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\Malwarebytes [2012.12.28 12:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.28 12:33:02 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Local\BMExplorer [2012.12.28 12:33:02 | 000,000,000 | ---D | C] -- C:\Users\sam\Documents\Bluetooth Folder [2012.12.28 11:36:08 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\Avira [2012.12.28 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.12.28 11:23:07 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.12.28 11:23:07 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.12.28 11:23:07 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.12.28 11:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.12.28 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.12.27 09:38:32 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Local\Systweak [2012.12.27 09:38:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.12.27 09:38:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2012.12.27 09:38:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2012.12.27 09:31:41 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\Systweak [2012.12.27 09:31:39 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe [2012.12.21 10:03:15 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.21 10:03:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.21 10:03:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.21 10:03:14 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.13 14:26:28 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.12.13 14:26:28 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.12.13 14:26:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.12.13 14:26:28 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.12.13 14:26:27 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.13 14:26:27 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.12.13 14:26:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.12.13 14:26:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.12.13 14:26:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.12.13 14:26:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.12.13 14:26:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.12.13 14:26:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.12.13 14:26:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.12.13 14:26:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.12.13 14:26:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.12.13 14:26:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 14:26:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 14:26:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 14:26:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 14:26:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 14:26:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 14:26:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 14:26:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.12.13 14:26:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.12.13 14:26:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 14:26:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 14:26:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 14:26:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 14:26:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 14:26:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 14:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 14:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 14:26:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.12.13 14:26:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 14:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 14:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 14:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 14:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.12.13 14:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.12.13 14:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.12.13 14:26:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.12.13 14:25:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.12.13 14:25:49 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.12.05 22:49:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.12.05 22:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.12.05 22:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.12.02 19:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2012.12.01 15:51:14 | 000,000,000 | ---D | C] -- C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN ========== Files - Modified Within 30 Days ========== [2012.12.30 11:17:02 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.30 11:17:02 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.30 11:16:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sam\Desktop\OTL.exe [2012.12.30 11:09:22 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [2012.12.30 11:09:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.30 11:08:51 | 376,119,295 | -HS- | M] () -- C:\hiberfil.sys [2012.12.30 11:00:47 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [2012.12.30 00:38:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.12.30 00:38:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.12.30 00:38:56 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.12.30 00:38:56 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.12.30 00:38:56 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.12.30 00:38:56 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.12.30 00:38:56 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.12.30 