|
Plagegeister aller Art und deren Bekämpfung: Arbeitsstationsdienst lässt sich nicht starten!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.02.2013, 18:04 | #31 |
| Arbeitsstationsdienst lässt sich nicht starten! JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.6.5 (02.18.2013:1) OS: Windows 7 Home Premium x64 Ran by Frank on 25.02.2013 at 13:47:18,38 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{977ae9cc-af83-45e8-9e03-e2798216e2d5} ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1} Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990} ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [File] C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\user.js Successfully deleted: [Folder] C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\smartbar Successfully deleted: [Folder] C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444} Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\webbooster@iminent.com Successfully deleted the following from C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\prefs.js user_pref("CT3205709.1000082.isPlayDisplay", "true"); user_pref("CT3205709.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}"); user_pref("CT3205709.1000234.TWC_TMP_city", "KOELN"); user_pref("CT3205709.1000234.TWC_TMP_country", "DE"); user_pref("CT3205709.1000234.TWC_country", "GERMANY"); user_pref("CT3205709.1000234.TWC_locId", "GMNW0005"); user_pref("CT3205709.1000234.TWC_location", "Koeln, Germany"); user_pref("CT3205709.1000234.TWC_region", "DE"); user_pref("CT3205709.1000234.TWC_temp_dis", "c"); user_pref("CT3205709.1000234.TWC_wind_dis", "kmh"); user_pref("CT3205709.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"3°C\",\"temperatureClear\":\"3°C\",\"highTemperature\":\"3°C\",\"lowTemperature\":\"2°C\ user_pref("CT3205709.CBOpenMAMSettings.enc", "MA=="); user_pref("CT3205709.CT3205709ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyNjIxODglMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMiV1MjcwOSUyMER1JTIwaGFzdCUyMCUyODMlMjklMjBMb3ZlJ user_pref("CT3205709.CT3205709current_term.enc", ""); user_pref("CT3205709.CT3205709sdate.enc", "Mw=="); user_pref("CT3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3205709.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3205709.FirstTime", "true"); user_pref("CT3205709.FirstTimeFF3", "true"); user_pref("CT3205709.LoginRevertSettingsEnabled", true); user_pref("CT3205709.PG_ENABLE", "dHJ1ZQ=="); user_pref("CT3205709.PrintItGreenStatus.enc", "dHJ1ZQ=="); user_pref("CT3205709.RevertSettingsEnabled", true); user_pref("CT3205709.SearchAppState.enc", "Mw=="); user_pref("CT3205709.SearchAppTracking.enc", "MQ=="); user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&q="); user_pref("CT3205709.UserID", "UN32089301070422027"); user_pref("CT3205709.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT3205709.autoDisableScopes", -1); user_pref("CT3205709.browser.search.defaultthis.engineName", true); user_pref("CT3205709.cb_experience_000.enc", "MjI="); user_pref("CT3205709.cb_firstuse0100.enc", "MQ=="); user_pref("CT3205709.cb_user_id_000.enc", "Q0I3MzQwNjM2NzI5NzVfMTM1ODUyMDU3MDQ5Ml9GaXJlZm94"); user_pref("CT3205709.cbcountry_001.enc", "REU="); user_pref("CT3205709.cbfirsttime.enc", "V2VkIEphbiAxNiAyMDEzIDEzOjQ0OjI3IEdNVCswMTAw"); user_pref("CT3205709.defaultSearch", "true"); user_pref("CT3205709.enableAlerts", "always"); user_pref("CT3205709.enableFix404ByUser", "TRUE"); user_pref("CT3205709.enableSearchFromAddressBar", "true"); user_pref("CT3205709.firstTimeDialogOpened", "true"); user_pref("CT3205709.fixPageNotFoundError", "true"); user_pref("CT3205709.fixPageNotFoundErrorByUser", "true"); user_pref("CT3205709.fixPageNotFoundErrorInHidden", "true"); user_pref("CT3205709.fixUrls", true); user_pref("CT3205709.hxxp___cdn_printitgreen_com.APP_WIN_FEATURES", "resizable=no,hscroll=no,vscroll=no,savelocation=no,saveresizedsize=no,closebutton=no,openposition=center") user_pref("CT3205709.hxxp___printitgreen_com.APP_WIN_FEATURES", "resizable=no,hscroll=no,vscroll=no,savelocation=no,saveresizedsize=no,closebutton=no,openposition=center"); user_pref("CT3205709.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc user_pref("CT3205709.installId", "nontest"); user_pref("CT3205709.installType", "ConduitNSISIntegration"); user_pref("CT3205709.isCheckedStartAsHidden", true); user_pref("CT3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3205709.isFirstTimeToolbarLoading", "false"); user_pref("CT3205709.isNewTabEnabled", true); user_pref("CT3205709.isPerformedSmartBarTransition", "true"); user_pref("CT3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT3205709.keyword", true); user_pref("CT3205709.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3205709&octid=CT3205709&SearchSource=15&CUI=UN3208930107042202 user_pref("CT3205709.lastVersion", "10.14.65.43"); user_pref("CT3205709.migrateAppsAndComponents", true); user_pref("CT3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.sockshare.com%2Ffile%2FE5164A426A3A6C95%23\",\"EB_MAIN_FRAME_TI user_pref("CT3205709.openThankYouPage", "false"); user_pref("CT3205709.openUninstallPage", "true"); user_pref("CT3205709.search.searchAppId", "129780988072000786"); user_pref("CT3205709.search.searchCount", "0"); user_pref("CT3205709.searchInNewTabEnabledByUser", "true"); user_pref("CT3205709.searchInNewTabEnabledInHidden", "true"); user_pref("CT3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3205709.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3205709.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3205709\"}"); user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BrotherSoftExtreme3.OurToolbar.com//xpi\"}"); user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BrotherSoft Extreme3\"}"); user_pref("CT3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3205709.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT3205709.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359204898128"); user_pref("CT3205709.serviceLayer_services_appsMetadata_lastUpdate", "1359822197100"); user_pref("CT3205709.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359550848713"); user_pref("CT3205709.serviceLayer_services_login_10.10.27.500_lastUpdate", "1354891410443"); user_pref("CT3205709.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359059251503"); user_pref("CT3205709.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360571671815"); user_pref("CT3205709.serviceLayer_services_login_10.14.65.43_lastUpdate", "1361730655037"); user_pref("CT3205709.serviceLayer_services_optimizer_lastUpdate", "1351181037356"); user_pref("CT3205709.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359550848609"); user_pref("CT3205709.serviceLayer_services_searchAPI_lastUpdate", "1359802275635"); user_pref("CT3205709.serviceLayer_services_serviceMap_lastUpdate", "1361701205622"); user_pref("CT3205709.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359550848334"); user_pref("CT3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1361742293017"); user_pref("CT3205709.serviceLayer_services_translation_lastUpdate", "1361701205741"); user_pref("CT3205709.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1359822197700"); user_pref("CT3205709.serviceLayer_services_userApps_lastUpdate", "1359822197731"); user_pref("CT3205709.settingsINI", true); user_pref("CT3205709.shouldFirstTimeDialog", "false"); user_pref("CT3205709.smartbar.CTID", "CT3205709"); user_pref("CT3205709.smartbar.Uninstall", "0"); user_pref("CT3205709.smartbar.homepage", true); user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 "); user_pref("CT3205709.startPage", "userChanged"); user_pref("CT3205709.toolbarBornServerTime", "30-9-2012"); user_pref("CT3205709.toolbarCurrentServerTime", "24-2-2013"); user_pref("CT3205709.upgradeFromClearSBVersion", true); user_pref("CT3205709.url_history0001.enc", "aHR0cDovL2tpbm94LnRvL1N0cmVhbS9UaGVfQmlnX0JhbmdfVGhlb3J5Lmh0bWwjOjo6Y2xpY2toYW5kbGVyOjo6MTM1OTgwMzMyNjAzMywsLGh0dHA6Ly9raW5veC50by9 user_pref("CT3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1361796598797,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0} user_pref("CT3240727.1000082.isPlayDisplay", "true"); user_pref("CT3240727.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california. user_pref("CT3240727.1000234.TWC_TMP_city", "KOELN"); user_pref("CT3240727.1000234.TWC_TMP_country", "DE"); user_pref("CT3240727.1000234.TWC_country", "GERMANY"); user_pref("CT3240727.1000234.TWC_locId", "GMNW0005"); user_pref("CT3240727.1000234.TWC_location", "Koeln, Germany"); user_pref("CT3240727.1000234.TWC_region", "DE"); user_pref("CT3240727.1000234.TWC_temp_dis", "c"); user_pref("CT3240727.1000234.TWC_wind_dis", "kmh"); user_pref("CT3240727.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"4°C\",\"temperatureClear\":\"4°C\",\"highTemperature\":\"3°C\",\"lowTemperature\":\"2°C\ user_pref("CT3240727.CBOpenMAMSettings.enc", "MA=="); user_pref("CT3240727.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3240727.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3240727.FirstTime", "true"); user_pref("CT3240727.FirstTimeFF3", "true"); user_pref("CT3240727.LoginRevertSettingsEnabled", true); user_pref("CT3240727.PG_ENABLE", "dHJ1ZQ=="); user_pref("CT3240727.RevertSettingsEnabled", true); user_pref("CT3240727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=2&CUI=UN26736811875978932&q="); user_pref("CT3240727.UserID", "UN26736811875978932"); user_pref("CT3240727.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT3240727.amazonNew_All.enc", "MzY3MDkzMSwzNjY1OTgxLDM2NTgwNzEsMzY5MDAyMSwzNjc0MzUxLDM2ODQ5NDEsMjAxMzAzM1pyZi85ZndjU2VHSTlyTGtaUXNBZlEsMjAxMzAzM0JLMUVjenJqUWF1WWtYY user_pref("CT3240727.appButtonDisablenull.enc", "MA=="); user_pref("CT3240727.autoDisableScopes", -1); user_pref("CT3240727.browser.search.defaultthis.engineName", "true"); user_pref("CT3240727.cbcountry_001.enc", "REU="); user_pref("CT3240727.cbfirsttime.enc", "U3VuIEZlYiAwMyAyMDEzIDA5OjMwOjUwIEdNVCswMTAw"); user_pref("CT3240727.defaultSearch", "true"); user_pref("CT3240727.enableAlerts", "always"); user_pref("CT3240727.enableFix404ByUser", "FALSE"); user_pref("CT3240727.enableSearchFromAddressBar", "true"); user_pref("CT3240727.firstTimeDialogOpened", "true"); user_pref("CT3240727.fixPageNotFoundError", "true"); user_pref("CT3240727.fixPageNotFoundErrorByUser", "true"); user_pref("CT3240727.fixPageNotFoundErrorInHidden", "true"); user_pref("CT3240727.fixUrls", true); user_pref("CT3240727.hxxp___pinterest_aot_im.isEnabled.enc", "WQ=="); user_pref("CT3240727.installDate", "3/2/2013 9:29:20"); user_pref("CT3240727.installId", "conduitinstaller.exe"); user_pref("CT3240727.installType", "conduitnsisintegration"); user_pref("CT3240727.isCheckedStartAsHidden", true); user_pref("CT3240727.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3240727.isFirstTimeToolbarLoading", "false"); user_pref("CT3240727.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT3240727.keyword", "true"); user_pref("CT3240727.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3240727&octid=CT3240727&SearchSource=15&CUI=UN2673681187597893 user_pref("CT3240727.lastVersion", "10.14.42.7"); user_pref("CT3240727.mam_gk_installer_preapproved.enc", "ZmFsc2U="); user_pref("CT3240727.migrateAppsAndComponents", true); user_pref("CT3240727.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.trojaner-board.de%2F130573-arbeitsstationsdienst-laesst-starten user_pref("CT3240727.openThankYouPage", "false"); user_pref("CT3240727.openUninstallPage", "true"); user_pref("CT3240727.price-gong.isManagedApp", "true"); user_pref("CT3240727.revertSettingsEnabled", "false"); user_pref("CT3240727.search.searchAppId", "10000002"); user_pref("CT3240727.search.searchCount", "0"); user_pref("CT3240727.searchInNewTabEnabledByUser", "true"); user_pref("CT3240727.searchInNewTabEnabledInHidden", "true"); user_pref("CT3240727.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3240727.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT3240727.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3240727\"}"); user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://findr.OurToolbar.com//xpi\"}"); user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"findr\"}"); user_pref("CT3240727.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT3240727.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359880240639"); user_pref("CT3240727.serviceLayer_services_appsMetadata_lastUpdate", "1359880240505"); user_pref("CT3240727.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359880240295"); user_pref("CT3240727.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360146445276"); user_pref("CT3240727.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359880240400"); user_pref("CT3240727.serviceLayer_services_searchAPI_lastUpdate", "1359880237887"); user_pref("CT3240727.serviceLayer_services_serviceMap_lastUpdate", "1360082658435"); user_pref("CT3240727.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359880240206"); user_pref("CT3240727.serviceLayer_services_toolbarSettings_lastUpdate", "1360146445257"); user_pref("CT3240727.serviceLayer_services_translation_lastUpdate", "1360082658628"); user_pref("CT3240727.settingsINI", true); user_pref("CT3240727.shouldFirstTimeDialog", "false"); user_pref("CT3240727.smartbar.CTID", "CT3240727"); user_pref("CT3240727.smartbar.Uninstall", "0"); user_pref("CT3240727.smartbar.homepage", "true"); user_pref("CT3240727.smartbar.toolbarName", "findr "); user_pref("CT3240727.startPage", "true"); user_pref("CT3240727.toolbarBornServerTime", "3-2-2013"); user_pref("CT3240727.toolbarCurrentServerTime", "6-2-2013"); user_pref("CT3240727.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U="); user_pref("CT3240727.url_history0001.enc", "aHR0cDovL2tpbm94LnRvL1N0cmVhbS9UaGVfQmlnX0JhbmdfVGhlb3J5Lmh0bWwjOjo6Y2xpY2toYW5kbGVyOjo6MTM1OTg4MzUxNzQyMiwsLGh0dHA6Ly9raW5veC50by9 user_pref("CT3240727_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1360150078981,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0} user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3240727&SearchSource=13&CUI=UN26736811875978932"); user_pref("Smartbar.ConduitSearchEngineList", ""); user_pref("Smartbar.ConduitSearchUrlList", ""); user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="); user_pref("Smartbar.keywordURLSelectedCTID", "CT3240727"); user_pref("WebVideoDownloaderHistory.HistoryArray_345.url", "hxxp://o-o.preferred.hansenet-dus1.v10.lscache2.c.youtube.com/videoplayback?id=2b174f3548f7ad8a&sver=3&key=yt1&bur user_pref("WebVideoDownloaderHistory.HistoryArray_346.url", "hxxp://o-o.preferred.hansenet-dus1.v10.lscache2.c.youtube.com/videoplayback?id=2b174f3548f7ad8a&fexp=914037%2C9193 user_pref("WebVideoDownloaderHistory.HistoryArray_354.url", "hxxp://o-o.preferred.ber01s06.v8.nonxt8.c.youtube.com/videoplayback?id=0a4be937c74ee0e2&ms=nxu&ip=78.49.71.72&cm2= user_pref("WebVideoDownloaderHistory.HistoryArray_355.url", "hxxp://o-o.preferred.ber01s07.v8.nonxt8.c.youtube.com/videoplayback?id=0a4be937c74ee0e2&ms=nxu&ip=78.49.71.72&sour user_pref("WebVideoDownloaderHistory.HistoryArray_383.url", "hxxp://o-o.preferred.hansenet-dus1.v19.lscache5.c.youtube.com/videoplayback?fexp=914037%2C919330%2C911634%2C907217 user_pref("WebVideoDownloaderHistory.HistoryArray_396.url", "hxxp://o-o.preferred.hansenet-dus1.v9.lscache4.c.youtube.com/videoplayback?id=95da3d74b841165f&ms=au&itag=34&sourc user_pref("WebVideoDownloaderHistory.HistoryArray_397.url", "hxxp://o-o.preferred.hansenet-dus1.v9.lscache4.c.youtube.com/videoplayback?id=95da3d74b841165f&burst=40&ms=au&ipbi user_pref("WebVideoDownloaderHistory.HistoryArray_398.url", "hxxp://o-o.preferred.hansenet-dus1.v9.lscache4.c.youtube.com/videoplayback?id=95da3d74b841165f&sver=3&expire=13425 user_pref("WebVideoDownloaderHistory.HistoryArray_584.url", "hxxp://o-o---preferred---hansenet-dus1---v24---lscache3.c.youtube.com/videoplayback?algorithm=throttle-factor&burs user_pref("WebVideoDownloaderHistory.HistoryArray_613.url", "hxxp://o-o---preferred---hansenet-dus1---v16---lscache4.c.youtube.com/videoplayback?algorithm=throttle-factor&burs user_pref("WebVideoDownloaderHistory.HistoryArray_619.url", "hxxp://o-o---preferred---hansenet-dus1---v4---lscache6.c.youtube.com/videoplayback?algorithm=throttle-factor&burst user_pref("WebVideoDownloaderHistory.HistoryArray_621.url", "hxxp://r1---hansenet-dus1.c.youtube.com/videoplayback?algorithm=throttle-factor&burst=40&cp=U0hTSlRTUV9MUkNOM19MTV user_pref("WebVideoDownloaderHistory.HistoryArray_622.url", "hxxp://o-o---preferred---hansenet-dus1---v9---lscache1.c.youtube.com/videoplayback?algorithm=throttle-factor&burst user_pref("browser.search.defaultthis.engineName", "findr Customized Web Search"); user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=3&q={searchTerms}&CUI=UN26736811875978932"); user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3240727&SearchSource=13&CUI=UN26736811875978932"); user_pref("ct3205709.1000082.isDisplayHidden", "true"); user_pref("ct3205709.