| SlightlyMad | 15.02.2012 20:05 |
Code:
OTL logfile created on: 15.02.2012 19:29:15 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Berat\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,38% Memory free
6,19 Gb Paging File | 5,93 Gb Available in Paging File | 95,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133,87 Gb Total Space | 45,27 Gb Free Space | 33,81% Space Free | Partition Type: NTFS
Drive D: | 89,25 Gb Total Space | 87,74 Gb Free Space | 98,31% Space Free | Partition Type: NTFS
Computer Name: BERAT-PC | User Name: Berat | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.02.15 19:28:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Berat\Downloads\OTL.exe
PRC - [2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.23 17:42:43 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.04.15 10:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.01.05 22:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010.06.24 16:14:52 | 001,111,880 | ---- | M] (Wisair Ltd.) [Auto | Stopped] -- C:\Program Files\devolo Vianect AIR Manager\Components\Association\CableAssociation.exe -- (CableAssociation)
SRV - [2010.05.12 15:13:00 | 005,105,000 | ---- | M] (DisplayLink Corp.) [Auto | Stopped] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2009.07.21 13:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 15:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.11.21 10:42:08 | 000,040,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe -- (DeviceManager)
SRV - [2008.11.11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.03.26 18:48:48 | 000,021,888 | ---- | M] (libusb-Win32) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DisplayLinkUsbPort_5.3.24903.0.sys -- (DisplayLinkUsbPort)
DRV - [2011.01.05 22:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.01.04 16:10:54 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.12.24 08:53:25 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.12.21 06:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.12.21 06:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.12.21 06:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.05.12 15:13:26 | 000,171,632 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dlkmd.sys -- (dlkmd)
DRV - [2010.05.12 15:13:26 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV - [2010.05.10 12:37:52 | 000,142,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_RCI.SYS -- (HWARadio)
DRV - [2010.05.10 12:37:38 | 000,483,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_DWA.SYS -- (DWA)
DRV - [2010.05.10 12:37:14 | 000,794,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_HWA.SYS -- (hwa)
DRV - [2010.05.10 12:02:28 | 000,046,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_USF.sys -- (WSR_USF)
DRV - [2010.04.18 11:56:40 | 000,098,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_CBA.SYS -- (TunnelDrv)
DRV - [2010.02.21 18:46:42 | 000,049,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSR_TBF.sys -- (DLCopyFilter)
DRV - [2009.11.25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.09.19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.09.19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009.09.19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.09.19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.05.11 09:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 09:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.10.22 17:50:44 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.01.21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008.01.14 11:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.12.20 15:55:05 | 003,478,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.10.01 07:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007.09.26 23:03:42 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.08.09 04:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 19:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.20 21:51:27 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.06.20 21:49:06 | 000,049,664 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.04.11 17:18:33 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.01.24 11:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.22 10:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.02.07 12:52:57 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer Inc.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer Inc.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "google.at"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: cnextend@babelphish.net:1.4.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "google.at"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Berat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Berat\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Berat\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv522.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.11.04 13:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.01 17:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.01 17:31:28 | 000,000,000 | ---D | M]
