Danke ryder!
1.ADW-cleaner Code:
# AdwCleaner v2.007 - Datei am 13/11/2012 um 21:21:34 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : herds - HERDS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\herds\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : Browser Manager
***** [Dateien / Ordner] *****
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\herds\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\herds\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gelöscht : C:\Users\herds\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_8&babsrc=HP_ss&mntrId=2a96a560000000000000f07bcb4f779d --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\herds\AppData\Roaming\Mozilla\Firefox\Profiles\o9xeavvl.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [2991 octets] - [13/11/2012 21:21:34]
########## EOF - C:\AdwCleaner[S1].txt - [3051 octets] ##########
2. otl
OTL Logfile: Code:
OTL logfile created on: 13.11.2012 21:30:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\herds\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 66,67% Memory free
7,73 Gb Paging File | 6,15 Gb Available in Paging File | 79,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 360,18 Gb Free Space | 79,39% Space Free | Partition Type: NTFS
Computer Name: HERDS-PC | User Name: herds | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\herds\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe ()
PRC - C:\Program Files (x86)\PURE Flow Server\twonkymediaserverconfig.exe (PacketVideo)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Common\FSHDLL32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPC\fspcfsm.eng ()
MOD - \\?\c:\program files (x86)\unitymedia\sicherheitspaket\hips\fshook32.dll ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\strres.eng ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\gres.dll ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\flyerres.eng ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\fsavures.eng ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\about.dll ()
MOD - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\aboutres.dll ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FSDFWD) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (FSORSPClient) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (PURE Flow Server) -- C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (FSMA) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (fsbts) -- C:\Windows\SysNative\drivers\fsbts.sys ()
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\Windows\SysWOW64\drivers\fsbts.sys ()
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys ()
DRV - (fsvista) -- C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360512f135l04h4z1k5t4552j833
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360512f135l04h4z1k5t4552j833
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360512f135l04h4z1k5t4552j833
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360512f135l04h4z1k5t4552j833
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360512f135l04h4z1k5t4552j833
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE483
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\Unitymedia\Sicherheitspaket\NRS\litmus-ff@f-secure.com [2012.10.08 17:54:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.13 18:30:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.11.12 19:49:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\herds\AppData\Roaming\mozilla\Extensions
[2012.11.12 20:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\herds\AppData\Roaming\mozilla\Firefox\Profiles\o9xeavvl.default\extensions
[2012.11.12 20:55:23 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\herds\AppData\Roaming\mozilla\Firefox\Profiles\o9xeavvl.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2012.11.12 20:14:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\herds\AppData\Roaming\mozilla\Firefox\Profiles\o9xeavvl.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.11.12 19:55:52 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\herds\AppData\Roaming\mozilla\firefox\profiles\o9xeavvl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.13 18:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Unitymedia\Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000..\Run: [EPSON SX235 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\herds\AppData\Local\Temp\E_SD4A0.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4062206966-1587931545-2390236518-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\fslsp_x64.dll (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\Unitymedia\Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51AFCC4E-6474-4320-9B17-CB56B686B3AB}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C6ED73F-D686-4B04-812E-9405C7BD3CC0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - Service
SafeBootMin:64bit: MCODS - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: mcmscsvc - Service
SafeBootNet:64bit: MCODS - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.11.13 18:30:23 | 000,000,000 | ---D | C] -- C:\Users\herds\AppData\Local\Mozilla
[2012.11.13 18:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.13 18:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.12 22:24:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.11.12 19:49:28 | 000,000,000 | ---D | C] -- C:\Users\herds\AppData\Roaming\Mozilla
[2012.11.12 19:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.11.12 19:11:54 | 000,000,000 | ---D | C] -- C:\Users\herds\AppData\Local\Programs
[2012.10.25 19:02:09 | 000,000,000 | ---D | C] -- C:\Users\herds\Documents\Amazon MP3
[2012.10.22 23:00:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.10.15 18:18:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2012.10.15 18:17:36 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudserd.sys