00:38:56 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.12.30 00:38:56 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.12.30 00:38:56 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.12.30 00:38:56 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.12.30 00:38:56 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.12.30 00:38:56 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.12.30 00:38:56 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.12.30 00:38:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.12.30 00:38:56 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.12.30 00:38:56 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.12.30 00:38:56 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.12.30 00:38:56 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.12.30 00:38:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.12.30 00:38:56 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.12.30 00:38:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.12.30 00:38:56 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.12.30 00:38:56 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.12.30 00:38:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.12.30 00:38:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.12.30 00:38:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.12.30 00:38:56 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.12.30 00:38:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.12.30 00:38:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.12.30 00:38:56 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.12.30 00:38:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.12.30 00:38:56 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.12.30 00:38:56 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.12.30 00:38:56 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.12.30 00:38:56 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.12.30 00:38:56 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.12.30 00:38:56 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.12.30 00:38:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.12.30 00:38:56 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.12.30 00:38:56 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.12.30 00:38:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.12.30 00:38:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.12.30 00:38:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.12.30 00:38:56 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.12.30 00:38:56 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.12.30 00:38:56 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.12.30 00:38:56 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.12.30 00:38:56 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.12.30 00:38:56 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.12.30 00:38:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.12.30 00:38:56 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.12.30 00:38:56 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.12.30 00:38:56 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.12.30 00:38:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.12.30 00:38:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.12.30 00:38:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.12.30 00:38:56 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.12.30 00:38:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.12.30 00:38:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.12.30 00:38:56 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.12.30 00:38:56 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.12.30 00:38:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.12.30 00:38:56 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.12.30 00:38:56 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.12.30 00:38:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.12.30 00:38:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.12.30 00:38:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.12.30 00:38:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.12.30 00:38:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.12.30 00:38:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.12.30 00:38:56 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.12.30 00:38:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.12.30 00:38:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.12.29 23:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.29 22:32:00 | 000,551,997 | ---- | M] () -- C:\Users\sam\Desktop\adwcleaner.exe [2012.12.29 09:45:06 | 005,015,489 | R--- | M] (Swearware) -- C:\Users\sam\Desktop\ComboFix.exe [2012.12.29 09:25:12 | 000,001,049 | ---- | M] () -- C:\Users\sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.29 09:25:04 | 000,001,013 | ---- | M] () -- C:\Users\sam\Desktop\Dropbox.lnk [2012.12.28 23:50:20 | 627,048,426 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.12.28 23:24:58 | 000,000,512 | ---- | M] () -- C:\Users\sam\Desktop\MBR.dat [2012.12.28 23:21:28 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\sam\Desktop\tdsskiller.exe [2012.12.28 23:10:50 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\sam\Desktop\aswMBR.exe [2012.12.28 20:06:40 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.12.28 20:06:40 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.12.28 20:06:40 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.12.28 20:06:40 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.12.28 