[2009.11.18 16:00:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berat\AppData\Roaming\mozilla\Extensions
[2012.02.15 19:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions
[2012.02.12 18:18:44 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011.09.17 10:39:19 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012.02.12 18:18:42 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.03.29 17:50:48 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.12 18:18:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012.02.12 18:18:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.05.25 12:28:40 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.04.24 11:18:34 | 000,000,000 | ---D | M] ("CNExtend") -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\cnextend@babelphish.net
[2011.03.25 14:59:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\engine@conduit.com
[2011.11.06 12:53:37 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\ffxtlbr@babylon.com
[2011.09.13 12:05:59 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Berat\AppData\Roaming\mozilla\Firefox\Profiles\g4impjmr.default\extensions\toolbar@ask.com
[2011.08.31 10:25:56 | 000,000,923 | ---- | M] () -- C:\Users\Berat\AppData\Roaming\Mozilla\Firefox\Profiles\g4impjmr.default\searchplugins\conduit.xml
[2011.05.27 12:28:54 | 000,003,915 | ---- | M] () -- C:\Users\Berat\AppData\Roaming\Mozilla\Firefox\Profiles\g4impjmr.default\searchplugins\SweetIM Search.xml
[2011.05.25 12:28:35 | 000,003,915 | ---- | M] () -- C:\Users\Berat\AppData\Roaming\Mozilla\Firefox\Profiles\g4impjmr.default\searchplugins\sweetim.xml
[2012.02.15 19:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.08.21 08:54:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.12 11:11:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.15 09:58:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.05.08 13:31:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.10.27 15:34:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.08 22:04:55 | 001,447,344 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv522.dll
[2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.10.22 22:22:22 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.06 12:53:27 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.10.22 22:22:22 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.22 22:22:22 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.22 22:22:22 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.22 22:22:22 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101287&mntrId=08e15996000000000000001f3c87b1c1
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Berat\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Berat\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Berat\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Flatcast Viewer Plugin 5.2.2.454 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFv522.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DSStorageBalancer = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckplgojbgdomekllihgghmjehhpgdhhf\1.0_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: TW Massrecruitment = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfeeicngjpeepmloeclapkmbmcipleb\1.0_0\
CHR - Extension: DS - Marktvorschlag = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\idjfkbihgamcdnbanhcckadahlbcfnbc\1.0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: DS Market-Balancer = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhahieindcfmhpgoeaihbmlefebagmmj\1.0\
CHR - Extension: DS Assistent = C:\Users\Berat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjcjaegjhjfjihhlkilkpfbbbebajkma\1.0_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Berat\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [Athan] C:\Program Files\Athan\Athan.exe (IslamicFinder: Accurate Prayer Times, Athan (Azan), Mosques (Masjids), Islamic Center, Muslim Owned Businesses, Hijri Calendar, Islamic Directory worldwide.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WirelessUSBManager] C:\Program Files\devolo Vianect AIR Manager\Components\WirelessUSBManager\WirelessUSBManager.exe (Wisair Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Berat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Berat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My_AutoWarkey_Script.lnk = C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Berat\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} hxxp://92.51.137.94/objects/NpFv522.dll (Flatcast Viewer 5.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AA965A5-98FC-459C-B85C-C841DD139F12}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F009357B-70D0-4094-852E-2A8073318276}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Berat\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Berat\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f26ee65-f300-11de-b53e-001f3c87b1c1}\Shell - "" = AutoRun