[2012.10.15 18:17:36 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012.10.15 18:17:35 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2010.03.02 11:47:50 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2012.11.13 21:29:48 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.13 21:29:48 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.13 21:27:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.13 21:22:49 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.13 21:22:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.13 21:22:22 | 3113,308,160 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.13 21:18:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.13 18:30:17 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.12 22:24:47 | 475,299,151 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.11.11 11:28:37 | 001,520,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.11 11:28:37 | 000,661,294 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.11 11:28:37 | 000,623,136 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.11 11:28:37 | 000,133,250 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.11 11:28:37 | 000,109,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
========== Files Created - No Company Name ==========
[2012.11.13 18:30:17 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.13 18:30:17 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.12 22:24:47 | 475,299,151 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.07.08 19:23:45 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\Users\herds\AppData\Roaming\MIDI Patch Names
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\Users\herds\AppData\Roaming\MIDI Drivers
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\Users\herds\AppData\Roaming\MIDI Devices
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Master
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Mallets
[2012.07.08 19:00:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Mail
[2012.07.08 19:00:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.07.08 19:00:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012.07.08 19:00:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.06.09 12:40:29 | 000,033,408 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012.06.09 12:39:49 | 001,543,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.08 18:30:49 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.09 20:34:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.07.01 21:53:10 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Amazon
[2012.06.09 12:12:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Dropbox
[2012.07.08 19:23:02 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Nikon
[2012.05.10 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\OpenOffice.org
[2012.09.24 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.05.09 18:42:01 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.05.09 18:42:42 | 000,000,000 | ---D | M] -- C:\book
[2012.11.12 20:15:33 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.03.02 11:40:49 | 000,000,000 | ---D | M] -- C:\Intel
[2010.03.02 11:54:55 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.06.07 19:24:08 | 000,000,000 | ---D | M] -- C:\Neuer Ordner
[2012.05.09 19:18:18 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.05.10 16:01:44 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.13 18:30:17 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.13 21:21:36 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.11.13 21:32:42 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.08.15 23:26:59 | 000,000,000 | ---D | M] -- C:\Temp
[2012.05.09 18:39:33 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.13 21:22:48 | 000,000,000 | ---D | M] -- C:\Windows
< %SYSTEMDRIVE%\*.* >
[2012.11.13 21:21:40 | 000,003,116 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010.03.02 11:32:58 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2008.04.11 09:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008.04.11 09:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008.04.11 09:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008.04.11 09:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008.04.11 09:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008.04.11 09:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008.04.11 09:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008.04.11 09:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008.04.11 09:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008.04.11 09:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008.04.11 09:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012.11.13 21:22:22 | 3113,308,160 | -HS- | M] () -- C:\hiberfil.sys
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008.04.11 09:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008.04.11 07:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008.04.11 07:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008.04.11 07:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008.04.11 07:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008.04.11 07:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008.04.11 07:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008.04.11 07:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008.04.11 09:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008.04.11 07:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008.04.11 07:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012.11.13 21:22:28 | 4151,078,912 | -HS- | M] () -- C:\pagefile.sys
[2010.03.02 11:46:55 | 000,003,274 | ---- | M] () -- C:\RHDSetup.log
[2008.04.11 09:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008.04.11 09:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008.04.11 09:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