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}"); user_pref("ct3205709.1000234.TWC_TMP_city", "KOELN"); user_pref("ct3205709.1000234.TWC_TMP_country", "DE"); user_pref("ct3205709.CBOpenMAMSettings.enc", "MA=="); user_pref("ct3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("ct3205709.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("ct3205709.FirstTime", "true"); user_pref("ct3205709.FirstTimeFF3", "true"); user_pref("ct3205709.LoginRevertSettingsEnabled", true); user_pref("ct3205709.PrintItGreenStatus.enc", "dHJ1ZQ=="); user_pref("ct3205709.RevertSettingsEnabled", true); user_pref("ct3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&q="); user_pref("ct3205709.UserID", "UN93431632582257758"); user_pref("ct3205709.addressBarTakeOverEnabledInHidden", "true"); user_pref("ct3205709.browser.search.defaultthis.engineName", true); user_pref("ct3205709.cb_experience_000.enc", "Ng=="); user_pref("ct3205709.cb_firstuse0100.enc", "MQ=="); user_pref("ct3205709.cb_user_id_000.enc", "Q0I5Mjc5ODQ5OTMwNTVfMTM1NzMwNDkwMjY5MF9GaXJlZm94"); user_pref("ct3205709.cbcountry_001.enc", "REU="); user_pref("ct3205709.cbfirsttime.enc", "V2VkIERlYyAxMiAyMDEyIDE1OjMwOjMzIEdNVCswMTAw"); user_pref("ct3205709.ct3205709ads1.enc", "JTdCJTIyYWRzJTIyJTNBJTVCJTdCJTIyYWlkJTIyJTNBJTIyNTExNDYlMjIlMkMlMjJ0aXRsZSUyMiUzQSUyMiV1MjVDRiUyMFlvdSUyMEhhdmUlMjAlMjg2JTI5JTIwTWVzc user_pref("ct3205709.ct3205709current_term.enc", "dGF5bG9yK2F0ZWxpYW4="); user_pref("ct3205709.ct3205709sdate.enc", "MTU="); user_pref("ct3205709.embeddedsData", "[{\"appId\":\"129780988072000786\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get user_pref("ct3205709.enableAlerts", "always"); user_pref("ct3205709.firstTimeDialogOpened", "true"); user_pref("ct3205709.fixPageNotFoundErrorInHidden", "true"); user_pref("ct3205709.fixUrls", true); user_pref("ct3205709.hxxp___cdn_printitgreen_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLGhzY3JvbGw9bm8sdnNjcm9sbD1ubyxzYXZlbG9jYXRpb249bm8sc2F2ZXJlc2l6ZWRzaXplPW5vLGNsb3NlYn user_pref("ct3205709.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc user_pref("ct3205709.installType", "DirectDownload"); user_pref("ct3205709.isCheckedStartAsHidden", true); user_pref("ct3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("ct3205709.isFirstTimeToolbarLoading", "false"); user_pref("ct3205709.isNewTabEnabled", false); user_pref("ct3205709.isPerformedSmartBarTransition", "true"); user_pref("ct3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("ct3205709.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("ct3205709.keyword", true); user_pref("ct3205709.migrateAppsAndComponents", true); user_pref("ct3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"€ 5,97\\r\\n€ 9,98 \\tbis € 19,97 \\t= \\t€ 4,97\\r\\n€ 19,98 \\tbis € 29,97 \\t= \\t€ 3,97 user_pref("ct3205709.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("ct3205709.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\"WEATHER\\\"]\"}"); user_pref("ct3205709.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"12\\\\/13\\\\/2012 01\\\"}\"}"); user_pref("ct3205709.price-gong.isManagedApp", "true"); user_pref("ct3205709.search.searchAppId", "129780988072000786"); user_pref("ct3205709.search.searchCount", "0"); user_pref("ct3205709.searchInNewTabEnabled", "false"); user_pref("ct3205709.searchInNewTabEnabledInHidden", "true"); user_pref("ct3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("ct3205709.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("ct3205709.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"ct3205709\"}"); user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BrotherSoftExtreme3.OurToolbar.com//xpi\"}"); user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BrotherSoft Extreme3\"}"); user_pref("ct3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("ct3205709.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1358090090798"); user_pref("ct3205709.serviceLayer_services_appsMetadata_lastUpdate", "1358198701874"); user_pref("ct3205709.serviceLayer_services_clientErrorLog_lastUpdate", "1355398361894"); user_pref("ct3205709.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1358281521426"); user_pref("ct3205709.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358281517604"); user_pref("ct3205709.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1358281522734"); user_pref("ct3205709.serviceLayer_services_searchAPI_lastUpdate", "1358263674056"); user_pref("ct3205709.serviceLayer_services_serviceMap_lastUpdate", "1358263553832"); user_pref("ct3205709.serviceLayer_services_toolbarContextMenu_lastUpdate", "1358281522366"); user_pref("ct3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1358281520453"); user_pref("ct3205709.serviceLayer_services_translation_lastUpdate", "1358263554217"); user_pref("ct3205709.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1358250054520"); user_pref("ct3205709.serviceLayer_services_userApps_lastUpdate", "1358250054540"); user_pref("ct3205709.settingsINI", true); user_pref("ct3205709.smartbar.CTID", "ct3205709"); user_pref("ct3205709.smartbar.Uninstall", "0"); user_pref("ct3205709.smartbar.toolbarName", "BrotherSoft Extreme3 "); user_pref("ct3205709.toolbarBornServerTime", "7-12-2012"); user_pref("ct3205709.toolbarCurrentServerTime", "15-1-2013"); user_pref("ct3205709.url_history0001.enc", "aHR0cDovL2tpbm94LnRvL1N0cmVhbS9JbW1lcl93aWVkZXJfSmltLmh0bWwjOjo6Y2xpY2toYW5kbGVyOjo6MTM1ODI4MTcwNTY4OSwsLGh0dHA6Ly9raW5veC50by9TdHJ user_pref("ct3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1358261067441,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0} user_pref("ct3240727.UserID", "UN26736811875978932"); user_pref("id_imbooster4web_v6.bubble_src", "hxxp%3A//toolbar.iminent.com/SocialNetworking/%3FvToolbar%3DIminent"); user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1349013364282"); user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent110", "1349013389895"); user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1349013364276"); user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1349013364286"); user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1349013364291"); user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=2&CUI=UN26736811875978932&q="); user_pref("smartBar.searchInNewTabOwner", "CT3205709"); user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3240727&SearchSource=13&CUI=UN26736811875978932"); user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT user_pref("smartbar.machineId", "JN5QQCKSO82LLUUMPWLFDW9ZDQZKYFQJFIURVZURYFDQM5EGXUUCP7ZIETVNUMYLXRVSQTTOQIXAMVIDIWLEJW"); user_pref("smartbar.originalHomepage", "hxxps://dub002.mail.live.com/default.aspx"); user_pref("smartbar.originalSearchAddressUrl", "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="); user_pref("smartbar.originalSearchEngine", "Search the web"); Emptied folder: C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\minidumps [90 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 25.02.2013 at 14:02:01,54 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.113 - Datei am 25/02/2013 um 15:00:02 erstellt # Aktualisiert am 23/02/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Frank - FRANK-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\Frank\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\END Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\CT3205709 Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\CT3240727 Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\extensions\{4373e9b4-0a12-4112-8e3d-36ded19ee3dd} Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5} Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\extensions\welcome@toolmin.com Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\Smartbar ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v18.0.2 (de) Datei : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\prefs.js Gelöscht : user_pref("CT3205709.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Gelöscht : user_pref("CT3205709.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"3°C\",\"temperatu[...] Gelöscht : user_pref("CT3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3205709.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Gelöscht : user_pref("CT3205709.FirstTime", "true"); Gelöscht : user_pref("CT3205709.FirstTimeFF3", "true"); Gelöscht : user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...] Gelöscht : user_pref("CT3205709.UserID", "UN55283311341806174"); Gelöscht : user_pref("CT3205709.addressBarTakeOverEnabledInHidden", "true"); Gelöscht : user_pref("CT3205709.browser.search.defaultthis.engineName", true); Gelöscht : user_pref("CT3205709.enableAlerts", "always"); Gelöscht : user_pref("CT3205709.enableFix404ByUser", "TRUE"); Gelöscht : user_pref("CT3205709.firstTimeDialogOpened", "true"); Gelöscht : user_pref("CT3205709.fixPageNotFoundErrorByUser", "TRUE"); Gelöscht : user_pref("CT3205709.fixPageNotFoundErrorInHidden", "true"); Gelöscht : user_pref("CT3205709.fixUrls", true); Gelöscht : user_pref("CT3205709.isCheckedStartAsHidden", true); Gelöscht : user_pref("CT3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3205709.isFirstTimeToolbarLoading", "false"); Gelöscht : user_pref("CT3205709.isPerformedSmartBarTransition", "true"); Gelöscht : user_pref("CT3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Gelöscht : user_pref("CT3205709.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3205709.keyword", true); Gelöscht : user_pref("CT3205709.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...] Gelöscht : user_pref("CT3205709.lastVersion", "10.14.65.43"); Gelöscht : user_pref("CT3205709.migrateAppsAndComponents", true); Gelöscht : user_pref("CT3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Gelöscht : user_pref("CT3205709.searchFromAddressBarEnabledByUser", "true"); Gelöscht : user_pref("CT3205709.searchInNewTabEnabledByUser", "true"); Gelöscht : user_pref("CT3205709.searchInNewTabEnabledInHidden", "true"); Gelöscht : user_pref("CT3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3205709.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Gelöscht : user_pref("CT3205709.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Gelöscht : user_pref("CT3205709.serviceLayer_services_login_10.14.65.43_lastUpdate", "1361797430045"); Gelöscht : user_pref("CT3205709.serviceLayer_services_serviceMap_lastUpdate", "1361797429877"); Gelöscht : user_pref("CT3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1361797430125"); Gelöscht : user_pref("CT3205709.serviceLayer_services_translation_lastUpdate", "1361797430037"); Gelöscht : user_pref("CT3205709.settingsINI", true); Gelöscht : user_pref("CT3205709.smartbar.CTID", "CT3205709"); Gelöscht : user_pref("CT3205709.smartbar.Uninstall", "0"); Gelöscht : user_pref("CT3205709.smartbar.homepage", true); Gelöscht : user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 "); Gelöscht : user_pref("CT3205709.toolbarCurrentServerTime", "25-2-2013"); Gelöscht : user_pref("CT3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Gelöscht : user_pref("CT3240727.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Gelöscht : user_pref("CT3240727.1000234.weatherData", "{\"icon\":\"28.png\",\"temperature\":\"4°C\",\"temperatu[...] Gelöscht : user_pref("CT3240727.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3240727.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Gelöscht : user_pref("CT3240727.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3240727.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Gelöscht : user_pref("CT3240727.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...] Gelöscht : user_pref("CT3240727.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...] Gelöscht : user_pref("CT3240727.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("CT3240727.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Gelöscht : user_pref("CT3240727.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Gelöscht : user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Gelöscht : user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT3240727.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Gelöscht : user_pref("CT3240727.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Gelöscht : user_pref("CT3240727_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=1[...] Gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "BrotherSoft Extreme3 Customized Web Search"); Gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709[...] Gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3205709"); Gelöscht : user_pref("browser.search.defaultenginename", "Search the web"); Gelöscht : user_pref("browser.search.order.1", "Search the web"); Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13&CUI[...] Gelöscht : user_pref("ct3205709.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Gelöscht : user_pref("ct3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("ct3205709.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Gelöscht : user_pref("ct3205709.embeddedsData", "[{\"appId\":\"129780988072000786\",\"apiPermissions\":{\"cross[...] Gelöscht : user_pref("ct3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("ct3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Gelöscht : user_pref("ct3205709.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Gelöscht : user_pref("ct3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"€ 5,97\\r\\n€ 9,98 \\tbis € 19[...] Gelöscht : user_pref("ct3205709.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Gelöscht : user_pref("ct3205709.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\[...] Gelöscht : user_pref("ct3205709.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...] Gelöscht : user_pref("ct3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Gelöscht : user_pref("ct3205709.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Gelöscht : user_pref("ct3205709.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Gelöscht : user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Gelöscht : user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Gelöscht : user_pref("ct3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Gelöscht : user_pref("ct3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Gelöscht : user_pref("ct3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&CU[...] Gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT3205709"); Gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13[...] Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Gelöscht : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Gelöscht : user_pref("smartbar.originalSearchAddressUrl", ""); Gelöscht : user_pref("smartbar.originalSearchEngine", "Search the web"); -\\ Opera v12.13.1734.0 Datei : C:\Users\Frank\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Die Datei ist sauber. Datei : C:\Users\Gast\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Die Datei ist sauber. ************************* AdwCleaner[S1].txt - [21483 octets] - [25/02/2013 15:00:02] ########## EOF - C:\AdwCleaner[S1].txt - [21544 octets] ########## OTL: Code:
ATTFilter OTL logfile created on: 25.02.2013 17:48:22 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frank\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 69,42% Memory free 15,82 Gb Paging File | 12,56 Gb Available in Paging File | 79,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 301,93 Gb Total Space | 55,01 Gb Free Space | 18,22% Space Free | Partition Type: NTFS Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink) PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC) PRC - C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () ========== Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) SRV - (Splashtop MDES) -- C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe (mst software GmbH, Germany) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH) DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes\{5895BA2C-841C-4749-B86C-CBC07A293553}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7BFCAB6FDD-5585-425b-95C1-5ED856F3FD08%7D:6.9 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.22 22:09:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.02.03 14:29:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.02.03 14:29:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.02.03 14:29:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 11:40:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 11:40:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 11:40:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 11:40:46 | 000,000,000 | ---D | M] [2011.12.09 22:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions [2013.02.25 15:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions [2013.02.14 13:22:35 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.09.16 20:22:51 | 000,304,450 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2013.02.25 14:01:50 | 000,001,096 | ---- | M] () -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\searchplugins\brothersoft-extreme3-customized-web-search.xml [2013.02.06 11:40:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.06 11:40:44 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2013.02.06 11:40:45 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak [2012.02.22 22:09:22 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2013.02.06 11:40:50 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.22 22:01:00 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.02.08 16:41:44 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\Toolbar\WebBrowser: (BrotherSoft Extreme3 Toolbar) - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S File not found O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42713A31-1749-4DB5-91DC-FE79CFCC532C}: NameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B023C04D-E2DD-4399-975A-9BFF60B791C9}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F72A33CB-0D97-46D0-8B73-02D4B5A20E02}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.25 13:38:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.02.25 13:38:10 | 000,000,000 | ---D | C] -- C:\JRT [2013.02.25 13:37:56 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Frank\Desktop\JRT.exe [2013.02.16 08:19:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.16 08:19:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.16 08:19:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.16 08:19:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.16 08:19:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.16 08:19:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.16 08:19:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.16 08:19:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.16 08:19:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.16 08:19:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.16 08:19:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.16 08:19:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.16 08:19:08 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.16 08:19:08 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.16 08:19:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 09:58:19 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 09:58:14 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 09:58:13 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 09:57:57 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 09:57:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 09:57:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 09:57:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 09:57:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 09:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.14 09:57:49 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.08 16:41:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.02.06 21:59:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support [2013.02.06 21:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.02.06 16:53:31 | 000,352,855 | ---- | C] (Farbar) -- C:\Users\Frank\Desktop\FSS.exe [2013.02.06 16:15:23 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Frank\Desktop\tdsskiller.exe [2013.02.06 13:20:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.02.06 13:20:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.02.06 13:20:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.02.06 13:19:14 | 027,448,224 | ---- | C] (TuneUp Software) -- C:\Users\Frank\Desktop\TuneUpUtilities2013_de-DE-4.exe [2013.02.06 13:13:04 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.02.06 13:12:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.02.06 13:10:08 | 005,030,592 | R--- | C] (Swearware) -- C:\Users\Frank\Desktop\ComboFix.exe [2013.02.06 11:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.05 17:45:24 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Frank\Desktop\aswMBR.exe [2013.02.04 22:24:05 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2013.02.04 22:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.02.04 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.02.04 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.02.04 22:19:49 | 088,946,664 | ---- | C] (Apple Inc.) -- C:\Users\Frank\Desktop\iTunes64Setup.exe [2013.02.04 17:48:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe [2013.02.04 08:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2013.02.04 08:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2013.02.03 21:32:54 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Chromium [2013.02.03 19:52:07 | 000,623,003 | ---- | C] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe [2013.02.03 19:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\Anti-Malware [2013.02.03 18:48:03 | 000,000,000 | ---D | C] -- C:\found.000 [2013.02.03 15:33:43 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\Malwarebytes [2013.02.03 15:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.03 15:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.03 15:33:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.02.03 15:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.02.03 15:25:42 | 000,000,000 | ---D | C] -- C:\PPF_Scan1 [2013.02.03 14:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2013.02.03 14:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013 [2013.02.03 14:30:25 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013.02.03 14:29:51 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.02.03 14:29:27 | 000,611,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.02.03 14:29:27 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys [2013.02.03 09:29:37 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2013.02.03 09:29:37 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2013.02.03 09:27:00 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013.02.03 09:26:58 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013.02.03 09:26:58 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013.02.03 09:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013.02.03 09:26:45 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\TuneUp Software [2013.02.03 09:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013.02.03 09:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.02.03 09:26:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.02.03 09:26:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.02.03 09:26:16 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\My Cheat Tables [2013.02.03 09:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2 [2013.02.03 09:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2 [2013.02.02 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Gameforge4d [2013.02.02 18:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live [2013.02.02 18:08:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameforgeLive [2013.02.02 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Programs [2013.01.27 17:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center [2013.01.27 17:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center [2013.01.27 13:01:48 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\Minecraft! [2013.01.27 03:16:56 | 005,113,072 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe [2013.01.26 20:17:08 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.01.26 20:17:08 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.01.26 20:16:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.01.26 20:16:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.01.26 20:16:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.25 17:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.25 17:46:42 | 000,000,342 | -H-- | M] () -- C:\dvmexp.idx [2013.02.25 15:12:34 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.25 15:12:34 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.25 15:03:33 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe [2013.02.25 15:03:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.25 15:03:10 | 2076,749,823 | -HS- | M] () -- C:\hiberfil.sys [2013.02.25 14:51:09 | 000,594,019 | ---- | M] () -- C:\Users\Frank\Desktop\adwcleaner.exe [2013.02.25 13:38:00 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Frank\Desktop\JRT.exe [2013.02.24 15:28:10 | 000,000,512 | ---- | M] () -- C:\Users\Frank\Desktop\MBR.dat [2013.02.18 11:57:36 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.18 11:57:36 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.18 11:57:36 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.18 11:57:36 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.18 11:57:36 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.16 08:38:22 | 000,547,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.10 06:47:24 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.10 06:47:23 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.08 16:41:44 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.02.08 16:26:12 | 005,030,592 | R--- | M] (Swearware) -- C:\Users\Frank\Desktop\ComboFix.exe [2013.02.07 23:36:23 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [2013.02.06 21:59:25 | 004,009,167 | ---- | M] () -- C:\Users\Frank\Desktop\ServicesRepair.exe [2013.02.06 21:50:59 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.06 16:53:36 | 000,352,855 | ---- | M] (Farbar) -- C:\Users\Frank\Desktop\FSS.exe [2013.02.06 16:15:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Frank\Desktop\tdsskiller.exe [2013.02.06 13:19:38 | 027,448,224 | ---- | M] (TuneUp Software) -- C:\Users\Frank\Desktop\TuneUpUtilities2013_de-DE-4.exe [2013.02.05 17:46:40 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Frank\Desktop\aswMBR.exe [2013.02.05 14:02:50 | 000,365,568 | ---- | M] () -- C:\Users\Frank\Desktop\gmer_2.0.18454.exe [2013.02.04 22:20:59 | 088,946,664 | ---- | M] (Apple Inc.) -- C:\Users\Frank\Desktop\iTunes64Setup.exe [2013.02.04 17:48:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe [2013.02.04 14:05:38 | 000,001,804 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.02.04 07:59:11 | 000,007,250 | ---- | M] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm [2013.02.03 19:52:05 | 000,623,003 | ---- | M] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe [2013.02.03 19:29:25 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.02.03 18:14:17 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.03 18:14:17 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.03 15:33:32 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.03 14:53:49 | 000,001,082 | ---- | M] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk [2013.02.03 14:30:25 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.02.03 14:20:28 | 000,002,486 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.02.03 09:26:09 | 000,001,091 | ---- | M] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk [2013.02.02 18:14:10 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\AION.lnk [2013.01.27 12:57:15 | 000,000,946 | ---- | M] () -- C:\Users\Frank\Desktop\LogMeIn Hamachi.lnk [2013.01.27 11:37:09 | 000,002,101 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013.01.27 03:16:29 | 005,113,072 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe [2013.01.26 20:16:34 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.01.26 20:16:33 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.01.26 20:16:33 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.01.26 20:16:33 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.01.26 20:16:33 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.01.26 20:16:33 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.25 14:51:04 | 000,594,019 | ---- | C] () -- C:\Users\Frank\Desktop\adwcleaner.exe [2013.02.07 23:36:23 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [2013.02.07 18:33:00 | 000,000,512 | ---- | C] () -- C:\Users\Frank\Desktop\MBR.dat [2013.02.06 21:58:50 | 004,009,167 | ---- | C] () -- C:\Users\Frank\Desktop\ServicesRepair.exe [2013.02.06 13:20:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.02.06 13:20:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.02.06 13:20:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.02.06 13:20:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.02.06 13:20:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.02.05 14:02:48 | 000,365,568 | ---- | C] () -- C:\Users\Frank\Desktop\gmer_2.0.18454.exe [2013.02.04 22:24:27 