O33 - MountPoints2\{1f26ee65-f300-11de-b53e-001f3c87b1c1}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{37ef8d90-0f35-11e0-8172-001f3c87b1c1}\Shell - "" = AutoRun
O33 - MountPoints2\{37ef8d90-0f35-11e0-8172-001f3c87b1c1}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{37ef8d90-0f35-11e0-8172-001f3c87b1c1}\Shell\install\command - "" = F:\autorun.exe
O33 - MountPoints2\{5a38a859-b8c3-11df-8eb6-0023543d52cc}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\jrZIem.Exe
O33 - MountPoints2\{e04ae476-7cfb-11df-8377-0023543d52cc}\Shell - "" = AutoRun
O33 - MountPoints2\{e04ae476-7cfb-11df-8377-0023543d52cc}\Shell\AutoRun\command - "" = G:\DPFMate.exe
O33 - MountPoints2\{fdfa83f6-7e8a-11df-85dd-0023543d52cc}\Shell - "" = AutoRun
O33 - MountPoints2\{fdfa83f6-7e8a-11df-85dd-0023543d52cc}\Shell\AutoRun\command - "" = F:\DPFMate.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\steam.exe (Valve Corporation)
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2012.02.15 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Berat\AppData\Roaming\Malwarebytes
[2012.02.15 19:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.15 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.15 19:23:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.15 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.15 16:26:50 | 000,000,000 | ---D | C] -- C:\Users\Berat\AppData\Roaming\froot
[2012.02.09 20:54:56 | 000,000,000 | ---D | C] -- C:\Users\Berat\Desktop\Neuer ship
[2007.01.24 11:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
========== Files - Modified Within 30 Days ==========
[2012.02.15 19:26:31 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\bsfl.sys
[2012.02.15 19:23:27 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.15 19:03:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.15 18:56:32 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.15 18:56:28 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.15 18:56:28 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.15 18:56:25 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012.02.15 18:43:27 | 000,001,356 | ---- | M] () -- C:\Users\Berat\AppData\Local\d3d9caps.dat
[2012.02.15 16:14:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.15 16:07:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3376503035-571490600-4091970899-1000UA.job
[2012.02.15 16:00:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3376503035-571490600-4091970899-1000UA.job
[2012.02.15 15:20:43 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Berat.job
[2012.02.15 10:33:22 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{090556A9-9463-4EF4-B44A-E01CAA503B5F}.job
[2012.02.15 10:16:38 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.02.14 21:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3376503035-571490600-4091970899-1000Core.job
[2012.02.10 17:07:39 | 000,114,688 | ---- | M] () -- C:\Users\Berat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.09 10:02:23 | 000,002,049 | ---- | M] () -- C:\Users\Berat\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2012.02.15 19:26:31 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\bsfl.sys
[2012.02.15 19:23:27 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011.06.13 15:27:08 | 000,000,000 | ---- | C] () -- C:\Users\Berat\AppData\Local\{7B73C18E-B118-41FC-A318-6B0ACFFD228F}
[2011.03.26 18:48:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd9.dll
[2011.03.26 18:48:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dlumd10.dll
[2011.01.04 23:09:26 | 000,000,532 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.04 16:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.04 16:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 16:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 16:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 16:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.12.26 17:47:49 | 000,081,738 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.09.09 18:48:03 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.09.09 18:48:03 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.05.31 20:11:57 | 000,000,012 | ---- | C] () -- C:\Users\Berat\AppData\Roaming\vqdlkr.dat