< %PROGRAMFILES%\*.exe >
< %PROGRAMFILES(X86)%\*.exe >
< %systemroot%\*. /mp /s >
< %windir%\installer\*. /10 >
< %appdata%\*. >
[2012.05.15 21:05:42 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Adobe
[2012.07.01 21:53:10 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Amazon
[2012.07.15 13:39:43 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Apple Computer
[2012.05.09 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\ATI
[2012.06.09 12:12:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Dropbox
[2012.05.09 23:02:26 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Google
[2012.05.09 18:42:05 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Identities
[2012.05.09 18:42:43 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Intel Corporation
[2012.05.09 18:42:32 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Macromedia
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Media Center Programs
[2012.09.26 18:42:35 | 000,000,000 | --SD | M] -- C:\Users\herds\AppData\Roaming\Microsoft
[2012.11.12 19:49:41 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Mozilla
[2012.07.08 19:23:02 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Nikon
[2012.05.10 17:14:18 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\OpenOffice.org
[2012.09.24 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\Samsung
[2012.05.10 16:05:15 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Roaming\WinRAR
< %appdata%\*.* >
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\Users\herds\AppData\Roaming\MIDI Devices
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\Users\herds\AppData\Roaming\MIDI Drivers
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\Users\herds\AppData\Roaming\MIDI Patch Names
< %appdata%\*.exe /s >
[2012.07.08 19:01:44 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\herds\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2012.08.31 01:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.08.28 02:06:22 | 000,291,840 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesAgent.exe
[2012.08.31 01:52:14 | 000,278,968 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.08.31 01:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.08.28 02:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.08.28 02:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.08.28 02:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.08.31 01:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.07.30 13:17:10 | 000,057,344 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\RegisterCOM.exe
[2012.08.28 02:05:14 | 000,106,960 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 02:05:14 | 000,101,328 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 01:52:22 | 000,021,432 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 01:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.07.30 13:16:46 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.07.30 13:16:46 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.08.31 01:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.08.28 02:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.10.11 01:33:52 | 000,966,072 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.10.11 01:33:52 | 000,297,912 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.10.09 01:17:54 | 000,580,096 | ---- | M] (Samsung Electronics) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2012.10.11 01:33:56 | 000,277,432 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.10.11 01:33:54 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.09.27 07:19:08 | 000,171,008 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.09.27 07:21:52 | 000,325,120 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.10.10 06:06:28 | 000,689,152 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.10.11 01:33:56 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.10.11 01:34:04 | 000,063,416 | ---- | M] () -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.10.11 01:22:52 | 000,060,888 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2012.10.11 01:22:52 | 000,088,024 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.10.11 01:22:50 | 000,077,264 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.10.11 01:33:58 | 000,842,680 | ---- | M] (Samsung) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.10.11 01:34:00 | 003,767,312 | ---- | M] (Freeware) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.09.26 12:57:20 | 000,266,240 | ---- | M] (ENJsoft corp.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.09.26 12:57:20 | 000,102,400 | ---- | M] (ENJsoft corp.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.10.11 01:34:02 | 000,596,920 | ---- | M] (ml) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.09.26 12:57:10 | 014,754,760 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 01:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.10.11 01:34:02 | 000,596,920 | ---- | M] (ml) -- C:\Users\herds\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
< %localappdata%\*. >
[2012.05.15 21:06:55 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Adobe
[2012.05.09 18:39:33 | 000,000,000 | -HSD | M] -- C:\Users\herds\AppData\Local\Anwendungsdaten
[2012.07.11 22:32:32 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Apple Computer
[2012.05.09 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\ATI
[2012.07.10 21:39:31 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Diagnostics
[2012.08.15 19:41:16 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Downloaded Installations
[2012.05.09 18:42:33 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\EgisTec
[2012.10.03 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\ElevatedDiagnostics
[2012.10.08 18:18:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Google