20:06:40 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.12.28 16:15:55 | 000,001,973 | ---- | M] () -- C:\Users\sam\Desktop\Skype.lnk [2012.12.26 17:28:38 | 000,573,059 | ---- | M] () -- C:\Users\sam\Desktop\BP finale version.pdf [2012.12.26 14:11:38 | 000,108,158 | ---- | M] () -- C:\Users\sam\Desktop\Sonderbilanz.pdf [2012.12.23 14:47:39 | 000,000,832 | ---- | M] () -- C:\Users\sam\Desktop\Logo 50+ GmbH.rtf [2012.12.22 15:56:34 | 000,132,927 | ---- | M] () -- C:\Users\sam\Desktop\Stl1_teil9.pdf [2012.12.22 10:29:24 | 000,428,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.12.18 23:21:00 | 000,472,569 | ---- | M] () -- C:\Users\sam\Desktop\Ticket zum Schatz.pdf [2012.12.17 15:53:17 | 000,198,003 | ---- | M] () -- C:\Users\sam\Desktop\dls_kurzgefasst_berufliche_netzwerke.pdf [2012.12.17 14:21:56 | 000,322,098 | ---- | M] () -- C:\Users\sam\Desktop\Soziale Unterstuetzung.pdf [2012.12.16 23:58:58 | 000,385,914 | ---- | M] () -- C:\Users\sam\Desktop\Netzwerke_Bewertung_top.pdf [2012.12.16 18:21:33 | 002,943,682 | ---- | M] () -- C:\Users\sam\Desktop\12.11.23_Endgültiger_Bericht_V4.pdf [2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.16 14:35:50 | 000,015,032 | ---- | M] () -- C:\Users\sam\Desktop\UEbersicht__Haftung_GbR_-_OHG_-_KG_.pdf [2012.12.12 14:46:32 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.12.12 14:46:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.12.10 09:20:47 | 004,347,569 | ---- | M] () -- C:\Users\sam\Desktop\Unternehmensbesteuerung_WS_2012_2013.pdf [2012.12.10 09:18:26 | 000,078,559 | ---- | M] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_3_.pdf [2012.12.10 09:18:10 | 000,083,034 | ---- | M] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_2_.pdf [2012.12.10 09:17:56 | 000,092,474 | ---- | M] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_1_.pdf [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.12.01 15:51:15 | 000,001,117 | ---- | M] () -- C:\Users\sam\Desktop\OpenVPN GUI.lnk ========== Files Created - No Company Name ========== [2012.12.30 00:38:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.12.30 00:38:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.12.29 22:33:59 | 000,551,997 | ---- | C] () -- C:\Users\sam\Desktop\adwcleaner.exe [2012.12.29 09:46:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.12.29 09:46:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.12.29 09:46:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.12.29 09:46:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.12.29 09:46:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.12.28 23:50:20 | 627,048,426 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.12.28 23:24:58 | 000,000,512 | ---- | C] () -- C:\Users\sam\Desktop\MBR.dat [2012.12.28 16:15:55 | 000,001,973 | ---- | C] () -- C:\Users\sam\Desktop\Skype.lnk [2012.12.26 17:28:38 | 000,573,059 | ---- | C] () -- C:\Users\sam\Desktop\BP finale version.pdf [2012.12.26 14:11:38 | 000,108,158 | ---- | C] () -- C:\Users\sam\Desktop\Sonderbilanz.pdf [2012.12.23 14:47:38 | 000,000,832 | ---- | C] () -- C:\Users\sam\Desktop\Logo 50+ GmbH.rtf [2012.12.22 15:56:34 | 000,132,927 | ---- | C] () -- C:\Users\sam\Desktop\Stl1_teil9.pdf [2012.12.18 23:21:00 | 000,472,569 | ---- | C] () -- C:\Users\sam\Desktop\Ticket zum Schatz.pdf [2012.12.17 15:53:17 | 000,198,003 | ---- | C] () -- C:\Users\sam\Desktop\dls_kurzgefasst_berufliche_netzwerke.pdf [2012.12.17 14:21:56 | 000,322,098 | ---- | C] () -- C:\Users\sam\Desktop\Soziale Unterstuetzung.pdf [2012.12.16 23:58:58 | 000,385,914 | ---- | C] () -- C:\Users\sam\Desktop\Netzwerke_Bewertung_top.pdf [2012.12.16 18:21:31 | 002,943,682 | ---- | C] () -- C:\Users\sam\Desktop\12.11.23_Endgültiger_Bericht_V4.pdf [2012.12.16 14:35:50 | 000,015,032 | ---- | C] () -- C:\Users\sam\Desktop\UEbersicht__Haftung_GbR_-_OHG_-_KG_.pdf [2012.12.10 09:20:47 | 004,347,569 | ---- | C] () -- C:\Users\sam\Desktop\Unternehmensbesteuerung_WS_2012_2013.pdf [2012.12.10 09:18:26 | 000,078,559 | ---- | C] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_3_.pdf [2012.12.10 09:18:10 | 000,083,034 | ---- | C] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_2_.pdf [2012.12.10 09:17:56 | 000,092,474 | ---- | C] () -- C:\Users\sam\Desktop\UEbung_UB_Umsatzsteuer_1_.pdf [2012.12.01 15:51:15 | 000,001,117 | ---- | C] () -- C:\Users\sam\Desktop\OpenVPN GUI.lnk [2012.10.17 19:19:35 | 000,000,288 | ---- | C] () -- C:\Users\sam\AppData\Roaming\.backup.dm [2012.09.30 18:37:28 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.09.22 18:23:55 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.06.27 12:20:39 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini [2012.06.27 12:11:18 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012.06.27 12:11:18 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012.06.27 12:11:17 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012.06.27 12:11:17 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.06.27 12:09:01 | 000,001,333 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2012.03.28 19:13:21 | 000,000,445 | ---- | C] () -- C:\Windows\Prelaunch.ini [2012.03.28 19:13:21 | 000,000,395 | ---- | C] () -- C:\Windows\WisPriority.ini [2012.03.28 19:13:21 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini [2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.12.30 11:09:52 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Dropbox [2012.09.22 18:07:43 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Screensaver [2012.11.13 18:51:29 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\SoftGrid Client [2012.09.22 18:07:39 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Synaptics [2012.12.28 18:58:32 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\Systweak [2012.09.22 18:24:52 | 000,000,000 | ---D | M] -- C:\Users\sam\AppData\Roaming\TP ========== Purity Check ========== < End of report > [/CODE] |