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.04 07:59:11 | 000,007,250 | ---- | C] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm [2013.02.03 19:29:25 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.02.03 15:33:32 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.03 15:23:56 | 000,010,240 | ---- | C] () -- C:\Users\Frank\Desktop\Erweiterter Scan.scp [2013.02.03 14:53:49 | 000,001,082 | ---- | C] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk [2013.02.03 14:30:49 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.02.03 09:26:54 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013.02.03 09:26:09 | 000,001,091 | ---- | C] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk [2013.02.02 18:14:10 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\AION.lnk [2013.01.27 12:57:15 | 000,000,946 | ---- | C] () -- C:\Users\Frank\Desktop\LogMeIn Hamachi.lnk [2013.01.04 12:30:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.01.04 12:30:58 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.07.24 20:20:03 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2012.06.12 15:06:16 | 000,233,545 | ---- | C] () -- C:\Windows\hpoins47.dat [2012.02.11 15:39:34 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.02.11 15:37:45 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat.temp [2012.02.06 19:35:25 | 000,017,408 | ---- | C] () -- C:\Users\Frank\AppData\Local\WebpageIcons.db [2012.01.30 15:57:55 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.12.21 15:30:47 | 000,003,584 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.13 21:11:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.12.13 21:11:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.12.11 20:40:09 | 000,000,000 | ---- | C] () -- C:\Users\Frank\AppData\Local\{B55A0129-9065-4945-819B-EF351192F335} [2011.12.10 16:05:45 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.10.12 19:18:15 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2011.10.12 19:00:19 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011.07.12 09:14:12 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.07.12 09:13:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.12 09:13:06 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.12 09:13:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.07.12 09:13:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.07.12 09:13:03 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.05.10 23:55:50 | 000,368,400 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
25.02.2013, 18:11 | #32 |
| Arbeitsstationsdienst lässt sich nicht starten! Extras.txt :
__________________Code:
ATTFilter OTL Extras logfile created on: 25.02.2013 17:48:22 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frank\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 69,42% Memory free 15,82 Gb Paging File | 12,56 Gb Available in Paging File | 79,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 301,93 Gb Total Space | 55,01 Gb Free Space | 18,22% Space Free | Partition Type: NTFS Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{026F28B2-4112-45D7-86C9-DF12DAFD671E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{04F13F12-B56A-45DF-8C87-19ABBBC547DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{05C2E10B-73AD-46B7-AE15-36B508DC9E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0A1CFD93-70BA-44AD-B349-BBCDFF1CF6AA}" = lport=445 | protocol=6 | dir=in | app=system | "{0D41A9F8-AEBD-40AF-BB6E-86AB2A1B5F2C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28D0B26B-8B52-477F-8EED-4850B30FD34A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2EA147DD-C580-42F4-88E6-303307743D54}" = rport=445 | protocol=6 | dir=out | app=system | "{3EE82233-EEF0-4F3F-BD41-EE03797E00D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{410C7CDE-ADD8-414A-A7CD-3E3843391B86}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{48E93503-3600-488F-9503-A917B6DC8D8F}" = rport=137 | protocol=17 | dir=out | app=system | "{4E00135A-770B-47DD-827A-E8330345F76A}" = lport=139 | protocol=6 | dir=in | app=system | "{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | "{5FA2DD1D-ECD6-4783-9E8C-4E6F37744F16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{60F08D0B-8ED7-4805-AA51-FC54BA88C39C}" = lport=138 | protocol=17 | dir=in | app=system | "{656CC142-A605-4762-978B-6E1CAA7B0B3A}" = lport=138 | protocol=17 | dir=in | app=system | "{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{775EDB99-44CA-4D31-8771-3B090610ABDB}" = rport=139 | protocol=6 | dir=out | app=system | "{791B4AF4-246C-4E1C-A822-D77FF9D90D9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7C84E8B4-292F-4387-A6FF-85F86F780646}" = lport=10243 | protocol=6 | dir=in | app=system | "{803A9BF5-E051-45F2-B1CF-EAAE68DA0574}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80FF73EF-B749-460F-B06B-582EE54C57F7}" = lport=137 | protocol=17 | dir=in | app=system | "{8A3A3441-7849-4DA7-BC90-1FB6646A4070}" = rport=137 | protocol=17 | dir=out | app=system | "{8A889400-2DB5-4FB5-826E-0B1EC5B8C74A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{94922B9A-C569-41CD-8266-59553D72EB4A}" = rport=138 | protocol=17 | dir=out | app=system | "{97E4330D-A257-4617-B034-7D0AA0648385}" = rport=10243 | protocol=6 | dir=out | app=system | "{A081DF58-AF75-4987-BC3A-BC94072C9C46}" = lport=445 | protocol=6 | dir=in | app=system | "{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | "{A8F55D9B-EB25-4ED8-939A-38A411C167C2}" = rport=445 | protocol=6 | dir=out | app=system | "{AE52A85A-FB5E-4A38-B8F6-D3BEA64996C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AF3EC28E-E7BB-49F9-9ACC-8A533507284C}" = lport=2869 | protocol=6 | dir=in | app=system | "{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B8CBE818-C542-4521-8916-FEF79F21153A}" = rport=138 | protocol=17 | dir=out | app=system | "{BBDDDA9C-86A9-4551-8218-CBE4E88E5D0B}" = lport=137 | protocol=17 | dir=in | app=system | "{D7104979-663D-4398-A2AD-B0EB928506FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{DF54EC2A-BC43-451B-A57A-5187BEE101A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EB1992A1-24EB-4970-A810-3F4BC14F1D21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EB3931EC-1871-460B-AAFD-6A39EE09CA30}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F61A0EBD-FA03-490B-8C98-30F4955A7611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FDB2458D-4D68-4AB7-8490-0CE92A842050}" = rport=139 | protocol=6 | dir=out | app=system | "{FE34F477-DBD8-4E2D-A75D-B50231451C54}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF4756A5-7BB0-4F3B-A022-6FF584D45218}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0087BA66-969B-4D93-9B9D-BCB7FEC560FD}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{033CF1F1-7967-44BE-B6C1-AA3D263E1610}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{074085CA-0F91-4F28-A926-C8AFCB938406}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{08A9F95D-7CDC-4D0B-A807-687B0B0A134D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{110E1EBB-D366-4823-8512-6BE2ADB34DFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{1241C853-A9BF-4C24-B856-F8EFDA7A4D8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1346C3D0-4EFC-486C-A4F1-6AB109432716}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{13F8DE5E-2D49-4CAE-9402-0845392D0B32}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{143B7CF2-8293-449B-9A54-675278E2E203}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1A1280C6-E72A-4BCF-85EA-92FDF2E34406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B56B178-8AE2-4BF1-93EB-8BA95EAC9B31}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{1C26B8E9-017F-48B7-9534-ABDC36BE5F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{257680F7-C301-4733-A1CF-E70C9DD71261}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{2A2BA377-2A73-44C3-853D-B8EFDC57B9EA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2B56AC0E-2D34-4B1A-8AD0-8EC520F1C278}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{2F7F2A47-15B9-4E0A-B3E1-4D5FE1F82727}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{33FC3C20-3C1E-4713-B306-EA370FD15C18}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{39886990-6DA5-435F-AF79-0BE2C649CFAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{3D981610-0DAE-471B-9D92-B7012BE7623F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{3DFEFF10-2FDE-4E7E-917B-1A7F20F5F87C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{3FBE5635-0BEB-49AD-9B5C-B9F8687D9560}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{41FED41A-41A4-441F-AA4B-45D3DE83AAC0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{42545A11-14FD-46D1-9409-38A89B7989B1}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{43E1DB64-3946-4EB7-A429-56C85F8D3F86}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{499C344C-75F5-466C-824D-71569580D58A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{4C208F8A-0AF3-46CE-97E0-62F00C33B292}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{4CBC787C-2730-4E39-AE8C-4544A50D1D53}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{4D11A4DE-77D7-4073-A858-5101040D800B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{513803D3-2CBE-4AD7-888B-9FBB87B7F6F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5139507B-AE4F-4801-B58C-3F4462CE5BBE}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{57FFA164-EBE0-4AFF-B0F1-9BE45057C3F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{58A37FBC-C980-4DA4-BDFE-FA86530E1279}" = protocol=6 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{58C43DDC-31E4-46F8-AFAC-E8A91409832B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{5EDC770F-EEE8-4707-A500-4CF3A47B9E03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{608B7EA1-5255-4D45-89A8-DB05FB6C7F31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{63E82044-D25A-436B-98C6-39E3C701CFE4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{66D51F49-4790-4758-874E-8789F4563E77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{69808785-007A-4AB1-A6F6-CC94D0123ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{706BAAD3-6376-41B5-9A65-B278F7A0BE43}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{7099C2A9-3AEB-49DA-BD14-4F30C10341AE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{727CD718-E57E-4C2D-A18F-AD32A375FDE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{757EA4FA-DB8D-4070-9AEF-F724118944E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{76FE2EAD-41B2-46D4-9214-2545AE01306D}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{7A90EC93-89B2-4259-8F32-E009B82B3002}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7BF72C69-9170-4AD1-8925-BE127059083A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{7C151C6B-AD46-4AC0-B220-F3DAABF64036}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7FA06F0E-FB41-459B-BDCA-8EB52C7D0B43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7FE4D89C-CCED-4DFC-854D-BC55F793CFFF}" = protocol=17 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{853C20A7-0182-4439-8E9B-1BED0CC822CD}" = protocol=6 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{86689817-277B-47C7-94F9-A89F86C994DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{872A7F77-2BCB-4C25-980E-EC159538C93D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8928D9A5-C13F-497A-98E8-03D633F44079}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{894F2A3A-01D4-4696-9E2F-FAF1A60FB825}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{8C47B80B-36E6-4D5E-8DDF-2E66BE707A75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{9087C678-E140-427B-A315-61BC0A7D02CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{9B0DBA31-8CAD-4D9A-BFB9-0C1111D9AE66}" = protocol=6 | dir=out | app=system | "{9D78343A-DA63-4A71-9551-1BA7843A6A1C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{9E89F54A-8A8D-433F-9F47-0B6181230749}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{A18DDF2B-B1CC-4BAC-926A-AE3744A21AB5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{A80522B8-0C6A-4522-ACF0-634A77A676AD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A80E1F92-EC8F-419B-A1CE-A634831364A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B1E5F4A6-C366-4466-AC0C-CEEBABAF2136}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{B8032E5C-813E-4D55-9EC9-B5D9EADE9BC7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB2CBA44-51FB-498D-BB21-1758E8464CEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BDC4E9DB-AA26-4461-8BBF-0E1770911456}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{BE63B653-69A2-4B10-9AA6-C9F5D78A5377}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{C72241F6-7698-4FD3-A3FF-7BE96E70766B}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{C885D74D-EBB1-48C9-B859-931A654241A5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{C92CF1B2-8BF6-4E52-99E5-697911372680}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CBDE7739-94E4-4ACA-8F50-DFAC7A3F275F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{CE3B1A99-FA81-4F96-8562-BAA3F68BD881}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{D2AEAE29-34A6-44C7-8D62-E54D8936BCE5}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{D39FEFF8-49E6-46D9-B41C-5CCCC9A5F4B3}" = dir=in | app=e:\setup\hpznui40.exe | "{D4F0E4EE-F566-4AD3-86A0-B37ED5CB9F50}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D7F289E0-5350-4ED5-9C1A-7337486615EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{DCEAD13F-4E08-4E98-BA46-E82E5DAEC5D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DFC2B032-4F7B-4CEC-A127-EDC5D55A2C2C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E2315EF4-132E-4EB6-9572-1F453362F660}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{E8FC992F-084D-4BB7-B0A8-1BE47FCF0D93}" = protocol=17 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{EA54A53C-2F02-4D8A-AEA8-337E1AADDCB9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{EAA60805-57A5-4C15-AF0A-76B7B4F6D0F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EBE658DA-90BF-4F7F-A87E-5EBD79CA800F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EC467394-B11F-456A-8472-856A7358643F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F19A67D9-2FC7-498F-896C-05692DB83B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F30A4339-21FF-4CCA-B8B6-ED9B2921B4B8}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{F53F2B8E-35C7-47A3-8F8A-A5EBDFC33D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9FEF07C-8A6C-4F5B-8E04-34B8DFC678F5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{FFA64E37-BBF2-4E0A-BF70-B72BA01DD83E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "TCP Query User{7721DAA4-1550-4F46-BD81-9B3AE7BA3B96}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "TCP Query User{D694BC43-C580-4881-AD99-D9500562500D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{445C7303-C4CD-45F6-86D3-F5BD91E1B033}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{DD0BD112-2749-4C7A-9F5F-1B6CCD724E7D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit) "{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety "{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid "{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software "{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64 "{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11 (64-bit) "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety "{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft-Maus- und Tastatur-Center "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "MAXON8C02D5E0" = CINEMA 