Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
LAP06-2.vbs auf USB-Stick

LAP06-2.vbs auf USB-Stick


Log-Analyse und Auswertung: LAP06-2.vbs auf USB-Stick

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.04.2013, 18:25   #1
Keahl
 
LAP06-2.vbs auf USB-Stick - Standard

LAP06-2.vbs auf USB-Stick


Hallo Community!

Auf einem USB Stick meiner Freundin, welchen sie mir gab, schien sich die Datei "LAP06-2.vbs" versteckt zu haben, welche Avast als "VBS:AutoRun-gen [Wrm]" beschreibt.

Da ich mir nun Sorgen um mein System mache, würde ich darum bitten, meine Logs auszuwrten und mir zu sagen, ob ich ein Problem habe oder nicht.

Hier ist das MBAM-Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Marcel :: ********* [limited]

29.04.2013 18:10:51
mbam-log-2013-04-29 (18-10-51).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 404780
Time elapsed: 50 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Und hier die OTL-Logs:

OTL logfile created on: 29.04.2013 19:08:52 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free
11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS

Computer Name: ********* | User Name: ********* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\******\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDYT.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDWebCam.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMovieViewer.exe (Logitech Inc.)
PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Hama\Common\RaWLAPI.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\Hama\Common\RaRegistry64.exe (Ralink Technology, Corp.)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LGPBTDD) -- C:\Windows\SysNative\drivers\LGPBTDD.sys (Logitech Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=skyp&ocid=skydhp
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.12 22:37:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 14:13:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M]

[2013.04.12 14:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 14:13:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 14:13:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.05 17:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.05 17:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.05 17:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.05 17:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.05 17:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.05 17:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software)
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{9D15E~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{9D15E~1\reboot.ini File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [mcpatcherefdg] File not found
O4 - HKCU..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5280806A-217A-4B66-ADDB-0642A258CCF8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96A7B7E4-E87C-4404-AFDE-90B8D8BDDB0E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.24 20:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.12 14:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.10 18:10:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 18:10:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 18:10:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 18:10:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 18:10:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 18:10:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 18:10:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 18:10:21 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 18:10:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 18:10:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 18:10:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 18:10:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 18:10:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 18:10:20 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 18:10:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 17:26:44 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 17:26:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 17:26:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 17:26:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 17:26:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 17:26:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.30 21:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
[2013.03.30 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sweet Home 3D

========== Files - Modified Within 30 Days ==========

[2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.29 18:15:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.29 18:08:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.29 18:08:19 | 504,688,639 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.29 18:02:34 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.29 17:45:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.29 17:37:46 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.29 17:37:46 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.29 17:37:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.29 17:37:46 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.29 17:37:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.27 20:33:22 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\WebReg HP Deskjet F300 series.job
[2013.04.10 20:02:27 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.10 20:02:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.10 19:53:21 | 000,310,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2013.04.29 18:02:34 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.01 21:28:20 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2013.02.01 19:23:50 | 000,245,557 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013.02.01 19:23:50 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.11.22 14:28:12 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.22 14:27:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.28 22:56:34 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012.09.28 22:56:00 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2012.09.28 22:55:45 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2012.09.20 16:29:16 | 504,688,639 | -HS- | C] () -- \hiberfil.sys
[2012.08.26 23:10:34 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012.08.21 05:15:22 | 003,978,240 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012.08.21 05:14:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.21 05:12:48 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012.08.21 05:12:34 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012.08.21 05:12:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012.08.21 05:12:30 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012.08.21 05:12:28 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012.08.21 05:12:28 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012.08.21 05:12:28 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012.08.21 05:12:24 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012.07.19 20:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012.07.19 20:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012.07.19 20:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012.07.19 20:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012.07.19 20:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012.07.19 20:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012.07.19 20:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2012.06.19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


OTL Extras logfile created on: 29.04.2013 19:08:52 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\******\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free
11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS

Computer Name: KAWAII-PC | User Name: Admin-san | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01206FCA-F841-432B-A460-B054A68CF507}" = lport=138 | protocol=17 | dir=in | app=system |
"{1C99E57C-A366-475D-9BBD-5BD61D8635DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DB8046C-2BB5-4132-A075-D2F78223D45C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C906D14-B2CD-44D9-9063-0442F7BE50A4}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E18036F-8BCC-47FC-8949-80DF471DFB5E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33512AED-3310-4C77-8218-C303DC247A82}" = rport=139 | protocol=6 | dir=out | app=system |
"{468C2F20-8A64-4FDF-8D02-4877DECA07D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{59D1E017-1541-40F7-8D1B-A30AC0068CB8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5C1A9C92-204C-4ADE-AAD1-EE322DF2E228}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5C38C9C6-7158-40F1-92B6-891A29E1DCC3}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DD418D0-366F-4F0D-9DCF-6F87B32AEC36}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7BFE35F1-8705-48D9-9EF9-159054970CD3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7DF009B6-CECD-4EA4-8E2C-477A7C36A398}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{83F1FC19-5AFA-470A-8259-1E6EA990E729}" = rport=138 | protocol=17 | dir=out | app=system |
"{8A69C3BD-2D73-4EEB-B72B-6EBF9152D6A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D2F142C-170F-4095-B6C5-BB68C50EB274}" = lport=445 | protocol=6 | dir=in | app=system |
"{901A9148-6A64-418C-82D3-B375FA16971C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91CDE7E7-D1B8-4B40-B9C6-858B6154B070}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96C01591-AF40-4049-B4CE-76808DD09B05}" = rport=10243 | protocol=6 | dir=out | app=system |
"{99AA57BC-5CB0-4228-8F60-8FF829D90D12}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7D6A79C-2EA6-49CC-8E4E-9D8A20BC27E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8057F9B-59EB-4CB0-AB28-1064430B4A19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF8D4F5D-0147-41C2-9152-CEC4ED5E634E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0C063EB-2D68-46FF-B446-981C411AB46C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3EC24CE-DA46-439A-8D0B-90CF2CFDF6A4}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F3D25B-613C-4875-B2C3-2D785B4109FB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{05C6E242-7CDD-445E-9586-0CA3742B6269}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{06C310EB-8E6A-49FC-B975-708BF13AB5C7}" = protocol=6 | dir=out | app=system |
"{079BE555-CC7F-4399-9C9D-3F94A67F46B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0B1FF26A-435F-415B-AE34-E4ADDD83C53E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0E89601C-697B-48F0-876F-C1189D9FBA2A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{10349D4C-37E0-4B0E-980B-E61EB4EE9046}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{108FACDF-C3F4-4BB8-9D06-BF1DA95EBEB3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{10A96265-1D56-473F-91FA-F99CE47EC6CE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{125A89B9-77F1-4E48-97E2-B2443D3333CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BC5997E-1BAC-4256-A844-F357E65BE1F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{1C41E9EA-CB51-437E-8605-3455DE0B09EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"{1E283FD1-A426-49FE-9BA7-FDA104D41EB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1FF83CC0-F9B6-4840-A348-5CB41DD43501}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{2035A271-0736-4D84-A659-D4963835CB1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{20BDDC42-B774-450A-972A-DF36B8B25A11}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{22EA8186-AF1C-4C02-9454-B3C8C0B055F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{26BFFC09-461D-46BC-8919-F015CE16A8D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe |
"{2828DFED-B40F-4F2A-B3E4-BF3E7425102F}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{29DC5369-6118-49C3-8D6A-F1AE9FF3D480}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{2A922E1B-9837-4A12-8C81-CAAA864005C7}" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"{2AD00A7E-E293-40F9-AB5A-241754E7E2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{2ADF97DC-89AC-450A-B0D2-A7C205EBAB7B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{2F1EF178-603B-472A-BCA7-9B1A3E7C5D26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{2F3C2FB5-2825-42D2-9DBA-732D3D649842}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{329774BF-691E-42FC-8394-4A0FC3510443}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"{386B4519-C489-4F51-A1AB-A7D347286560}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39DFAE92-C332-4006-9D38-BE709F4E268A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"{3F94D3AF-CDBF-4F81-A44E-F475CA56ECDB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{4335E2B2-AE9C-419D-A13C-353F07D1BB78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46541142-CFA1-471E-9906-711CDF5855ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{4CEFA2B8-ED2D-46E2-B0F8-E97DF10E3B23}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DB18CFE-9765-4191-92EE-1FEF81C0A803}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4FBBB10F-9A57-4898-8BC1-A577E3055067}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{5377B385-0F0D-4A90-88A1-DFA2C32055F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{54B36543-2690-4703-83C8-1B72E079AB7E}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{5532E41D-D48D-418C-AFA9-922D633C969A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{56D75BF9-E201-4FF6-A399-E09C6548ADB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{57F5AAEB-8D05-471D-8447-CCF597907E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe |
"{5A24E8BD-9D20-47A0-AF81-5A9F182E3D8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{5CE8C554-2D64-4291-AF22-A030D21D1F61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5E039FD1-2FBF-4937-A945-19D895FC5BEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{5F3EEA7A-E172-49A8-A522-8EFDE31F0199}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{5FDB8CF5-B066-48F9-A21D-20236A39EC9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{60B296E7-D5CA-4B84-9FA5-7F7781971D89}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{664F0037-2835-4E85-B38E-FB63FBF929EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{6A43C36E-37F7-4CF2-BFF6-DF0CBE27AEE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{6B3B04F3-3E3F-4C7A-AF32-3BE77D8C0708}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{6B6B141E-0AF0-4A9A-8579-E692246C68EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6B966EEB-D4CA-4461-BD29-5BB7CFB6A61A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{72337EBE-1694-4504-AB01-8261353B7376}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72CCD81D-FDD4-4631-826E-5D4630D6F849}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{72DF97AB-669E-43EA-A3C5-A1680E64F92C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{72DFD5C0-5497-4955-B4F6-BDBC6342AE5A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe |
"{73A71208-1C25-4383-AFEB-B51ECA73EBAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{77A99E11-BA9C-4A91-8E48-CA740B77DCB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{77D18086-7A03-40B7-A826-6BF3EBCCE637}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{78FE1E40-8DAB-46D4-9DBD-24B2F0B78032}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{79A3CEB5-2C18-4B42-A4C1-E6046CB0959B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7B03B66B-F409-4543-AF47-CF336CC76C9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"{7B70DBEE-74A3-4274-B2E2-5DFD0E605151}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{7CAE9174-15E6-4F7C-BDF0-88BBA704B65D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe |
"{7DE9E39A-65C9-4670-9B3A-F71EFDE8ECC9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8A8DB8F5-B8C5-4D00-A57A-15B3A5BD2BAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D5EB4D1-DDDB-411C-960D-56D29716364E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{8EBA644A-BCB2-4C61-98D2-81251C66EEAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{90C26014-18A1-4BE2-AE3D-56553AB15B33}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{90CD8FD1-051D-428C-B508-EEA8EECB170F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{932D2805-62FB-4605-99BE-96448C696A6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{93695211-BF60-4D1F-89FB-908C3928930E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{94D97E17-95B7-4CFE-9D34-0042D37409AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{96C9A87F-ACC1-4254-8A4C-797030DFD653}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{9802D616-2DBE-4EBC-8B22-5324107397F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe |
"{984C382A-2F7A-41D3-9F3C-9F6B2F519BAA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9927ACCD-26D4-4354-AF69-B8AFEA87CF26}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{9BE1E4BD-ED7F-47A2-A79B-FDE04F31B2DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{9C21881B-07C2-461D-995A-3F86B8D22003}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{9C892C60-CCA0-4319-8F74-80F71AC21A45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe |
"{9E202595-245B-4E3A-ABFB-CA071F6EDF31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{A1B32D66-C74B-47C2-ABD9-B7DC49E1F3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{A2D544E2-DBF5-4668-BC18-3A3861633ED3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A33F2535-18CE-4144-89BA-8A10CE859041}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A38AFE41-0DA0-4F0E-AF0E-8791EFC7A116}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"{A40F0861-5241-4FC6-845B-D562CE7E29AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{A72226A2-B155-4716-9DD8-C2606D0FF7A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{A8ABB70C-3ABA-4394-A244-63E304F5858E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe |
"{AA29384D-EB86-456D-AA83-4FFFD3502CE1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AAE74808-8BFA-42A0-A1B3-7179CC063C27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe |
"{B0174C6F-91F3-41B0-842D-5E17C8E331E1}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{B31858BC-83DE-41BE-92A0-05DF916BF590}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B34422AC-1CAB-446A-8AF2-F669B8DC1FD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{B47C0F56-4FAD-4BED-8F0A-55187AE980BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"{B5C0F2A4-20A5-47BD-B1BB-8406365FD110}" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"{B5C7D15D-B872-46A3-A5A7-FA6637A4BB23}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B7956A4E-01FF-4B97-BB90-8A8E49DEFE73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{BBB96C35-3344-47A1-91F0-2E92FDEC52B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{BEE9E782-7698-4559-AC57-171509FCB69E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C59D8830-0C51-41BE-B432-542E3CDEC8D9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C5D87CAA-794A-4921-A1E8-070A997A9AC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C77FF4D0-F319-443F-9B3A-DB0CEBC31B8F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{C98630AE-4C91-4046-ACCE-FB3C6B523A7F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{CC0DE909-D605-41A1-8CCB-47919216D4F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CFC29B5B-AB7A-4066-8811-FC71C759678D