[2012.06.11 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Macromedia
[2012.07.09 18:07:48 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Microsoft
[2012.05.09 19:05:23 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Microsoft Help
[2012.11.13 18:30:23 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Mozilla
[2012.07.08 19:23:02 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Nikon
[2012.11.12 19:11:54 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Programs
[2012.08.15 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Samsung
[2012.11.13 21:30:31 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\Temp
[2012.05.09 18:39:33 | 000,000,000 | -HSD | M] -- C:\Users\herds\AppData\Local\Temporary Internet Files
[2012.05.09 18:39:33 | 000,000,000 | -HSD | M] -- C:\Users\herds\AppData\Local\Verlauf
[2012.11.12 21:57:19 | 000,000,000 | ---D | M] -- C:\Users\herds\AppData\Local\VirtualStore
< %localappdata%\*.* >
[2012.05.10 16:22:20 | 000,085,160 | ---- | M] () -- C:\Users\herds\AppData\Local\GDIPFONTCACHEV1.DAT
[2012.11.13 21:21:50 | 006,940,827 | -H-- | M] () -- C:\Users\herds\AppData\Local\IconCache.db
< %localappdata%\*.exe /s >
[2012.09.27 22:56:18 | 000,895,464 | ---- | M] (Oracle Corporation) -- C:\Users\herds\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
[2012.09.21 09:14:50 | 000,888,472 | ---- | M] () -- C:\Users\herds\AppData\Local\Temp\MyClaroTB.exe
[2012.11.12 20:15:32 | 000,378,008 | ---- | M] (Babylon Ltd.) -- C:\Users\herds\AppData\Local\Temp\uninst1.exe
[2012.09.04 19:43:08 | 000,079,024 | ---- | M] (Yahoo! Inc.) -- C:\Users\herds\AppData\Local\Temp\ydetect.exe
[183 C:\Users\herds\AppData\Local\Temp\*.tmp files -> C:\Users\herds\AppData\Local\Temp\*.tmp -> ]
[2012.04.14 10:50:27 | 001,207,296 | ---- | M] (Google) -- C:\Users\herds\AppData\Local\Temp\._msigeplugin61\GoogleEarth.exe
[2012.04.14 10:22:15 | 000,071,680 | ---- | M] (Google) -- C:\Users\herds\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe
[2012.06.27 16:40:33 | 001,816,216 | ---- | M] (Babylon Ltd.) -- C:\Users\herds\AppData\Local\Temp\6F60BC7B-BAB0-7891-A119-0233AFB8E79A\Setup.exe
[2012.10.18 08:20:24 | 001,852,264 | ---- | M] (Claro LTD) -- C:\Users\herds\AppData\Local\Temp\6F60BC7B-BAB0-7891-A119-0233AFB8E79A\Latest\MyBabylonTB.exe
[2012.10.15 19:32:43 | 001,837,720 | ---- | M] (Babylon Ltd.) -- C:\Users\herds\AppData\Local\Temp\6F60BC7B-BAB0-7891-A119-0233AFB8E79A\Latest\Setup.exe
[2009.07.14 02:39:06 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Users\herds\AppData\Local\Temp\F928099F-4327-4A1B-B36E-3EF87AAE1E5F\DismHost.exe
[2009.07.14 02:39:25 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Users\herds\AppData\Local\Temp\gunAC\GU_test.exe
[2012.07.30 13:16:20 | 000,061,440 | ---- | M] ((주)마크애니) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\MaAgent.exe
[2012.07.30 13:16:20 | 000,032,768 | ---- | M] (MarkAny Co, Ltd) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\MaCSMgr.exe
[2012.07.30 13:16:20 | 000,065,536 | ---- | M] () -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\MAWebControl.exe
[2012.07.30 13:16:20 | 000,401,056 | ---- | M] (Marktek Inc.) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\MPXBox.exe
[2012.07.30 13:16:18 | 000,020,480 | ---- | M] ( ) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MAUpdate.exe
[2012.07.30 13:16:18 | 000,057,344 | ---- | M] ((주)마크애니) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe
[2012.07.30 13:16:18 | 000,126,976 | ---- | M] ((주)마크애니) -- C:\Users\herds\AppData\Local\Temp\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe
[2012.09.06 02:25:29 | 000,270,304 | ---- | M] (Mozilla Foundation) -- C:\Users\herds\AppData\Local\Temp\MozUpdater\updater.exe
[2012.10.23 19:36:32 | 000,270,816 | ---- | M] (Mozilla Foundation) -- C:\Users\herds\AppData\Local\Temp\MozUpdater-1\updater.exe
< %allusersprofile%\*. >
[2012.05.09 22:40:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer
[2012.08.25 10:17:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2012.07.08 18:58:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2012.07.08 18:59:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012.05.09 18:43:19 | 000,000,000 | ---D | M] -- C:\ProgramData\ATI
[2012.06.09 12:22:42 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2010.03.02 12:10:33 | 000,000,000 | ---D | M] -- C:\ProgramData\BackupManager
[2012.11.12 19:30:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Browser Manager
[2012.07.08 19:00:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Bubble Noise
[2012.07.08 19:00:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Carbon
[2012.07.08 19:00:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Clips
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010.03.02 12:13:00 | 000,000,000 | ---D | M] -- C:\ProgramData\EgisTec
[2012.07.08 19:00:26 | 000,000,000 | ---D | M] -- C:\ProgramData\EnterNHelp
[2012.07.06 23:17:02 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2010.03.02 12:10:59 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2012.06.09 12:39:48 | 000,000,000 | ---D | M] -- C:\ProgramData\f-secure
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012.06.09 12:38:35 | 000,000,000 | ---D | M] -- C:\ProgramData\fssg
[2010.03.02 12:03:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2012.05.09 22:33:45 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2012.05.09 18:42:33 | 000,000,000 | ---D | M] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2012.06.04 19:59:51 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2012.10.11 23:16:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2012.05.09 23:16:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2012.07.09 18:36:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Nikon
[2012.05.09 18:58:10 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM
[2012.07.02 22:43:05 | 000,000,000 | ---D | M] -- C:\ProgramData\PURE Flow Server
[2012.08.15 19:50:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2010.03.02 12:06:54 | 000,000,000 | ---D | M] -- C:\ProgramData\SiteAdvisor
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012.06.25 14:35:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2012.05.09 18:59:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012.07.08 19:00:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultima_T15
[2012.05.09 18:39:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
< %allusersprofile%\*.* >
[2009.07.18 03:57:22 | 000,036,136 | ---- | M] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Mail
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Mallets
[2012.07.08 19:00:26 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Master
[2012.07.08 19:00:26 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2012.09.29 00:36:51 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012.07.08 19:00:26 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
< %allusersprofile%\*.exe /s >
[2009.07.18 03:57:22 | 000,036,136 | ---- | M] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2012.05.18 19:03:13 | 000,509,552 | ---- | M] (Google Inc.) -- C:\ProgramData\Google\Google Toolbar\Update\gtbD56A.tmp.exe
[2012.05.09 18:58:59 | 000,053,319 | ---- | M] ( ) -- C:\ProgramData\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,612 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.09 23:23:11 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.05.18 19:05:55 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.05.18 19:05:56 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< End of report >
--- --- ---
3. extra
OTL Logfile: Code:
OTL Extras logfile created on: 13.11.2012 21:30:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\herds\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 66,67% Memory free
7,73 Gb Paging File | 6,15 Gb Available in Paging File | 79,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 360,18 Gb Free Space | 79,39% Space Free | Partition Type: NTFS
Computer Name: HERDS-PC | User Name: herds | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4062206966-1587931545-2390236518-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0121B90F-9B9D-4444-A6D9-B6AEAFCECA9D}" = lport=445 | protocol=6 | dir=in | app=system |
"{03206A3F-385B-417F-B3CE-1F32BE0A6ED3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04E4FD72-B3ED-4FA1-B4CC-ED888D7419F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{05A60216-CD3F-4953-8BB3-60E6977BA507}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0606702D-1EDC-453A-9FF4-DD924E3899E9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3BA1CA8C-1F7A-42AC-9B76-B895EA432D48}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F7A7A74-6ACA-4723-B4AC-76377564805C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59AE1D04-7C2B-4394-847A-5FA334F62830}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D9F3DAC-6B24-4656-943A-6D3792CB4A6A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7DE1D2E0-4EF6-48FA-8C12-26DFCB0B3C10}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7FE2D77C-34C7-45FE-8515-D04A10E5FDA2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F645DDD-3224-4370-81D7-64AC31307D5F}" = rport=139 | protocol=6 | dir=out | app=system |
"{93F22E9D-DA50-408E-89C2-7D549C8C5FDE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94FEDBE4-56DD-4B64-A804-997CD424C808}" = rport=445 | protocol=6 | dir=out | app=system |
"{98623561-70CD-4A95-AF4D-F778BF53BDAE}" = lport=137 | protocol=17 | dir=in | app=system |
"{992FB6ED-353D-461E-9C61-FC8EB27154CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A155DB92-93D6-49B9-BFF3-7305BFD4AEF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6EDF2FA-EB3E-49EB-BE6C-F58B31F7F877}" = rport=137 | protocol=17 | dir=out | app=system |
"{C1DBBBD6-9A29-4D0E-B9A9-2772A00C1044}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB458B8C-3CB8-4B37-A29A-0126417FFA8E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE6FEBE8-CA20-4105-84C1-A75871D79DB7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7D9CE07-F983-40AC-9241-31E1751C3EE8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D8656FA0-1964-4993-9B61-B42971A2036D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E50976EF-627A-4E96-93EF-ED2C6296B301}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F482816F-02DB-4107-B9E8-8603D6D2CE3C}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B7B972E-8EB9-4887-95E9-BADEBA0EFDAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1671B814-ED6B-4EFC-9545-E2D3A8FA8E11}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{1C06FC97-C023-404F-9423-3DFC9D2F355A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{204AAC99-1EDA-44CC-9CA0-05FCCB0E20F3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2122A3F6-7419-41B5-BE42-2FECBD7FFCAC}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{24DB170B-7218-4982-AB7D-40B8A92B62F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26BE05EB-D31B-4CFC-9F44-327DEF2A6D20}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{29051626-5DFF-48C6-9195-84D3EC5AF962}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F32D786-86D9-4E24-BBBA-81B2CF70DAD8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2F884A6F-F59E-4E65-950B-153D2EF571D8}" = protocol=6 | dir=in | app=c:\program files (x86)\pure flow server\twonkymediaserverwatchdog.exe |
"{3EB9AB66-1CDF-45FF-8D89-BFDF350B2D10}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{48C9BB2E-3F21-4BD2-ABA3-B324F14D02D8}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{504B79EE-5202-48FA-A16C-50404C001533}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{51F08166-C053-4895-ADC3-10D287B6D7CA}" = protocol=17 | dir=in | app=c:\users\herds\appdata\roaming\dropbox\bin\dropbox.exe |