[2010.05.16 16:31:04 | 000,000,016 | ---- | C] () -- C:\Users\Berat\AppData\Roaming\qvjsge.dat
[2010.05.10 12:37:52 | 000,142,848 | ---- | C] () -- C:\Windows\System32\drivers\WSR_RCI.SYS
[2010.05.10 12:37:38 | 000,483,328 | ---- | C] () -- C:\Windows\System32\drivers\WSR_DWA.SYS
[2010.05.10 12:37:14 | 000,794,624 | ---- | C] () -- C:\Windows\System32\drivers\WSR_HWA.SYS
[2010.05.10 12:02:28 | 000,046,720 | ---- | C] () -- C:\Windows\System32\drivers\WSR_USF.sys
[2010.04.18 11:56:40 | 000,098,944 | ---- | C] () -- C:\Windows\System32\drivers\WSR_CBA.SYS
[2010.02.21 18:46:42 | 000,049,792 | ---- | C] () -- C:\Windows\System32\drivers\WSR_TBF.sys
[2010.01.28 22:59:20 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.12.28 00:05:26 | 000,001,356 | ---- | C] () -- C:\Users\Berat\AppData\Local\d3d9caps.dat
[2009.11.22 13:16:09 | 000,000,430 | ---- | C] () -- C:\Users\Berat\AppData\Roaming\burnaware.ini
[2009.11.20 21:35:02 | 000,114,688 | ---- | C] () -- C:\Users\Berat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.15 18:03:53 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2008.08.15 18:03:50 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008.08.15 18:03:39 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2008.08.15 17:58:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008.08.15 17:56:01 | 000,000,024 | ---- | C] () -- C:\Windows\System32\ChkMail.ini
[2008.08.15 16:24:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.04.16 12:11:34 | 000,618,430 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.01.21 03:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2007.12.20 15:02:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.12.20 14:33:43 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.11.08 10:54:33 | 000,159,146 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.10.01 07:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007.08.06 10:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007.05.09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,371,248 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== LOP Check ==========
[2011.11.06 12:53:26 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\Babylon
[2011.11.06 12:54:10 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\Canneverbe Limited
[2011.09.23 17:26:30 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.09.17 10:39:18 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\Complitly
[2010.12.24 09:13:09 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\DAEMON Tools Lite
[2010.06.02 23:54:37 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\DeepBurner
[2011.07.29 14:31:30 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\DVDVideoSoft
[2011.03.29 17:50:47 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.15 19:26:31 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\froot
[2011.09.11 22:05:48 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\ManyCam
[2011.11.06 12:53:56 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\OpenCandy
[2010.09.09 19:04:13 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\PC Suite
[2010.09.09 18:44:40 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\Samsung
[2012.02.13 19:49:31 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\SmsDiscount
[2011.10.14 17:05:43 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\TeamViewer
[2010.12.27 14:07:48 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\TS3Client
[2011.11.06 12:54:22 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\Uniblue
[2011.01.02 15:16:55 | 000,000,000 | ---D | M] -- C:\Users\Berat\AppData\Roaming\wsIRC
[2012.02.15 18:56:25 | 000,000,260 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012.01.08 04:07:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3376503035-571490600-4091970899-1000Core.job
[2012.02.15 16:07:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3376503035-571490600-4091970899-1000UA.job
[2012.02.14 23:31:07 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.15 10:33:22 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{090556A9-9463-4EF4-B44A-E01CAA503B5F}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.11.18 14:50:21 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2008.04.16 12:27:15 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.08.15 17:04:47 | 000,000,000 | ---D | M] -- C:\Intel
[2008.08.15 16:26:15 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.15 19:23:25 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.02.15 19:23:26 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.08.15 17:48:47 | 000,000,000 | ---D | M] -- C:\RaidTool
[2012.02.14 11:30:06 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.01.15 16:24:45 | 000,000,000 | ---D | M] -- C:\Temp
[2009.11.18 14:44:26 | 000,000,000 | R--D | M] -- C:\Users