4D 12.048 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center "ProInst" = Intel PROSet Wireless "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.01 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi "{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery "{3966711E-1F98-4C9F-AE0B-6AD28137FE64}" = Multiple Image Resizer .NET 4 "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10 "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10 "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night "{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項 "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733B66AD-B771-4FA6-8DBF-765B820CC0EB}" = Langenscheidt Vokabeltrainer 6.0 Englisch "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires "{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren "{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend" "{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker "{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110 "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013 "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة "{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE) "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AmUStor" = Alcor Micro USB Card Reader "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.7 "Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.0.1 "Asus Vibe2.0" = AsusVibe2.0 "ASUS WebStorage" = ASUS WebStorage "AsusScr_N5_En" = AsusScr_N5_En "BrotherSoft_Extreme3 Toolbar" = BrotherSoft Extreme3 Toolbar "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "DivX Setup" = DivX-Setup "DPP" = Canon Utilities Digital Photo Professional 3.10 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EOS Sample Music" = Canon Utilities EOS Sample Music "EOS Utility" = Canon Utilities EOS Utility "EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX "Governor of Poker" = Governor of Poker "Hotel Dash Suite Success" = Hotel Dash Suite Success "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "IrfanView" = IrfanView (remove only) "Jewel Quest 3" = Jewel Quest 3 "JPEG ReSizer" = JPEG ReSizer (remove only) "LogMeIn Hamachi" = LogMeIn Hamachi "Luxor 3" = Luxor 3 "MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker "Mahjongg dimensions" = Mahjongg dimensions "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.1.8d "Mobile Partner" = Mobile Partner "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube "Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPE" = MyPhoneExplorer "Multiple Image Resizer .NET 4" = Multiple Image Resizer .NET 4 "MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Office14.SingleImage" = Microsoft Office Home and Business 2010 "Opera 12.13.1734" = Opera 12.13 "Origin" = Origin "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10 "Plants vs Zombies" = Plants vs Zombies "ProInst" = Intel PROSet Wireless "PunkBusterSvc" = PunkBuster Services "Rockstar Games Social Club" = Rockstar Games Social Club "TuneUp Utilities 2013" = TuneUp Utilities 2013 "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials "World of Goo" = World of Goo "xSIMS_Censor_Remover_TS3" = Sims 3 - Nude Censor Remover "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Kies Air Discovery Service" = Kies Air Discovery Service ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.02.2013 12:46:06 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Error - 25.02.2013 12:46:08 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: NOTEPAD.EXE, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc9b3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften Prozesses: 0x1460 Startzeit der fehlerhaften Anwendung: 0x01ce1361005dda74 Pfad der fehlerhaften Anwendung: C:\Windows\system32\NOTEPAD.EXE Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: d9e5a415-7f6a-11e2-951e-ac72891c556f Error encountered while reading event logs. < End of report > |
26.02.2013, 00:21 | #33 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten!Fixen mit OTL
Code:
ATTFilter :OTL SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH) IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes\{5895BA2C-841C-4749-B86C-CBC07A293553}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709 FF - user.js - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\Toolbar\WebBrowser: (BrotherSoft Extreme3 Toolbar) - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.) [2013.02.24 15:28:10 | 000,000,512 | ---- | M] () -- C:\Users\Frank\Desktop\MBR.dat :Files ipconfig /flushdns /c :Commands [purity] [emptytemp] [resethosts]
__________________ |
26.02.2013, 16:01 | #34 |
| Arbeitsstationsdienst lässt sich nicht starten!Code:
ATTFilter All processes killed ========== OTL ========== Service Update-Service stopped successfully! Service Update-Service deleted successfully! C:\Windows\SysWOW64\UpdSvc.dll moved successfully. Registry key HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5895BA2C-841C-4749-B86C-CBC07A293553}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5895BA2C-841C-4749-B86C-CBC07A293553}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{62D40876-DF18-411F-9D34-A9DD7A197BC5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62D40876-DF18-411F-9D34-A9DD7A197BC5}\ deleted successfully. C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}\ deleted successfully. File move failed. C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll scheduled to be moved on reboot. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62d40876-df18-411f-9d34-a9dd7a197bc5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62d40876-df18-411f-9d34-a9dd7a197bc5}\ not found. File C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{62d40876-df18-411f-9d34-a9dd7a197bc5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62d40876-df18-411f-9d34-a9dd7a197bc5}\ not found. File C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll not found. C:\Users\Frank\Desktop\MBR.dat moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. C:\Users\Frank\Desktop\cmd.bat deleted successfully. C:\Users\Frank\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Frank ->Temp folder emptied: 77938698 bytes ->Temporary Internet Files folder emptied: 1674484 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 220594596 bytes ->Apple Safari cache emptied: 0 bytes ->Opera cache emptied: 25507674 bytes ->Flash cache emptied: 10099 bytes User: Gast ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 26938407 bytes ->Opera cache emptied: 3202922 bytes ->Flash cache emptied: 821 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 35819626 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 374,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.69.0 log created on 02262013_155407 Files\Folders moved on Reboot... File move failed. C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll scheduled to be moved on reboot. C:\Users\Frank\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
26.02.2013, 23:22 | #35 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten! Eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
27.02.2013, 08:21 | #36 |
| Arbeitsstationsdienst lässt sich nicht starten! OTL.Txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.02.2013 08:07:28 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frank\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,23 Gb Available Physical Memory | 66,07% Memory free 15,82 Gb Paging File | 12,72 Gb Available in Paging File | 80,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 301,93 Gb Total Space | 56,26 Gb Free Space | 18,63% Space Free | Partition Type: NTFS Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Gameforge) PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink) PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC) PRC - C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\GameforgeLive\qjson.dll () MOD - C:\Program Files (x86)\GameforgeLive\imageformats\qtiff4.dll () MOD - C:\Program Files (x86)\GameforgeLive\imageformats\qmng4.dll () MOD - C:\Program Files (x86)\GameforgeLive\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\GameforgeLive\imageformats\qico4.dll () MOD - C:\Program Files (x86)\GameforgeLive\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\GameforgeLive\libgcrypt-11.dll () MOD - C:\Program Files (x86)\GameforgeLive\libgpg-error-0.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\GameforgeLive\QtWebKit4.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () ========== Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) SRV - (Splashtop MDES) -- C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe (mst software GmbH, Germany) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH) DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKLM\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - No CLSID value found IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7BFCAB6FDD-5585-425b-95C1-5ED856F3FD08%7D:6.9 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.22 22:09:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.02.03 14:29:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.02.03 14:29:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.02.03 14:29:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 11:40:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 11:40:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 11:40:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 11:40:46 | 000,000,000 | ---D | M] [2011.12.09 22:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions [2013.02.25 15:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions [2013.02.14 13:22:35 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.09.16 20:22:51 | 000,304,450 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi [2013.02.25 14:01:50 | 000,001,096 | ---- | M] () -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\searchplugins\brothersoft-extreme3-customized-web-search.xml [2013.02.06 11:40:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.06 11:40:44 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2013.02.06 11:40:45 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak [2012.02.22 22:09:22 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2013.02.06 11:40:50 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.22 22:01:00 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.02.26 15:55:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S File not found O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC) O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk = File not found O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.11.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42713A31-1749-4DB5-91DC-FE79CFCC532C}: NameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B023C04D-E2DD-4399-975A-9BFF60B791C9}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F72A33CB-0D97-46D0-8B73-02D4B5A20E02}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.26 15:54:07 | 000,000,000 | ---D | C] -- C:\_OTL [2013.02.25 13:38:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.02.25 13:38:10 | 000,000,000 | ---D | C] -- C:\JRT [2013.02.25 13:37:56 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Frank\Desktop\JRT.exe [2013.02.16 08:19:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.16 08:19:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.16 08:19:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.16 08:19:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.16 08:19:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.16 08:19:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.16 08:19:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.16 08:19:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.16 08:19:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.16 08:19:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.16 08:19:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.16 08:19:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.16 08:19:08 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.16 08:19:08 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.16 08:19:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 09:58:19 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 09:58:14 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 09:58:13 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 09:57:57 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 09:57:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 09:57:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 09:57:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 09:57:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 09:57:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.14 09:57:49 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.08 16:41:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.02.06 21:59:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support [2013.02.06 21:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.02.06 16:53:31 | 000,352,855 | ---- | C] (Farbar) -- C:\Users\Frank\Desktop\FSS.exe [2013.02.06 16:15:23 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Frank\Desktop\tdsskiller.exe [2013.02.06 13:20:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.02.06 13:20:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.02.06 13:20:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.02.06 13:19:14 | 027,448,224 | ---- | C] (TuneUp Software) -- C:\Users\Frank\Desktop\TuneUpUtilities2013_de-DE-4.exe [2013.02.06 13:13:04 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.02.06 13:12:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.02.06 13:10:08 | 005,030,592 | R--- | C] (Swearware) -- C:\Users\Frank\Desktop\ComboFix.exe [2013.02.06 11:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.05 17:45:24 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Frank\Desktop\aswMBR.exe [2013.02.04 22:24:05 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2013.02.04 22:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.02.04 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.02.04 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.02.04 22:19:49 | 088,946,664 | ---- | C] (Apple Inc.) -- C:\Users\Frank\Desktop\iTunes64Setup.exe [2013.02.04 17:48:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe [2013.02.04 08:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2013.02.04 08:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2013.02.03 21:32:54 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Chromium [2013.02.03 19:52:07 | 000,623,003 | ---- | C] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe [2013.02.03 19:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\Anti-Malware [2013.02.03 18:48:03 | 000,000,000 | ---D | C] -- C:\found.000 [2013.02.03 15:33:43 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\Malwarebytes [2013.02.03 15:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.03 15:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.03 15:33:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.02.03 15:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.02.03 15:25:42 | 000,000,000 | ---D | C] -- C:\PPF_Scan1 [2013.02.03 14:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2013.02.03 14:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013 [2013.02.03 14:30:25 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013.02.03 