30.12.2012, 11:40 | #19 |
| Automatische Startseite searchplusnetwork.com und hier die Extras.txt: OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 30.12.2012 11:20:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sam\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,80 Gb Total Physical Memory | 4,31 Gb Available Physical Memory | 74,30% Memory free 11,60 Gb Paging File | 9,93 Gb Available in Paging File | 85,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 449,55 Gb Total Space | 388,60 Gb Free Space | 86,44% Space Free | Partition Type: NTFS Drive E: | 480,09 Mb Total Space | 337,88 Mb Free Space | 70,38% Space Free | Partition Type: FAT Computer Name: SAM-PC | User Name: sam | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D66E71F-11FD-4A9F-A861-47DE1C0C2CCE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{169094BC-B521-45C3-86F1-DA6830A0F12F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{234FB2AA-BF7E-4060-A6CE-032B7EADA1A8}" = rport=137 | protocol=17 | dir=out | app=system | "{2EC17F93-FB8A-413A-9F9B-E17B9DD8519B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{31237394-7873-41F1-84A9-B8D2A6CD041E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{44D76FE3-47D1-4D2F-9EBF-733455F1A470}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4CC6579D-ADED-4C5D-9755-216B47006161}" = rport=445 | protocol=6 | dir=out | app=system | "{53F03711-B737-4E57-85DE-CB0EC0E88EEE}" = rport=138 | protocol=17 | dir=out | app=system | "{5DC68632-8CAD-4977-847C-78FDF5AA3560}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{68E2F72A-C961-4C23-83BF-98B68884EC50}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{6F0146E7-B15B-4982-9E49-554D049F72B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{72D98132-8412-4564-9CF6-A2EC14170BD2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7ED2FBEE-68BE-458D-97CD-1AC02C533DE0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{86D9C3EF-5330-4136-B687-F0750B960363}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{91BDD783-2FF7-45FA-A63D-89595CF7EA86}" = lport=139 | protocol=6 | dir=in | app=system | "{95B91A39-BC5A-4CFF-B7E4-8EF34BC7D1BD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9BEACD54-FEE4-45EA-B266-5C63675A4B72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9C4F2776-DE0D-4C56-A2E5-76A4BFFB2A4B}" = lport=138 | protocol=17 | dir=in | app=system | "{9D47D788-C3BB-4903-820F-642669E8A22A}" = lport=10243 | protocol=6 | dir=in | app=system | "{9FC200A9-FBC6-4498-8C37-7BB7D4D930E3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B7C282E7-DCC7-42BF-8C5F-A77CA6594846}" = lport=137 | protocol=17 | dir=in | app=system | "{B8821550-B35F-4374-94F5-4AC27B9E27BE}" = lport=2869 | protocol=6 | dir=in | app=system | "{BB1BCDE1-9045-4887-9102-F76E16B54496}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C0BBF937-BDB2-47D2-BF66-D9CC759A1D81}" = lport=445 | protocol=6 | dir=in | app=system | "{CE6E6FE4-789B-4F87-8236-795FADC352F1}" = rport=10243 | protocol=6 | dir=out | app=system | "{E5FAC8F3-67BC-4849-8BF6-EFB43275474B}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1B7DED6C-AECF-48F6-8524-A1463B080F55}" = protocol=6 | dir=out | app=system | "{1BB04AB0-153C-4256-BE06-742A6C5E1CC2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{1C4DED76-48D2-497C-B6D8-F16A90543CEE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{1C8D1C05-1903-4B5D-B75D-C1D51C101DA7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{216ED651-A442-466D-8D5C-1AF452776722}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{2643B8D7-94F9-40F5-9490-31C53DE878CA}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe | "{26FDC1FC-078D-401F-B22B-9BEFC045B209}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{28B54B45-2E8A-4AF9-92A8-7781B076E3AE}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\musicplayer.exe | "{33E9D892-B24B-4367-AD68-00E2A02DCE47}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{4197D7EC-84AC-49B5-8B92-CD20B6CEC7CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{43707588-B2C7-4CD3-AFE6-C16E5EF2A793}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4E099463-E3A1-4314-BB51-FA1672AF90F7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{603F2F47-8800-4427-977B-1628074A2F69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6222CC4B-D2D9-469A-89A9-F8F37269E101}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{664C83DA-9D5B-4BE6-887A-D8D145A375A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{697C58F5-E39C-41AC-9C1B-2A3124B27BFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{69C8588F-B046-4908-89F3-13DC1B22A671}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\videoplayer.exe | "{6FDFA1FC-99BB-4756-A5B7-10D482F14456}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7059E85D-9A30-479D-A14A-BF61AE7EEF27}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{949C8386-1EAA-4E82-AAEE-2532110E23BA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{97D3A779-1D87-4721-9341-D5ACC5332E03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9F2660CC-E9CB-4BDC-994E-05FA24EE171D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{9FB6934B-3BC2-43ED-A05B-D53574DBA82B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A5209A73-3149-4882-BA17-D1C829BB15A6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A7682E5E-A96E-4D47-8DFD-B9794052AFB1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BA4ED90A-C430-4409-84B6-39C34271F0CE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{BCBED926-B7CF-49BC-B2C8-E8D1653F7183}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BED56ED6-DCE1-431A-823C-7181D8EB7656}" = protocol=17 | dir=in | app=c:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe | "{BF22559F-9EE2-4547-ACEC-2558F073BD08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C0F14A7B-A1AF-4044-9978-0B70158CF62D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C399ED25-0CED-4894-BA7A-F85939E6CF94}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C95779B0-7522-4962-A2FD-31A25FE733D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CE526F92-A0A7-4883-8726-F502738B8A26}" = protocol=6 | dir=in | app=c:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe | "{D5BF00A4-D7D3-4F90-9E3C-2DD1BCADB5F1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{DB010CFE-8718-4D8D-91D4-5602D9119516}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{E01CC4E8-F44E-4DFF-AB07-F7FC25C7EB25}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E4A1F063-3C54-4A81-A2A6-C410E14D5A23}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{EAA11006-2FEF-458F-BB4C-FB63EC599A66}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{EEC1B8BD-ED86-44CB-8021-C03C13F73FB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F3FC787B-ADE3-482B-8CFB-702B9433D023}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{F54D2EF8-205F-4159-A0A1-F7191720A5D8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{FA062C64-B7C3-4133-9014-68B76E0FB233}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "TCP Query User{0B7D5DC1-AA91-4C5F-A70B-ED18E298184D}C:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{85591F1B-8A80-4334-9B05-C88E396AABC6}C:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sam\appdata\roaming\dropbox\bin\dropbox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{36674AE9-6D3D-48D6-BC7B-209F556D65EE}" = Acer Instant Update Service "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.16 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.16 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "CutePDF Writer Installation" = CutePDF Writer 2.8 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}" = Fooz Kids Platform "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger "{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}" = clear.fi SDK - MVP 2 "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent "{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger "{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger "{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}" = clear.fi SDK- Movie 2 "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger "{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger "{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F77EF646-19EB-11E1-9A9E-984BE15F174E}" = Evernote v. 4.5.2 "{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "{FCDB0EF3-673C-FDCE-6498-750F51391660}" = Fooz Kids "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Avira AntiVir Desktop" = Avira Free Antivirus "ENTERPRISE" = Microsoft Office Enterprise 2007 "FoozKids" = Fooz Kids "Identity Card" = Identity Card "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "OpenVPN" = OpenVPN 2.1.1 "WildTangent acer Master Uninstall" = Acer Games "WinLiveSuite" = Windows Live Essentials "WTA-0e5637bb-0522-4673-83e5-3e2c6395870e" = Plants vs. Zombies - Game of the Year "WTA-2b519ea9-e83e-435d-b966-6af0d87dc1fb" = Insaniquarium Deluxe "WTA-2cbc4393-a6f0-4232-9893-c86e618ea6d4" = Bejeweled 3 "WTA-3b8869c6-ec76-4f87-8299-677c30ab7280" = FATE "WTA-3c54857d-fbb2-46d6-aae3-95bf6ecd9ec3" = Agatha Christie - Death on the Nile "WTA-442da359-9d6b-4253-a47a-72191175a780" = Final Drive: Nitro "WTA-4b83e57e-cd70-45d0-9cd3-39345001915e" = Slingo Deluxe "WTA-5826c229-9fa2-42dc-a156-c41af1a89da3" = Penguins! "WTA-6dcf733b-5996-47f7-a09e-1f51941dd1b4" = Tales of Lagoona "WTA-835ef07a-2c0c-4287-9b99-537da2c2cc36" = Virtual Villagers 4 - The Tree of Life "WTA-928a51ba-4cc3-4fd9-b23f-b06376135473" = John Deere Drive Green "WTA-943cce60-a416-4291-9043-f2bd0ab757bd" = Zuma Deluxe "WTA-9933fd37-12c7-4172-8cb8-101ac882357f" = Chuzzle Deluxe "WTA-a5df69b7-f186-43c2-a34e-b40c8dc4a4d7" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition "WTA-b97f537a-178c-4ccd-b4c3-ad63727c22dc" = Jewel Match 3 "WTA-bb5f22a9-97c3-4d4f-a55e-6e4ff200fa50" = Torchlight "WTA-bbedcc72-44d5-4bba-a0fc-0dbeb32e5902" = Polar Bowler "WTA-caceb8b9-4e17-4548-955a-07ece479dd72" = Wedding Dash ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3324255846-2831237359-2093235203-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 05.11.2012 05:39:32 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8D1UM1U\SoftonicDownloader_fuer_microsoft-office-2010-service-pack-1-sp1.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 05.11.2012 05:39:35 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8D1UM1U\SoftonicDownloader_fuer_microsoft-office-2010-service-pack-1-sp1.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 06.11.2012 11:54:35 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\sam\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\U8D1UM1U\softonicdownloader_fuer_microsoft-office-2010-service-pack-1-sp1.