[2011.12.15 10:52:17 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTOR.SYS >
[2007.09.29 16:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 16:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007.09.29 16:03:11 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
< MD5 for: USER32.DLL >
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2010.09.08 14:55:56 | 000,096,969 | ---- | M] () -- C:\Users\Berat\00322294000955.png
[2010.02.12 04:26:49 | 000,010,632 | ---- | M] () -- C:\Users\Berat\bekim kumanova.jpg
[2010.10.09 02:18:26 | 000,038,822 | ---- | M] () -- C:\Users\Berat\linz_1242_00066.jpg
[2012.02.15 19:32:23 | 004,718,592 | -HS- | M] () -- C:\Users\Berat\ntuser.dat
[2012.02.15 19:32:23 | 000,262,144 | -H-- | M] () -- C:\Users\Berat\ntuser.dat.LOG1
[2009.11.18 14:44:27 | 000,000,000 | -H-- | M] () -- C:\Users\Berat\ntuser.dat.LOG2
[2010.01.05 02:07:58 | 000,065,536 | -HS- | M] () -- C:\Users\Berat\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.01.05 02:07:58 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.11.18 16:14:53 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2011.02.12 08:59:43 | 000,065,536 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{40d64492-f996-11de-87a6-001f3c87b1c1}.TM.blf
[2011.02.12 08:59:43 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{40d64492-f996-11de-87a6-001f3c87b1c1}.TMContainer00000000000000000001.regtrans-ms
[2010.01.05 02:15:28 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{40d64492-f996-11de-87a6-001f3c87b1c1}.TMContainer00000000000000000002.regtrans-ms
[2011.09.25 19:52:06 | 000,065,536 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{4cca7e25-36a1-11e0-8c60-001f3c87b1c1}.TM.blf
[2011.09.25 19:52:06 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{4cca7e25-36a1-11e0-8c60-001f3c87b1c1}.TMContainer00000000000000000001.regtrans-ms
[2011.02.12 16:39:42 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{4cca7e25-36a1-11e0-8c60-001f3c87b1c1}.TMContainer00000000000000000002.regtrans-ms
[2012.02.15 18:55:34 | 000,065,536 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{7f80f0a5-e7a9-11e0-9d74-c1bba3e9be8d}.TM.blf
[2012.02.15 18:55:34 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{7f80f0a5-e7a9-11e0-9d74-c1bba3e9be8d}.TMContainer00000000000000000001.regtrans-ms
[2011.09.25 20:35:09 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{7f80f0a5-e7a9-11e0-9d74-c1bba3e9be8d}.TMContainer00000000000000000002.regtrans-ms
[2011.09.25 20:17:30 | 000,065,536 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{de91361a-e7a6-11e0-8f18-d6d1de520e52}.TM.blf
[2011.09.25 20:17:30 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{de91361a-e7a6-11e0-8f18-d6d1de520e52}.TMContainer00000000000000000001.regtrans-ms
[2011.09.25 20:05:48 | 000,524,288 | -HS- | M] () -- C:\Users\Berat\ntuser.dat{de91361a-e7a6-11e0-8f18-d6d1de520e52}.TMContainer00000000000000000002.regtrans-ms
[2009.11.18 14:44:27 | 000,000,020 | -HS- | M] () -- C:\Users\Berat\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
Extra: Code:
OTL Extras logfile created on: 15.02.2012 19:29:15 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Berat\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,38% Memory free
6,19 Gb Paging File | 5,93 Gb Available in Paging File | 95,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133,87 Gb Total Space | 45,27 Gb Free Space | 33,81% Space Free | Partition Type: NTFS
Drive D: | 89,25 Gb Total Space | 87,74 Gb Free Space | 98,31% Space Free | Partition Type: NTFS
Computer Name: BERAT-PC | User Name: Berat | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B179399-4544-4852-9BD6-F2661F1BF647}" = lport=445 | protocol=6 | dir=in | app=system |
"{14219EA2-38E7-4F7A-A682-4B39D18EA002}" = rport=137 | protocol=17 | dir=out | app=system |
"{2B16C6CE-A5CC-4CB5-A7AA-0AD596E573FC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{35323782-09B6-4AAB-A9B6-1C74B6221796}" = rport=138 | protocol=17 | dir=out | app=system |
"{53141A96-39EE-48C4-9999-DC1617EA39BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{5D9676F9-FDC1-43B8-9355-37F8C1AECFB0}" = rport=445 | protocol=6 | dir=out | app=system |
"{782F6F60-290F-474B-B541-6BCDC84B31B9}" = lport=139 | protocol=6 | dir=in | app=system |
"{7B101F2D-C696-4F8E-8216-3A36B7521265}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7CAB9CDA-A403-4349-B288-487B9A44BA0C}" = lport=137 | protocol=17 | dir=in | app=system |
"{83A3EA7A-61E2-4924-88B0-93897D14C1F6}" = lport=138 | protocol=17 | dir=in | app=system |
"{99576FE1-DE61-4C92-A811-AB284EFE2347}" = rport=139 | protocol=6 | dir=out | app=system |