14:29:51 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.02.03 14:29:27 | 000,611,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.02.03 14:29:27 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys [2013.02.03 09:29:37 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2013.02.03 09:29:37 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2013.02.03 09:27:00 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013.02.03 09:26:58 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013.02.03 09:26:58 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013.02.03 09:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013.02.03 09:26:45 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\TuneUp Software [2013.02.03 09:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013.02.03 09:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.02.03 09:26:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.02.03 09:26:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.02.03 09:26:16 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\My Cheat Tables [2013.02.03 09:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2 [2013.02.03 09:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2 [2013.02.02 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Gameforge4d [2013.02.02 18:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live [2013.02.02 18:08:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameforgeLive [2013.02.02 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Programs ========== Files - Modified Within 30 Days ========== [2013.02.27 08:05:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.27 08:05:40 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.26 22:30:31 | 000,000,342 | -H-- | M] () -- C:\dvmexp.idx [2013.02.26 16:05:15 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.26 16:05:15 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.26 15:56:16 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe [2013.02.26 15:55:53 | 2076,749,823 | -HS- | M] () -- C:\hiberfil.sys [2013.02.26 15:55:08 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2013.02.25 14:51:09 | 000,594,019 | ---- | M] () -- C:\Users\Frank\Desktop\adwcleaner.exe [2013.02.25 13:38:00 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Frank\Desktop\JRT.exe [2013.02.18 11:57:36 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.18 11:57:36 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.18 11:57:36 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.18 11:57:36 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.18 11:57:36 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.16 08:38:22 | 000,547,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.10 06:47:24 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.10 06:47:23 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.08 16:26:12 | 005,030,592 | R--- | M] (Swearware) -- C:\Users\Frank\Desktop\ComboFix.exe [2013.02.07 23:36:23 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [2013.02.06 21:59:25 | 004,009,167 | ---- | M] () -- C:\Users\Frank\Desktop\ServicesRepair.exe [2013.02.06 21:50:59 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.06 16:53:36 | 000,352,855 | ---- | M] (Farbar) -- C:\Users\Frank\Desktop\FSS.exe [2013.02.06 16:15:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Frank\Desktop\tdsskiller.exe [2013.02.06 13:19:38 | 027,448,224 | ---- | M] (TuneUp Software) -- C:\Users\Frank\Desktop\TuneUpUtilities2013_de-DE-4.exe [2013.02.05 17:46:40 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Frank\Desktop\aswMBR.exe [2013.02.05 14:02:50 | 000,365,568 | ---- | M] () -- C:\Users\Frank\Desktop\gmer_2.0.18454.exe [2013.02.04 22:20:59 | 088,946,664 | ---- | M] (Apple Inc.) -- C:\Users\Frank\Desktop\iTunes64Setup.exe [2013.02.04 17:48:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe [2013.02.04 14:05:38 | 000,001,804 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.02.04 07:59:11 | 000,007,250 | ---- | M] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm [2013.02.03 19:52:05 | 000,623,003 | ---- | M] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe [2013.02.03 19:29:25 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.02.03 18:14:17 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.03 18:14:17 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.03 15:33:32 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.03 14:53:49 | 000,001,082 | ---- | M] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk [2013.02.03 14:30:25 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.02.03 14:20:28 | 000,002,486 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.02.03 09:26:09 | 000,001,091 | ---- | M] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk [2013.02.02 18:14:10 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\AION.lnk ========== Files Created - No Company Name ========== [2013.02.25 14:51:04 | 000,594,019 | ---- | C] () -- C:\Users\Frank\Desktop\adwcleaner.exe [2013.02.07 23:36:23 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [2013.02.06 21:58:50 | 004,009,167 | ---- | C] () -- C:\Users\Frank\Desktop\ServicesRepair.exe [2013.02.06 13:20:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.02.06 13:20:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.02.06 13:20:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.02.06 13:20:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.02.06 13:20:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.02.05 14:02:48 | 000,365,568 | ---- | C] () -- C:\Users\Frank\Desktop\gmer_2.0.18454.exe [2013.02.04 22:24:27 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.04 07:59:11 | 000,007,250 | ---- | C] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm [2013.02.03 19:29:25 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2013.02.03 15:33:32 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.03 15:23:56 | 000,010,240 | ---- | C] () -- C:\Users\Frank\Desktop\Erweiterter Scan.scp [2013.02.03 14:53:49 | 000,001,082 | ---- | C] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk [2013.02.03 14:30:49 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.02.03 09:26:54 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013.02.03 09:26:09 | 000,001,091 | ---- | C] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk [2013.02.02 18:14:10 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\AION.lnk [2013.01.04 12:30:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.01.04 12:30:58 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.07.24 20:20:03 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2012.06.12 15:06:16 | 000,233,545 | ---- | C] () -- C:\Windows\hpoins47.dat [2012.02.11 15:39:34 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.02.11 15:37:45 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat.temp [2012.02.06 19:35:25 | 000,017,408 | ---- | C] () -- C:\Users\Frank\AppData\Local\WebpageIcons.db [2012.01.30 15:57:55 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.12.21 15:30:47 | 000,003,584 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.13 21:11:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.12.13 21:11:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.12.11 20:40:09 | 000,000,000 | ---- | C] () -- C:\Users\Frank\AppData\Local\{B55A0129-9065-4945-819B-EF351192F335} [2011.12.10 16:05:45 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.10.12 19:18:15 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2011.10.12 19:00:19 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011.07.12 09:14:12 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.07.12 09:13:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.12 09:13:06 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.12 09:13:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.07.12 09:13:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.07.12 09:13:03 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.05.10 23:55:50 | 000,368,400 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
27.02.2013, 08:22 | #37 |
| Arbeitsstationsdienst lässt sich nicht starten! Extras.Txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.02.2013 08:07:28 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frank\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,23 Gb Available Physical Memory | 66,07% Memory free 15,82 Gb Paging File | 12,72 Gb Available in Paging File | 80,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 301,93 Gb Total Space | 56,26 Gb Free Space | 18,63% Space Free | Partition Type: NTFS Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{026F28B2-4112-45D7-86C9-DF12DAFD671E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{04F13F12-B56A-45DF-8C87-19ABBBC547DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{05C2E10B-73AD-46B7-AE15-36B508DC9E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0A1CFD93-70BA-44AD-B349-BBCDFF1CF6AA}" = lport=445 | protocol=6 | dir=in | app=system | "{0D41A9F8-AEBD-40AF-BB6E-86AB2A1B5F2C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28D0B26B-8B52-477F-8EED-4850B30FD34A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2EA147DD-C580-42F4-88E6-303307743D54}" = rport=445 | protocol=6 | dir=out | app=system | "{3EE82233-EEF0-4F3F-BD41-EE03797E00D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{410C7CDE-ADD8-414A-A7CD-3E3843391B86}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{48E93503-3600-488F-9503-A917B6DC8D8F}" = rport=137 | protocol=17 | dir=out | app=system | "{4E00135A-770B-47DD-827A-E8330345F76A}" = lport=139 | protocol=6 | dir=in | app=system | "{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | "{5FA2DD1D-ECD6-4783-9E8C-4E6F37744F16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{60F08D0B-8ED7-4805-AA51-FC54BA88C39C}" = lport=138 | protocol=17 | dir=in | app=system | "{656CC142-A605-4762-978B-6E1CAA7B0B3A}" = lport=138 | protocol=17 | dir=in | app=system | "{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{775EDB99-44CA-4D31-8771-3B090610ABDB}" = rport=139 | protocol=6 | dir=out | app=system | "{791B4AF4-246C-4E1C-A822-D77FF9D90D9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7C84E8B4-292F-4387-A6FF-85F86F780646}" = lport=10243 | protocol=6 | dir=in | app=system | "{803A9BF5-E051-45F2-B1CF-EAAE68DA0574}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80FF73EF-B749-460F-B06B-582EE54C57F7}" = lport=137 | protocol=17 | dir=in | app=system | "{8A3A3441-7849-4DA7-BC90-1FB6646A4070}" = rport=137 | protocol=17 | dir=out | app=system | "{8A889400-2DB5-4FB5-826E-0B1EC5B8C74A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{94922B9A-C569-41CD-8266-59553D72EB4A}" = rport=138 | protocol=17 | dir=out | app=system | "{97E4330D-A257-4617-B034-7D0AA0648385}" = rport=10243 | protocol=6 | dir=out | app=system | "{A081DF58-AF75-4987-BC3A-BC94072C9C46}" = lport=445 | protocol=6 | dir=in | app=system | "{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | "{A8F55D9B-EB25-4ED8-939A-38A411C167C2}" = rport=445 | protocol=6 | dir=out | app=system | "{AE52A85A-FB5E-4A38-B8F6-D3BEA64996C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AF3EC28E-E7BB-49F9-9ACC-8A533507284C}" = lport=2869 | protocol=6 | dir=in | app=system | "{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B8CBE818-C542-4521-8916-FEF79F21153A}" = rport=138 | protocol=17 | dir=out | app=system | "{BBDDDA9C-86A9-4551-8218-CBE4E88E5D0B}" = lport=137 | protocol=17 | dir=in | app=system | "{D7104979-663D-4398-A2AD-B0EB928506FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{DF54EC2A-BC43-451B-A57A-5187BEE101A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EB1992A1-24EB-4970-A810-3F4BC14F1D21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EB3931EC-1871-460B-AAFD-6A39EE09CA30}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F61A0EBD-FA03-490B-8C98-30F4955A7611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FDB2458D-4D68-4AB7-8490-0CE92A842050}" = rport=139 | protocol=6 | dir=out | app=system | "{FE34F477-DBD8-4E2D-A75D-B50231451C54}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF4756A5-7BB0-4F3B-A022-6FF584D45218}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0087BA66-969B-4D93-9B9D-BCB7FEC560FD}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{033CF1F1-7967-44BE-B6C1-AA3D263E1610}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{074085CA-0F91-4F28-A926-C8AFCB938406}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{08A9F95D-7CDC-4D0B-A807-687B0B0A134D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{110E1EBB-D366-4823-8512-6BE2ADB34DFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{1241C853-A9BF-4C24-B856-F8EFDA7A4D8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1346C3D0-4EFC-486C-A4F1-6AB109432716}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{13F8DE5E-2D49-4CAE-9402-0845392D0B32}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{143B7CF2-8293-449B-9A54-675278E2E203}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1A1280C6-E72A-4BCF-85EA-92FDF2E34406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B56B178-8AE2-4BF1-93EB-8BA95EAC9B31}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{1C26B8E9-017F-48B7-9534-ABDC36BE5F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{257680F7-C301-4733-A1CF-E70C9DD71261}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{2A2BA377-2A73-44C3-853D-B8EFDC57B9EA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2B56AC0E-2D34-4B1A-8AD0-8EC520F1C278}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{2F7F2A47-15B9-4E0A-B3E1-4D5FE1F82727}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{33FC3C20-3C1E-4713-B306-EA370FD15C18}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{39886990-6DA5-435F-AF79-0BE2C649CFAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{3D981610-0DAE-471B-9D92-B7012BE7623F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{3DFEFF10-2FDE-4E7E-917B-1A7F20F5F87C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{3FBE5635-0BEB-49AD-9B5C-B9F8687D9560}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{41FED41A-41A4-441F-AA4B-45D3DE83AAC0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{42545A11-14FD-46D1-9409-38A89B7989B1}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{43E1DB64-3946-4EB7-A429-56C85F8D3F86}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{499C344C-75F5-466C-824D-71569580D58A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{4C208F8A-0AF3-46CE-97E0-62F00C33B292}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{4CBC787C-2730-4E39-AE8C-4544A50D1D53}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{4D11A4DE-77D7-4073-A858-5101040D800B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{513803D3-2CBE-4AD7-888B-9FBB87B7F6F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5139507B-AE4F-4801-B58C-3F4462CE5BBE}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{57FFA164-EBE0-4AFF-B0F1-9BE45057C3F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{58A37FBC-C980-4DA4-BDFE-FA86530E1279}" = protocol=6 