"{53248F43-4A73-4250-B325-AB153F8396EC}" = protocol=6 | dir=out | app=system |
"{55648E98-DF01-4C11-9D68-9A9412A0113B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{57D5F84A-D141-44D1-AEDD-96128AE3086A}" = protocol=17 | dir=in | app=c:\program files (x86)\pure flow server\twonkymediaserver.exe |
"{67032263-59CA-40F7-A726-518AE307684D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{71AF669F-F013-49A1-BE1A-24AF32D6F5DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{780D808C-83E2-420E-8456-2E5D96FB75C1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C072721-0D47-492F-B322-74C1B49D0772}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{879E7374-3E2B-424A-BC56-927E1D1803BB}" = protocol=6 | dir=in | app=c:\program files (x86)\pure flow server\twonkymediaserver.exe |
"{8FF34457-7D01-4B29-96D2-1D264833D002}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{92B77B07-B65B-4E40-9714-8ED0BBB9DA88}" = protocol=6 | dir=in | app=c:\users\herds\appdata\roaming\dropbox\bin\dropbox.exe |
"{93BAA9F7-068C-4362-8F7D-350685A04444}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{94FF79B5-8D0A-4E3A-B492-A188CF9536CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5CC23A8-4B61-4E89-98CC-FE3D1FEA28D9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A7A6FB44-1968-42F8-9DCD-8E59767944FC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{C8D8FE71-9A85-400E-BB25-E59112D227A0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D97CA73E-988E-46B3-B2EB-90CEF212D88C}" = protocol=17 | dir=in | app=c:\program files (x86)\pure flow server\twonkymediaserverwatchdog.exe |
"{DCF58CBD-33E8-437B-A920-70351B9B64F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DF437D2E-46E8-4498-B4B3-0D0767342AC8}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{E11A2395-F094-493F-A061-160D70D4D6C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4C894B0-C6FB-41BC-A4FF-12392C0B626D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E8509B78-751A-4ADB-8FE1-5915D70EC9C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDB9E1B6-EAC2-4A93-8BAF-0855A1710D58}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F188D996-119D-46AB-A3C1-1E273B62821D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{942AD46C-FF0A-4292-8180-C10E1EC9F71A}C:\users\herds\appdata\local\temp\rar$exa0.973\volley.exe" = protocol=6 | dir=in | app=c:\users\herds\appdata\local\temp\rar$exa0.973\volley.exe |
"UDP Query User{5C32D1F2-C543-4AB5-9E56-303D43158EF4}C:\users\herds\appdata\local\temp\rar$exa0.973\volley.exe" = protocol=17 | dir=in | app=c:\users\herds\appdata\local\temp\rar$exa0.973\volley.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON SX235 Series" = EPSON SX235 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista
"{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian
"{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish
"{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech
"{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German
"{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish
"{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.2 MUI
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch
"{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light
"{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional
"{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New
"{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish
"{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation
"{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"EPSON Scanner" = EPSON Scan
"F-Secure Product 444" = Unitymedia Sicherheitspaket
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LManager" = Launch Manager
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"TwonkyMediaPURE Flow Server" = PURE Flow Server
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.10.2012 10:39:07 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.10.2012 10:39:07 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.10.2012 10:39:07 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.10.2012 10:39:08 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.11.2012 11:00:46 | Computer Name = herds-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 01.11.2012 11:01:40 | Computer Name = herds-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 01.11.2012 11:01:54 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.11.2012 11:01:54 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.11.2012 11:01:55 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.11.2012 11:01:55 | Computer Name = herds-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 11.08.2012 17:28:10 | Computer Name = herds-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?08.?2012 um 00:00:21 unerwartet heruntergefahren.
Error - 16.08.2012 17:53:21 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst DsiWMIService erreicht.
Error - 16.08.2012 17:53:51 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst DsiWMIService erreicht.
Error - 16.08.2012 17:54:21 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst DsiWMIService erreicht.
Error - 16.08.2012 17:54:51 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst DsiWMIService erreicht.
Error - 17.08.2012 03:21:01 | Computer Name = herds-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?08.?2012 um 00:42:02 unerwartet heruntergefahren.
Error - 18.08.2012 10:27:42 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Intel(R) Rapid Storage Technology erreicht.
Error - 18.08.2012 10:27:42 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 21.08.2012 12:58:40 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Intel(R) Rapid Storage Technology erreicht.
Error - 21.08.2012 12:58:40 | Computer Name = herds-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
< End of report >
--- --- --- |