"{DB23FB6E-72C5-453C-AAB6-DE3DA31E79BF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DB40C60D-9F22-421E-8680-45994A41998E}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095C4FF8-3621-4888-81D0-44CBE53D049C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{1CD3AA9E-E57E-4D71-BE4D-5CFB13A2DB3B}" = protocol=6 | dir=in | app=c:\users\berat\downloads\sweetimsetup(4).exe |
"{216ED0D4-3CD4-4A27-9DB8-C891C10C2B14}" = protocol=17 | dir=in | app=c:\users\berat\downloads\sweetimsetup.exe |
"{2426DF62-C530-46C8-8192-C9385A66B530}" = protocol=6 | dir=in | app=c:\users\berat\downloads\sweetimsetup(3).exe |
"{246F45B8-760F-4582-8815-D0DBC4A4BB4F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{33D82010-AA34-41B6-AB99-ADDE3037E606}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{558360F4-C99E-483B-890A-E4A7859EB4A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C43802A-16BE-4952-B185-E6A77EE6027D}" = protocol=17 | dir=in | app=c:\users\berat\downloads\sweetimsetup(4).exe |
"{5CFB7F63-E4EC-41C2-8A2D-E842512A76DC}" = protocol=17 | dir=in | app=c:\users\berat\downloads\sweetimsetup(3).exe |
"{5F605075-98A1-44B6-BAD8-D968E14493F2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{616A600D-3234-44E5-872F-03D60D55A44A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6594D1DF-7727-49F6-8C66-2477F0289DB8}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{6A2ED1CF-A105-4E25-9B00-89B7518FC9F6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{6E45622A-401D-49D0-A3D5-1E97100A566A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{6F7E9181-0EA0-4C9E-91F0-3B861B47FF46}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{7CEB15C1-46CB-40F5-9589-8EAA908C7EBB}" = dir=in | app=c:\users\berat\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{87A1674F-6304-45B8-B2C5-3D3D361B7C76}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{954D7977-756E-4EE7-AA29-08236FEB5D06}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{95E0A4E1-1AA4-42A0-8EB8-7EE8479EFF45}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{972032A0-5619-44EF-BAA6-E6DF737D7628}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{98A5A84A-1F6C-4CA4-96A3-E84A610730E6}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{9A10A49D-3E8A-479E-AE30-DC861BA01065}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A143B558-67A7-4940-8ADA-74F1597F8FA4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{A4D87FE2-45D3-4D71-9298-126B3F62D5EC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{A8B0B3BF-C1F6-42AB-B686-C72AF7E74F5E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{B0F5A85E-4FAE-4C44-BFA9-65B84C938E24}" = protocol=17 | dir=in | app=c:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe |
"{B2431A8D-F9FA-4C5C-B663-0D8969764B9B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C11EAD8A-EECC-47DF-BA59-BE52B90C8588}" = protocol=6 | dir=in | app=e:\hiw\stinstall.exe |
"{C7E57A3B-5486-477D-8BF5-F2D59FFB673B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C811C791-ABB7-4208-BFE8-EF1986EDD343}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE74CF4D-66D5-4345-816A-A81D96E09A2B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{D2FC39EB-5A25-4511-9C0B-A644CA30B050}" = protocol=17 | dir=in | app=e:\hiw\stinstall.exe |
"{E6819C98-8AB9-457F-9461-38E54929056E}" = protocol=6 | dir=in | app=c:\users\berat\downloads\sweetimsetup.exe |
"{ED3D21E9-3CCD-4EFA-981C-13B82072C1F3}" = protocol=6 | dir=in | app=c:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe |
"{FB54E73F-C4E9-4E81-A3FA-0BD71011DD3E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{FE6A5130-BEAF-432D-992D-4D92AEFEB22A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{17D4B02F-1445-4780-9DB6-B71E93CD811C}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{30143B5E-7517-4712-9571-034E542572CF}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{84A8D46E-DD3B-4387-8B9D-A686CDAB5E60}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{A2228783-39CC-40DB-859D-C4B99F869E3E}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{F933CEA4-B78B-43A4-91EB-3549F66CF7C9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{424C64A5-206E-40E7-B012-970213BAFCE1}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7DEA36BB-4FEC-4DBD-92A4-73CFCF5ED2A0}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{A84C00BE-ED2E-4D4A-BBA7-3F62A46710BE}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{DF2C465D-13AC-46D4-80E3-DF8297DFEDD5}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{FA2615A3-76D9-4CF1-8895-5DA6FFBC6D4E}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{025F9C8B-27B3-76B0-08E8-4EB918DE287B}" = Catalyst Control Center Localization Dutch
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0813BDD1-7E8E-4F18-A13C-037CDD7F9A48}" = Catalyst Control Center Localization Chinese Traditional
"{0B3ED35F-3BDC-72FE-3477-A7CA54325F06}" = CCC Help Chinese Traditional