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{58C43DDC-31E4-46F8-AFAC-E8A91409832B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{5EDC770F-EEE8-4707-A500-4CF3A47B9E03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{608B7EA1-5255-4D45-89A8-DB05FB6C7F31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{63E82044-D25A-436B-98C6-39E3C701CFE4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{66D51F49-4790-4758-874E-8789F4563E77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{69808785-007A-4AB1-A6F6-CC94D0123ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{706BAAD3-6376-41B5-9A65-B278F7A0BE43}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{7099C2A9-3AEB-49DA-BD14-4F30C10341AE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{727CD718-E57E-4C2D-A18F-AD32A375FDE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{757EA4FA-DB8D-4070-9AEF-F724118944E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{76FE2EAD-41B2-46D4-9214-2545AE01306D}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{7A90EC93-89B2-4259-8F32-E009B82B3002}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7BF72C69-9170-4AD1-8925-BE127059083A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{7C151C6B-AD46-4AC0-B220-F3DAABF64036}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7FA06F0E-FB41-459B-BDCA-8EB52C7D0B43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7FE4D89C-CCED-4DFC-854D-BC55F793CFFF}" = protocol=17 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{853C20A7-0182-4439-8E9B-1BED0CC822CD}" = protocol=6 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{86689817-277B-47C7-94F9-A89F86C994DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{872A7F77-2BCB-4C25-980E-EC159538C93D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8928D9A5-C13F-497A-98E8-03D633F44079}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{894F2A3A-01D4-4696-9E2F-FAF1A60FB825}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{8C47B80B-36E6-4D5E-8DDF-2E66BE707A75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{9087C678-E140-427B-A315-61BC0A7D02CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{9B0DBA31-8CAD-4D9A-BFB9-0C1111D9AE66}" = protocol=6 | dir=out | app=system | "{9D78343A-DA63-4A71-9551-1BA7843A6A1C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{9E89F54A-8A8D-433F-9F47-0B6181230749}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{A18DDF2B-B1CC-4BAC-926A-AE3744A21AB5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{A80522B8-0C6A-4522-ACF0-634A77A676AD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A80E1F92-EC8F-419B-A1CE-A634831364A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B1E5F4A6-C366-4466-AC0C-CEEBABAF2136}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{B8032E5C-813E-4D55-9EC9-B5D9EADE9BC7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB2CBA44-51FB-498D-BB21-1758E8464CEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BDC4E9DB-AA26-4461-8BBF-0E1770911456}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{BE63B653-69A2-4B10-9AA6-C9F5D78A5377}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{C72241F6-7698-4FD3-A3FF-7BE96E70766B}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{C885D74D-EBB1-48C9-B859-931A654241A5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{C92CF1B2-8BF6-4E52-99E5-697911372680}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CBDE7739-94E4-4ACA-8F50-DFAC7A3F275F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{CE3B1A99-FA81-4F96-8562-BAA3F68BD881}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{D2AEAE29-34A6-44C7-8D62-E54D8936BCE5}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{D39FEFF8-49E6-46D9-B41C-5CCCC9A5F4B3}" = dir=in | app=e:\setup\hpznui40.exe | "{D4F0E4EE-F566-4AD3-86A0-B37ED5CB9F50}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D7F289E0-5350-4ED5-9C1A-7337486615EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{DCEAD13F-4E08-4E98-BA46-E82E5DAEC5D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DFC2B032-4F7B-4CEC-A127-EDC5D55A2C2C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E2315EF4-132E-4EB6-9572-1F453362F660}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{E8FC992F-084D-4BB7-B0A8-1BE47FCF0D93}" = protocol=17 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{EA54A53C-2F02-4D8A-AEA8-337E1AADDCB9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{EAA60805-57A5-4C15-AF0A-76B7B4F6D0F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EBE658DA-90BF-4F7F-A87E-5EBD79CA800F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EC467394-B11F-456A-8472-856A7358643F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F19A67D9-2FC7-498F-896C-05692DB83B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F30A4339-21FF-4CCA-B8B6-ED9B2921B4B8}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{F53F2B8E-35C7-47A3-8F8A-A5EBDFC33D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9FEF07C-8A6C-4F5B-8E04-34B8DFC678F5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{FFA64E37-BBF2-4E0A-BF70-B72BA01DD83E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "TCP Query User{7721DAA4-1550-4F46-BD81-9B3AE7BA3B96}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "TCP Query User{D694BC43-C580-4881-AD99-D9500562500D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{445C7303-C4CD-45F6-86D3-F5BD91E1B033}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{DD0BD112-2749-4C7A-9F5F-1B6CCD724E7D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit) "{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety "{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid "{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software "{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64 "{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11 (64-bit) "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety "{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft-Maus- und Tastatur-Center "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "MAXON8C02D5E0" = CINEMA 4D 12.048 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center "ProInst" = Intel PROSet Wireless "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.01 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi "{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery "{3966711E-1F98-4C9F-AE0B-6AD28137FE64}" = Multiple Image Resizer .NET 4 "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10 "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10 "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night "{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項 "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733B66AD-B771-4FA6-8DBF-765B820CC0EB}" = Langenscheidt Vokabeltrainer 6.0 Englisch "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires "{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren "{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend" "{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker "{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110 "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013 "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة "{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE) "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AmUStor" = Alcor Micro USB Card Reader "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.7 "Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.0.1 "Asus Vibe2.0" = AsusVibe2.0 "ASUS WebStorage" = ASUS WebStorage "AsusScr_N5_En" = AsusScr_N5_En "BrotherSoft_Extreme3 Toolbar" = BrotherSoft Extreme3 Toolbar "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "DivX Setup" = DivX-Setup "DPP" = Canon Utilities Digital Photo Professional 3.10 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EOS Sample Music" = Canon Utilities EOS Sample Music "EOS Utility" = Canon Utilities EOS Utility "EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX "Governor of Poker" = Governor of Poker "Hotel Dash Suite Success" = Hotel Dash Suite Success "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "IrfanView" = IrfanView (remove only) "Jewel Quest 3" = Jewel Quest 3 "JPEG ReSizer" = JPEG ReSizer (remove only) "LogMeIn Hamachi" = LogMeIn Hamachi "Luxor 3" = Luxor 3 "MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker "Mahjongg dimensions" = Mahjongg dimensions "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.1.8d "Mobile Partner" = Mobile Partner "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube "Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPE" = MyPhoneExplorer "Multiple Image Resizer .NET 4" = Multiple Image Resizer .NET 4 "MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Office14.SingleImage" = Microsoft Office Home and Business 2010 "Opera 12.13.1734" = Opera 12.13 "Origin" = Origin "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10 "Plants vs Zombies" = Plants vs Zombies "ProInst" = Intel PROSet Wireless "PunkBusterSvc" = PunkBuster Services "Rockstar Games Social Club" = Rockstar Games Social Club "TuneUp Utilities 2013" = TuneUp Utilities 2013 "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials "World of Goo" = World of Goo "xSIMS_Censor_Remover_TS3" = Sims 3 - Nude Censor Remover "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Kies Air Discovery Service" = Kies Air Discovery Service ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.02.2013 12:46:06 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Error - 25.02.2013 12:46:08 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: NOTEPAD.EXE, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc9b3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften Prozesses: 0x1460 Startzeit der fehlerhaften Anwendung: 0x01ce1361005dda74 Pfad der fehlerhaften Anwendung: C:\Windows\system32\NOTEPAD.EXE Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: d9e5a415-7f6a-11e2-951e-ac72891c556f Error - 26.02.2013 09:33:11 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8 Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001aade ID des fehlerhaften Prozesses: 0x108c Startzeit der fehlerhaften Anwendung: 0x01ce1425a8715857 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe Berichtskennung: 0fc9729a-8019-11e2-8d91-ac72891c556f Error encountered while reading event logs. < End of report > |
27.02.2013, 08:23 | #38 |
| Arbeitsstationsdienst lässt sich nicht starten! Extras.Txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.02.2013 08:07:28 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Frank\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,91 Gb Total Physical Memory | 5,23 Gb Available Physical Memory | 66,07% Memory free 15,82 Gb Paging File | 12,72 Gb Available in Paging File | 80,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 301,93 Gb Total Space | 56,26 Gb Free Space | 18,63% Space Free | Partition Type: NTFS Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{026F28B2-4112-45D7-86C9-DF12DAFD671E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{04F13F12-B56A-45DF-8C87-19ABBBC547DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{05C2E10B-73AD-46B7-AE15-36B508DC9E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0A1CFD93-70BA-44AD-B349-BBCDFF1CF6AA}" = lport=445 | protocol=6 | dir=in | app=system | "{0D41A9F8-AEBD-40AF-BB6E-86AB2A1B5F2C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28D0B26B-8B52-477F-8EED-4850B30FD34A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2EA147DD-C580-42F4-88E6-303307743D54}" = rport=445 | protocol=6 | dir=out | app=system | "{3EE82233-EEF0-4F3F-BD41-EE03797E00D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{410C7CDE-ADD8-414A-A7CD-3E3843391B86}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{48E93503-3600-488F-9503-A917B6DC8D8F}" = rport=137 | protocol=17 | dir=out | app=system | "{4E00135A-770B-47DD-827A-E8330345F76A}" = lport=139 | protocol=6 | dir=in | app=system | "{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | "{5FA2DD1D-ECD6-4783-9E8C-4E6F37744F16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{60F08D0B-8ED7-4805-AA51-FC54BA88C39C}" = lport=138 | protocol=17 | dir=in | app=system | "{656CC142-A605-4762-978B-6E1CAA7B0B3A}" = lport=138 | protocol=17 | dir=in | app=system | "{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{775EDB99-44CA-4D31-8771-3B090610ABDB}" = rport=139 | protocol=6 | dir=out | app=system | "{791B4AF4-246C-4E1C-A822-D77FF9D90D9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7C84E8B4-292F-4387-A6FF-85F86F780646}" = lport=10243 | protocol=6 | dir=in | app=system | "{803A9BF5-E051-45F2-B1CF-EAAE68DA0574}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{80FF73EF-B749-460F-B06B-582EE54C57F7}" = lport=137 | protocol=17 | dir=in | app=system | "{8A3A3441-7849-4DA7-BC90-1FB6646A4070}" = rport=137 | protocol=17 | dir=out | app=system | "{8A889400-2DB5-4FB5-826E-0B1EC5B8C74A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{94922B9A-C569-41CD-8266-59553D72EB4A}" = rport=138 | protocol=17 | dir=out | app=system | "{97E4330D-A257-4617-B034-7D0AA0648385}" = rport=10243 | protocol=6 | dir=out | app=system | "{A081DF58-AF75-4987-BC3A-BC94072C9C46}" = lport=445 | protocol=6 | dir=in | app=system | "{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | "{A8F55D9B-EB25-4ED8-939A-38A411C167C2}" = rport=445 | protocol=6 | dir=out | app=system | "{AE52A85A-FB5E-4A38-B8F6-D3BEA64996C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AF3EC28E-E7BB-49F9-9ACC-8A533507284C}" = lport=2869 | protocol=6 | dir=in | app=system | "{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B8CBE818-C542-4521-8916-FEF79F21153A}" = rport=138 | protocol=17 | dir=out | app=system | "{BBDDDA9C-86A9-4551-8218-CBE4E88E5D0B}" = lport=137 | protocol=17 | dir=in | app=system | "{D7104979-663D-4398-A2AD-B0EB928506FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{DF54EC2A-BC43-451B-A57A-5187BEE101A3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EB1992A1-24EB-4970-A810-3F4BC14F1D21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EB3931EC-1871-460B-AAFD-6A39EE09CA30}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F61A0EBD-FA03-490B-8C98-30F4955A7611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FDB2458D-4D68-4AB7-8490-0CE92A842050}" = rport=139 | protocol=6 | dir=out | app=system | "{FE34F477-DBD8-4E2D-A75D-B50231451C54}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF4756A5-7BB0-4F3B-A022-6FF584D45218}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0087BA66-969B-4D93-9B9D-BCB7FEC560FD}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{033CF1F1-7967-44BE-B6C1-AA3D263E1610}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{074085CA-0F91-4F28-A926-C8AFCB938406}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{08A9F95D-7CDC-4D0B-A807-687B0B0A134D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{110E1EBB-D366-4823-8512-6BE2ADB34DFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{1241C853-A9BF-4C24-B856-F8EFDA7A4D8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1346C3D0-4EFC-486C-A4F1-6AB109432716}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{13F8DE5E-2D49-4CAE-9402-0845392D0B32}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{143B7CF2-8293-449B-9A54-675278E2E203}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1A1280C6-E72A-4BCF-85EA-92FDF2E34406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1B56B178-8AE2-4BF1-93EB-8BA95EAC9B31}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{1C26B8E9-017F-48B7-9534-ABDC36BE5F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{257680F7-C301-4733-A1CF-E70C9DD71261}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{2A2BA377-2A73-44C3-853D-B8EFDC57B9EA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2B56AC0E-2D34-4B1A-8AD0-8EC520F1C278}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{2F7F2A47-15B9-4E0A-B3E1-4D5FE1F82727}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{33FC3C20-3C1E-4713-B306-EA370FD15C18}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{39886990-6DA5-435F-AF79-0BE2C649CFAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{3D981610-0DAE-471B-9D92-B7012BE7623F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | "{3DFEFF10-2FDE-4E7E-917B-1A7F20F5F87C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{3FBE5635-0BEB-49AD-9B5C-B9F8687D9560}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{41FED41A-41A4-441F-AA4B-45D3DE83AAC0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{42545A11-14FD-46D1-9409-38A89B7989B1}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{43E1DB64-3946-4EB7-A429-56C85F8D3F86}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{499C344C-75F5-466C-824D-71569580D58A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{4C208F8A-0AF3-46CE-97E0-62F00C33B292}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{4CBC787C-2730-4E39-AE8C-4544A50D1D53}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | "{4D11A4DE-77D7-4073-A858-5101040D800B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{513803D3-2CBE-4AD7-888B-9FBB87B7F6F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5139507B-AE4F-4801-B58C-3F4462CE5BBE}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{57FFA164-EBE0-4AFF-B0F1-9BE45057C3F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{58A37FBC-C980-4DA4-BDFE-FA86530E1279}" = protocol=6 