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D37664C6-5E9C-431C-8768-D7D7DA5ECDCE}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{D3FBFDCF-AA21-47FE-8E71-987F8546AB27}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{D4C01DE4-5FDD-4220-B3A7-5E7F7C978806}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D4FC82D2-EB64-4300-A679-1143CE75F641}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{D60AB8BC-C347-4FA4-874A-3923CCD5BAA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D8125DF0-1546-4393-9C93-BA9D004DAC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{D9A40395-208A-4392-BBAF-CC940B759096}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DBDE8CC9-4D44-46F8-83AE-A265C320660B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{E0C63BAA-9F83-4B1B-A986-A760FF1168F7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{E0E6060E-2BAB-41ED-80A2-3E277BEDF465}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{E4FCFD59-EACC-4B9A-9872-14A20A5EC3D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E84C0F18-5A60-4B78-8997-832B20BBA0B1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E8E62174-AD52-439F-8A3A-60151DFF21A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA6390D2-28EA-47D9-8A00-781838C9FA3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EBEC52E0-3C4D-4D48-97BF-766717846ED5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{EFC8061C-7FAD-41CE-8656-070F26CBE37D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{F16D0597-15ED-4E4F-9C48-11411FDCDC88}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe |
"{F2F6AE99-9DB4-4BDD-9224-2ACE2021C765}" = protocol=58 | dir=in | app=system |
"{F6C076FF-F51E-4274-B88A-60542422A534}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe |
"{F7E7FA67-FAEB-42CA-AE06-79745840894B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{FAB54238-3B3C-49D4-887C-D8AA4B7FC5AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAE8822F-AA7C-4E3D-A4AB-556FB792AABB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC477E3A-B7F6-4B1A-B606-5F2DA235E2A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{FF1F51D3-4C7E-4BEE-84C9-50C60227F050}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"TCP Query User{16F9CE79-4008-4DAF-A1A0-4E330A4640ED}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{50C135D5-5E06-4095-83D7-A1961513800A}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe |
"TCP Query User{5608CA92-912A-4599-8976-814D2DBE48E9}C:\users\******\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |
"TCP Query User{58A85CC8-15E7-4DB1-B762-0F9A66A2F671}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"TCP Query User{5DAA8A9B-EC57-4C48-828F-430E5AEAA167}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"TCP Query User{645D32DB-20E2-4FA4-8BD9-0CD9339287B2}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"TCP Query User{68AD8263-05CC-4F7D-A0B0-FE2D49029B31}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{851500EC-8A62-44D7-B053-8D91D8342CA2}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe |
"TCP Query User{B93D60A1-B481-46EA-B7CD-2273537F3115}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe |
"UDP Query User{67F10B10-DE97-413F-AC49-CC4E9592C5C1}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe |
"UDP Query User{8CC6095C-3ADA-4772-94CF-53EC5DC87BD8}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe |
"UDP Query User{99DFD034-0E8D-4286-89C1-88295606551B}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe |
"UDP Query User{AA043430-FAB2-4C96-AE41-51A694BF5330}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe |
"UDP Query User{BA94540B-E457-4E3E-BB05-E647EE25C685}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{BED7B405-DF0F-4137-84B3-46B58827F192}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe |
"UDP Query User{CD06F978-2386-490E-A273-0143C23A9262}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe |
"UDP Query User{D1ACE927-1F06-402F-85F5-1F39B51CBA75}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{E78826F8-F692-493F-8CF8-977AE680C77C}C:\users\******\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Blender" = Blender
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = HALO 2 FÜR WINDOWS VISTA
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Hama Wireless LAN Adapter
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Codecs for Windows 7 Pack" = Codecs for Windows 7 Pack 4.0.5
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.22.128
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Frets on Fire" = Frets On Fire
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"Guild Wars 2" = Guild Wars 2
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Halo 2" = HALO 2 FÜR WINDOWS VISTA
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NifSkope" = NifSkope (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Patch-Master" = Patch-Master
"PunkBusterSvc" = PunkBuster Services
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"Steam App 105600" = Terraria
"Steam App 12900" = Audiosurf
"Steam App 202480" = Creation Kit
"Steam App 212140" = Magical Diary Demo
"Steam App 218" = Source SDK Base 2007
"Steam App 220" = Half-Life 2
"Steam App 22380" = Fallout: New Vegas
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 35710" = Trine Demo
"Steam App 4000" = Garry's Mod
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 440" = Team Fortress 2
"Steam App 49600" = Beat Hazard
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 70410" = Recettear: An Item Shop's Tale - Demo
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Steam App 98300" = Toy Soldiers
"Sweet Home 3D_is1" = Sweet Home 3D version 4.0
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.04.2013 04:45:29 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8237