"{0B950F52-0FD9-C679-6FD0-C4D4F43ACA3E}" = Catalyst Control Center Localization Greek
"{0E4DC8EF-9438-AEEF-A042-851C2EA86FEA}" = Catalyst Control Center Localization Finnish
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1A915E9E-75A0-5FD6-53C3-D2E5EDA27B52}" = Catalyst Control Center Localization Polish
"{1BDCA62C-699A-A3C2-57C6-D496414BA297}" = Catalyst Control Center Graphics Full New
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1CE34A07-F95C-C749-B8FB-10BEFBB5D917}" = Catalyst Control Center Localization Swedish
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22AD2DF3-00C4-68EB-8D2A-C5AC60BDA907}" = CCC Help Greek
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect
"{24339461-1E3B-290E-613E-B0B234B64ABE}" = Catalyst Control Center Localization Japanese
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{27DB888F-A703-E898-6261-D84260EF93DA}" = Catalyst Control Center Core Implementation
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{337C0055-BE59-63E5-72AE-DAED46ED980B}" = CCC Help Korean
"{342D2010-703F-2098-441E-F96F532EBD09}" = CCC Help Chinese Standard
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3A9A74B7-DAE0-EB01-E51A-D2A6720CF135}" = CCC Help Japanese
"{3E7CE151-F6EC-8550-9B73-427F6A89AC42}" = CCC Help Polish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45936E5D-5CEB-A100-8694-B62523FD99C6}" = Catalyst Control Center Localization German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE52CD7-9B51-F4D8-ED51-8E89324F3EBD}" = Catalyst Control Center Localization Norwegian
"{4EE9DA0A-4CED-1FB9-3231-24C85855A387}" = Catalyst Control Center Localization Spanish
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{50DD51CF-31D8-7831-D4E8-E13E0A736D93}" = Catalyst Control Center Localization Russian
"{52159193-1EA1-B129-7C03-7120CB0C502E}" = CCC Help Portuguese
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52E43F33-7D7C-3209-0539-1B2A43010E0D}" = Catalyst Control Center Localization Turkish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{58752780-E21C-A458-2397-BD8D5E3CB0C1}" = Catalyst Control Center Localization Portuguese
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6602C18D-52EC-BB1F-C3B9-EFF2F1463A58}" = Catalyst Control Center Localization Thai
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = devolo Vianect AIR Manager
"{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}" = ccc-Branding
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77AD4A77-F70F-84BC-B52B-91DAB868EF27}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.1.0
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{84C176F9-1DAE-803C-5993-CF8703AE5841}" = Adobe Download Assistant
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{872717DD-EE82-F142-4DF7-0308772A8DE4}" = ccc-utility
"{88D44595-9B8E-38FF-7CD9-F5A1423BA2D6}" = Catalyst Control Center Graphics Light
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8D3D4041-DA1D-F814-B37E-ABF774556DAA}" = Catalyst Control Center Localization Italian
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900F0963-B211-5692-EEEC-4DFF6F7321F6}" = CCC Help Swedish
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91AA9814-7B89-DA53-5FCA-EBDCDAC4F611}" = CCC Help Italian
"{92C98289-5C00-4A4E-03ED-6E59F7D73435}" = Catalyst Control Center Localization Chinese Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97C9E93A-7DEA-37C2-50F0-E6172D91DEE6}" = CCC Help German
"{97F73E68-213C-6F88-A590-9C600186E36C}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF9D522-7FA6-D442-9769-558E3B4503F0}" = Skins
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB870B63-94EF-0B0A-340E-62CAF5D48B17}" = CCC Help French
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B6512E97-FFA8-6A76-4B07-036784E56A7B}" = Catalyst Control Center Localization Czech
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B8F1FA25-D1F3-5DEB-5AE2-18E72A2955CA}" = Catalyst Control Center Localization Danish
"{B935DAF9-605C-A1F8-7A4E-BE87E82B7237}" = CCC Help Norwegian
"{C0BAF48F-940E-7AC7-63B3-BDFAF8A6CCA5}" = CCC Help Thai
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1B22596-9F6C-6795-F374-D6843ABA8A9A}" = Catalyst Control Center Localization Korean
"{C1D783C5-D3ED-D03E-59CE-1FCC0C059B0F}" = ATI Catalyst Install Manager
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C376495E-6F9D-2A3A-329E-960682A22B3B}" = Catalyst Control Center Localization Hungarian
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6FB5BC4-823A-FE8B-01CB-3A7F51B4C9C2}" = ccc-core-static
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02505DA-696D-4114-84F7-72A468A074B9}" = devolo Vianect AIR TV
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D8438AE5-4BE7-CEC7-D0AA-189B34C4628F}" = CCC Help Dutch