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{58C43DDC-31E4-46F8-AFAC-E8A91409832B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{5EDC770F-EEE8-4707-A500-4CF3A47B9E03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{608B7EA1-5255-4D45-89A8-DB05FB6C7F31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | "{63E82044-D25A-436B-98C6-39E3C701CFE4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{66D51F49-4790-4758-874E-8789F4563E77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{69808785-007A-4AB1-A6F6-CC94D0123ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{706BAAD3-6376-41B5-9A65-B278F7A0BE43}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{7099C2A9-3AEB-49DA-BD14-4F30C10341AE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{727CD718-E57E-4C2D-A18F-AD32A375FDE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{757EA4FA-DB8D-4070-9AEF-F724118944E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{76FE2EAD-41B2-46D4-9214-2545AE01306D}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | "{7A90EC93-89B2-4259-8F32-E009B82B3002}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7BF72C69-9170-4AD1-8925-BE127059083A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{7C151C6B-AD46-4AC0-B220-F3DAABF64036}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{7FA06F0E-FB41-459B-BDCA-8EB52C7D0B43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7FE4D89C-CCED-4DFC-854D-BC55F793CFFF}" = protocol=17 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | "{853C20A7-0182-4439-8E9B-1BED0CC822CD}" = protocol=6 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{86689817-277B-47C7-94F9-A89F86C994DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{872A7F77-2BCB-4C25-980E-EC159538C93D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8928D9A5-C13F-497A-98E8-03D633F44079}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{894F2A3A-01D4-4696-9E2F-FAF1A60FB825}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | "{8C47B80B-36E6-4D5E-8DDF-2E66BE707A75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{9087C678-E140-427B-A315-61BC0A7D02CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{9B0DBA31-8CAD-4D9A-BFB9-0C1111D9AE66}" = protocol=6 | dir=out | app=system | "{9D78343A-DA63-4A71-9551-1BA7843A6A1C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{9E89F54A-8A8D-433F-9F47-0B6181230749}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{A18DDF2B-B1CC-4BAC-926A-AE3744A21AB5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{A80522B8-0C6A-4522-ACF0-634A77A676AD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A80E1F92-EC8F-419B-A1CE-A634831364A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B1E5F4A6-C366-4466-AC0C-CEEBABAF2136}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{B8032E5C-813E-4D55-9EC9-B5D9EADE9BC7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB2CBA44-51FB-498D-BB21-1758E8464CEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{BDC4E9DB-AA26-4461-8BBF-0E1770911456}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{BE63B653-69A2-4B10-9AA6-C9F5D78A5377}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | "{C72241F6-7698-4FD3-A3FF-7BE96E70766B}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatar.exe | "{C885D74D-EBB1-48C9-B859-931A654241A5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | "{C92CF1B2-8BF6-4E52-99E5-697911372680}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CBDE7739-94E4-4ACA-8F50-DFAC7A3F275F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{CE3B1A99-FA81-4F96-8562-BAA3F68BD881}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{D2AEAE29-34A6-44C7-8D62-E54D8936BCE5}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | "{D39FEFF8-49E6-46D9-B41C-5CCCC9A5F4B3}" = dir=in | app=e:\setup\hpznui40.exe | "{D4F0E4EE-F566-4AD3-86A0-B37ED5CB9F50}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D7F289E0-5350-4ED5-9C1A-7337486615EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{DCEAD13F-4E08-4E98-BA46-E82E5DAEC5D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DFC2B032-4F7B-4CEC-A127-EDC5D55A2C2C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E2315EF4-132E-4EB6-9572-1F453362F660}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | "{E8FC992F-084D-4BB7-B0A8-1BE47FCF0D93}" = protocol=17 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | "{EA54A53C-2F02-4D8A-AEA8-337E1AADDCB9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{EAA60805-57A5-4C15-AF0A-76B7B4F6D0F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EBE658DA-90BF-4F7F-A87E-5EBD79CA800F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EC467394-B11F-456A-8472-856A7358643F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F19A67D9-2FC7-498F-896C-05692DB83B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F30A4339-21FF-4CCA-B8B6-ED9B2921B4B8}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | "{F53F2B8E-35C7-47A3-8F8A-A5EBDFC33D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9FEF07C-8A6C-4F5B-8E04-34B8DFC678F5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{FFA64E37-BBF2-4E0A-BF70-B72BA01DD83E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "TCP Query User{7721DAA4-1550-4F46-BD81-9B3AE7BA3B96}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "TCP Query User{D694BC43-C580-4881-AD99-D9500562500D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{445C7303-C4CD-45F6-86D3-F5BD91E1B033}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | "UDP Query User{DD0BD112-2749-4C7A-9F5F-1B6CCD724E7D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit) "{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety "{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid "{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software "{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64 "{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11 (64-bit) "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety "{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft-Maus- und Tastatur-Center "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "MAXON8C02D5E0" = CINEMA 4D 12.048 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center "ProInst" = Intel PROSet Wireless "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.01 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi "{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3 "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery "{3966711E-1F98-4C9F-AE0B-6AD28137FE64}" = Multiple Image Resizer .NET 4 "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10 "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10 "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night "{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項 "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733B66AD-B771-4FA6-8DBF-765B820CC0EB}" = Langenscheidt Vokabeltrainer 6.0 Englisch "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires "{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren "{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend" "{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker "{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110 "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013 "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة "{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock "{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude "{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover "{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE) "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AmUStor" = Alcor Micro USB Card Reader "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.7 "Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.0.1 "Asus Vibe2.0" = AsusVibe2.0 "ASUS WebStorage" = ASUS WebStorage "AsusScr_N5_En" = AsusScr_N5_En "BrotherSoft_Extreme3 Toolbar" = BrotherSoft Extreme3 Toolbar "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "DivX Setup" = DivX-Setup "DPP" = Canon Utilities Digital Photo Professional 3.10 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EOS Sample Music" = Canon Utilities EOS Sample Music "EOS Utility" = Canon Utilities EOS Utility "EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX "Governor of Poker" = Governor of Poker "Hotel Dash Suite Success" = Hotel Dash Suite Success "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now! "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "IrfanView" = IrfanView (remove only) "Jewel Quest 3" = Jewel Quest 3 "JPEG ReSizer" = JPEG ReSizer (remove only) "LogMeIn Hamachi" = LogMeIn Hamachi "Luxor 3" = Luxor 3 "MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker "Mahjongg dimensions" = Mahjongg dimensions "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.1.8d "Mobile Partner" = Mobile Partner "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube "Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MPE" = MyPhoneExplorer "Multiple Image Resizer .NET 4" = Multiple Image Resizer .NET 4 "MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Office14.SingleImage" = Microsoft Office Home and Business 2010 "Opera 12.13.1734" = Opera 12.13 "Origin" = Origin "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10 "Plants vs Zombies" = Plants vs Zombies "ProInst" = Intel PROSet Wireless "PunkBusterSvc" = PunkBuster Services "Rockstar Games Social Club" = Rockstar Games Social Club "TuneUp Utilities 2013" = TuneUp Utilities 2013 "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials "World of Goo" = World of Goo "xSIMS_Censor_Remover_TS3" = Sims 3 - Nude Censor Remover "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Kies Air Discovery Service" = Kies Air Discovery Service ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.02.2013 12:46:06 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Error - 25.02.2013 12:46:08 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: NOTEPAD.EXE, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc9b3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften Prozesses: 0x1460 Startzeit der fehlerhaften Anwendung: 0x01ce1361005dda74 Pfad der fehlerhaften Anwendung: C:\Windows\system32\NOTEPAD.EXE Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: d9e5a415-7f6a-11e2-951e-ac72891c556f Error - 26.02.2013 09:33:11 | Computer Name = Frank-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8 Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001aade ID des fehlerhaften Prozesses: 0x108c Startzeit der fehlerhaften Anwendung: 0x01ce1425a8715857 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe Berichtskennung: 0fc9729a-8019-11e2-8d91-ac72891c556f Error encountered while reading event logs. < End of report > |
27.02.2013, 10:42 | #39 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
28.02.2013, 12:00 | #40 |
| Arbeitsstationsdienst lässt sich nicht starten! Würde mich freuen Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.27.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Frank :: FRANK-PC [Administrator] Schutz: Deaktiviert 27.02.2013 20:42:03 mbam-log-2013-02-27 (20-42-03).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 263724 Laufzeit: 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
28.02.2013, 12:02 | #41 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten! Gut, was ist mit ESET?
__________________ Logfiles bitte immer in CODE-Tags posten |
28.02.2013, 12:05 | #42 |
| Arbeitsstationsdienst lässt sich nicht starten!Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=af148ceaa4e18a449a6da278a3fac36c # engine=13257 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-27 10:22:32 # local_time=2013-02-27 11:22:32 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1286 16777214 100 98 113176 16770074 0 0 # compatibility_mode=5893 16776573 100 94 51814 113633602 0 0 # scanned=454302 # found=2 # cleaned=0 # scan_time=9185 sh=23A94909CC5601826F67FE3DC447F794BA33FDDD ft=0 fh=0000000000000000 vn="a variant of Android/Adware.AirPush.C application" ac=I fn="C:\Users\Frank\Desktop\Allgemein\Meine Backups\SmsContactsBackup\apks\com.dk.ffyOnePiece.apk" sh=D821F8FD990FDA5FB19A16FDEC575E16987B6E5F ft=0 fh=0000000000000000 vn="a variant of Android/Plankton.I trojan" ac=I fn="C:\Users\Frank\Desktop\Allgemein\Meine Backups\SmsContactsBackup\apks\goldenshorestechnologies.brightestflashlight.free.apk" ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=af148ceaa4e18a449a6da278a3fac36c # engine=13257 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-28 08:47:24 # local_time=2013-02-28 09:47:24 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1286 16777214 100 98 26848 16807566 0 0 # compatibility_mode=5893 16776573 100 94 24788 113671094 0 0 # scanned=456619 # found=2 # cleaned=0 # scan_time=9257 sh=23A94909CC5601826F67FE3DC447F794BA33FDDD ft=0 fh=0000000000000000 vn="a variant of Android/Adware.AirPush.C application" ac=I fn="C:\Users\Frank\Desktop\Allgemein\Meine Backups\SmsContactsBackup\apks\com.dk.ffyOnePiece.apk" sh=D821F8FD990FDA5FB19A16FDEC575E16987B6E5F ft=0 fh=0000000000000000 vn="a variant of Android/Plankton.I trojan" ac=I fn="C:\Users\Frank\Desktop\Allgemein\Meine Backups\SmsContactsBackup\apks\goldenshorestechnologies.brightestflashlight.free.apk" |
28.02.2013, 12:13 | #43 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten!Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
28.02.2013, 12:17 | #44 |
| Arbeitsstationsdienst lässt sich nicht starten! Ja, dass Backup habe ich meine ich selbst erstellt. Brauche ich allerdings nicht, also könnte es weg... |
28.02.2013, 12:25 | #45 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Arbeitsstationsdienst lässt sich nicht starten! Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Arbeitsstationsdienst lässt sich nicht starten! |
anschluss, arbeitsstationsdienst, c:\windows, check, computer, datei, einfach, folge, forum, funktioniert, funktioniert nicht, funktioniert nicht mehr, hilfe!, infektion, kaspersky, lanmanworkstation, microsoft, neu, neue, neuen, nicht mehr, rechner, starten, system, system32, trojaner, windows-explorer, windows-explorer funktioniert nicht, öffnen |