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9235

Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9235

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10249

Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10249

Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11248

Error - 29.04.2013 04:45:32 | Computer Name = *********| Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11248

[ System Events ]
Error - 18.04.2013 03:31:04 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1352 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).

Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1069

Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.

Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).

Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund
folgenden Fehlers nicht gestartet: %%1069

Error - 27.04.2013 14:33:32 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.


< End of report >


Vielen Dank im Voraus!

MfG.

Keahl

 

Themen zu LAP06-2.vbs auf USB-Stick
adobe reader xi, antivirus, aswrvrt.sys, bho, bonjour, converter, firefox, flash player, format, helper, home, homepage, iexplore.exe, install.exe, lap06-2.vbs, launch, logfile, mozilla, mp3, msvcrt, officejet, problem, realtek, registry, rundll, secunia psi, security, software, stick, svchost.exe, system, udp, usb, usb-stick


« PWS:Win32/Zbot.gen!AJ Trojaner? | Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank »


Ähnliche Themen: LAP06-2.vbs auf USB-Stick


  1. USB Stick defekt?
    Netzwerk und Hardware - 13.01.2015 (1)
  2. Immer, wenn ich den USB Stick vom Fernseher abziehe und mit dem PC wieder verbinde, erscheint auf dem Stick eine CM0013 Datei.
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (7)
  3. USB Stick Bootfähig
    Alles rund um Windows - 11.01.2012 (2)
  4. WORM/Phorpiex.B.64 auf USB-Stick - Datenrettung vom USB-Stick?
    Plagegeister aller Art und deren Bekämpfung - 09.11.2011 (32)
  5. Virus auf USB-Stick? - USB-Stick wird beim Einstecken als Ordner angezeigt.
    Antiviren-, Firewall- und andere Schutzprogramme - 21.07.2010 (5)
  6. Virenscanner für USB Stick
    Plagegeister aller Art und deren Bekämpfung - 09.03.2010 (7)
  7. Conficker auf USB-Stick
    Log-Analyse und Auswertung - 15.02.2010 (18)
  8. bak.exe (mit autorun auf usb-stick)
    Plagegeister aller Art und deren Bekämpfung - 14.01.2010 (4)
  9. USB Stick booten
    Netzwerk und Hardware - 25.11.2009 (1)
  10. USB Stick
    Netzwerk und Hardware - 17.07.2009 (3)
  11. USB Stick
    Log-Analyse und Auswertung - 13.05.2009 (1)
  12. USB-Stick infiziert?
    Plagegeister aller Art und deren Bekämpfung - 24.03.2009 (36)
  13. virus via usb-stick?
    Plagegeister aller Art und deren Bekämpfung - 03.03.2009 (26)
  14. usb stick streigt
    Netzwerk und Hardware - 14.02.2009 (23)
  15. Conficker auf USB-Stick
    Plagegeister aller Art und deren Bekämpfung - 17.01.2009 (0)
  16. Trojaner auf USB-Stick
    Log-Analyse und Auswertung - 12.11.2008 (3)
  17. Hilfe für USB Stick
    Alles rund um Windows - 26.10.2008 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema LAP06-2.vbs auf USB-Stick - Hallo Community! Auf einem USB Stick meiner Freundin, welchen sie mir gab, schien sich die Datei "LAP06-2.vbs" versteckt zu haben, welche Avast als "VBS:AutoRun-gen [Wrm]" beschreibt. Da ich mir nun - LAP06-2.vbs auf USB-Stick...
Archiv
Du betrachtest: LAP06-2.vbs auf USB-Stick auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19