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF4EB70F-6EBF-AD9E-AF89-D1398A284C86}" = Catalyst Control Center Graphics Previews Common
"{E037311F-0715-DB85-4394-6B09A66605C0}" = CCC Help Spanish
"{E1D0A2DB-9B8D-E7B1-295B-DDAB0B9A423F}" = Catalyst Control Center Localization French
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAF8F949-849D-9E39-2A86-0DB83A90405B}" = Catalyst Control Center Graphics Full Existing
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EDFE36E7-B60E-BF8E-F2DF-0DD61B1E3CAE}" = CCC Help Hungarian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F656696C-CF30-03E5-03A8-05078E02ACEB}" = CCC Help Danish
"{F6CAF803-A534-705F-A673-A04FCEC5AFC9}" = CCC Help Russian
"{F7F10613-0F49-4001-AC23-B6F5163F838D}" = DisplayLink Core Software
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"{FCABF3BF-D716-980B-F463-32D5734A3DB4}" = CCC Help English
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE0C4C63-56C1-087C-3404-C547405FCEA7}" = Catalyst Control Center Graphics Previews Vista
"{FE44D8AC-80B2-A8BA-291F-59109DE96C11}" = CCC Help Turkish
"2EFF310ED3BF3BFB24E6CC25AEB5491813E56803" = Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"AC3Filter" = AC3Filter (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Athan" = Athan Basic 4.2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"BurnAware Free_is1" = BurnAware Free 2.4.1
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"conduitEngine" = Conduit Engine
"Die Gilde Gold Update v. 2.06 " = Die Gilde Gold Update v. 2.06
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"DivX Setup.divx.com" = DivX-Setup
"DotAlicious Gaming Client" = DotAlicious Gaming Client
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.5.722
"Freecorder Toolbar" = Freecorder Toolbar
"Freecorder4.12" = Freecorder 4
"Freecorder5.05" = Freecorder 5
"Garena" = Garena 2010
"HSPA USB MODEM ALCATEL_is1" = HSPA USB MODEM
"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = devolo Vianect AIR Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"ManyCam" = ManyCam 2.6.55 (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.26)" = Mozilla Firefox (3.6.26)
"NSS" = Norton Security Scan
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 12.0" = RealPlayer
"SmsDiscount_is1" = SmsDiscount
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Steam App 570" = Dota 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB MP3 Player WIN98 Drivers" = USB MP3 Player WIN98 Drivers
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.18.1.0b
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.11.2010 03:55:21 | Computer Name = Berat-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2010 11:37:18 | Computer Name = Berat-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.11.2010 11:37:18 | Computer Name = Berat-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 17.11.2010 11:38:19 | Computer Name = Berat-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2010 18:36:07 | Computer Name = Berat-PC | Source = EventSystem | ID = 4621
Description =
Error - 18.11.2010 05:23:51 | Computer Name = Berat-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 05:23:51 | Computer Name = Berat-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 18.11.2010 05:24:56 | Computer Name = Berat-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2010 08:50:25 | Computer Name = Berat-PC | Source = EventSystem | ID = 4621
Description =
Error - 18.11.2010 09:39:51 | Computer Name = Berat-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ OSession Events ]
Error - 24.05.2010 13:17:44 | Computer Name = Berat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 51
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.02.2011 19:15:48 | Computer Name = Berat-PC | Source = DCOM | ID = 10010
Description =
Error - 21.02.2011 02:51:38 | Computer Name = Berat-PC | Source = HTTP | ID = 15016
Description =
Error - 21.02.2011 02:52:24 | Computer Name = Berat-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 21.02.2011 18:47:25 | Computer Name = Berat-PC | Source = DCOM | ID = 10010
Description =
Error - 22.02.2011 05:52:49 | Computer Name = Berat-PC | Source = HTTP | ID = 15016
Description =
Error - 22.02.2011 05:53:29 | Computer Name = Berat-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 22.02.2011 18:37:32 | Computer Name = Berat-PC | Source = DCOM | ID = 10010
Description =
Error - 23.02.2011 04:13:28 | Computer Name = Berat-PC | Source = HTTP | ID = 15016
Description =
Error - 23.02.2011 04:14:06 | Computer Name = Berat-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 23.02.2011 07:06:10 | Computer Name = Berat-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 23.02.2011 um 12:01:18 unerwartet heruntergefahren.
< End of report >
|