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 22.11.2012 19:01:35 | Computer Name = sam-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: POWERPNT.EXE, Version: 12.0.6600.1000, Zeitstempel: 0x4de50c7e Name des fehlerhaften Moduls: ppcore.dll, Version: 12.0.6654.5000, Zeitstempel: 0x4e8d280f Ausnahmecode: 0xc0000005 Fehleroffset: 0x005f22c0 ID des fehlerhaften Prozesses: 0x1500 Startzeit der fehlerhaften Anwendung: 0x01cdc8ec23255fd3 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft Office\Office12\ppcore.dll Berichtskennung: 8fdfdc99-34f8-11e2-b1fa-206a8a8b7079 Error - 25.11.2012 13:17:19 | Computer Name = sam-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16455, Zeitstempel: 0x5072b744 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.8112.16455, Zeitstempel: 0x5072c309 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000002c6674 ID des fehlerhaften Prozesses: 0x4e4 Startzeit der fehlerhaften Anwendung: 0x01cdcb2c727923f3 Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: f7615365-3723-11e2-acdb-206a8a8b7079 Error - 27.12.2012 04:36:08 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GIMXG62C\SoftonicDownloader_fuer_solicall.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 27.12.2012 04:36:15 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BRLN0QQ\SoftonicDownloader_fuer_solicall.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 27.12.2012 04:36:25 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BRLN0QQ\SoftonicDownloader_fuer_solicall.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 27.12.2012 04:36:27 | Computer Name = sam-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\sam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BRLN0QQ\SoftonicDownloader_fuer_solicall.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 28.12.2012 06:23:18 | Computer Name = sam-PC | Source = MsiInstaller | ID = 10005 Description = [ OSession Events ] Error - 22.11.2012 19:01:34 | Computer Name = sam-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10815 seconds with 8220 seconds of active time. This session ended with a crash. [ System Events ] Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst "NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst "Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 28.12.2012 11:04:13 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 28.12.2012 11:04:20 | Computer Name = sam-PC | Source = DCOM | ID = 10005 Description = Error - 28.12.2012 11:04:19 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: AFD avipbb avkmgr DfsC discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf Error - 28.12.2012 11:04:20 | Computer Name = sam-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > [/CODE] sorry, hab die Dateien wohl zu oft hoch geladen... alles hat nicht in eine Antwort gepasst... |
30.12.2012, 17:53 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Automatische Startseite searchplusnetwork.com Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
30.12.2012, 20:55 | #21 |
| Automatische Startseite searchplusnetwork.com Ergebnis Malwarebytes, scheinbar nix gefunden: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2012.12.30.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 sam :: SAM-PC [Administrator] Schutz: Deaktiviert 30.12.2012 20:50:26 mbam-log-2012-12-30 (20-50-26).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 232366 Laufzeit: 3 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
30.12.2012, 22:27 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Automatische Startseite searchplusnetwork.com Wie weit ist ESET denn?
__________________ Logfiles bitte immer in CODE-Tags posten |
30.12.2012, 22:36 | #23 |
| Automatische Startseite searchplusnetwork.com läuft seit 1:35 und hängt seit einer ewigkeit bei 99%, aber das Programm läuft noch... hat aber noch nix gefunden. hab vorhin noch 2 USB Sticks angesteckt, die in der infektionszeit im Einsatz waren... kein ahnung warum das so lange dauert, meine holde hat eigentlich nicht so viel schrott auf dem rechner, nur office dokumente und ein paar Bilder und der rechner ist noch dazu erst 2 monate alt.... fertig und nix gefunden :-) hier schon mal der log.txt - ich mache derweil weiter mit der deinstallation wie beschrieben... Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6844 # api_version=3.0.2 # EOSSerial=9196c561f79ece41bcd297ad480f8c72 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2012-12-30 09:40:17 # local_time=2012-12-30 10:40:17 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 96 23399 222326907 16185 0 # compatibility_mode=5893 16776573 100 94 30077 108533467 0 0 # scanned=125425 # found=0 # cleaned=0 # scan_time=5994 |
30.12.2012, 23:19 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Automatische Startseite searchplusnetwork.com Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
30.12.2012, 23:23 | #25 |
| Automatische Startseite searchplusnetwork.comvielen, vielen Dank für Deine Mühe!!!! Ich bin echt froh und natürlich meine Freundin erst recht ;-)!!!! Ich wünsch Dir morgen nen Guten Rutsch, viel Spaß beim Feiern und erfolgreiches neues Jahr mit hoffentlich weniger Viren |
30.12.2012, 23:24 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Automatische Startseite searchplusnetwork.com Dann wären wir durch! Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen: Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Automatische Startseite searchplusnetwork.com |
automatische, automatische startseite searchplusnetwork.com, computer, durchgeführt, eingefangen, ergebnis, falsch, forum, freundin, gefangen, geladen, gelöscht, gen, interne, internet, internet browser, malwarebytes, nichts, problem, rechner, registrierungsdatenbank, runter, seite, startseite, thema, unsicher, virus, öffnen |