| Esmeralda | 16.03.2013 00:11 |
Ich hab unter "Programme" noch mal nachgeschaut, dort einen ganzen Ordner von AVAST gefunden und gelöscht. Seitdem meckert ESET nicht mehr. Sorry, dass ich da nicht früher drauf gekommen bin...
Werde aber den Scan sicherheitshalber erst mal noch zurückhalten und auf dein Urteil anhand von OTL warten.
Hab aber trotzdem noch mal eine Kontrolle mit OTL durchgeführt: Code:
OTL logfile created on: 3/15/2013 10:47:35 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aquaria.MariasRechner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.91 Gb Total Physical Memory | 5.78 Gb Available Physical Memory | 73.14% Memory free
15.81 Gb Paging File | 13.59 Gb Available in Paging File | 85.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 305.67 Gb Total Space | 175.33 Gb Free Space | 57.36% Space Free | Partition Type: NTFS
Drive D: | 367.97 Gb Total Space | 355.62 Gb Free Space | 96.64% Space Free | Partition Type: NTFS
Drive F: | 14.83 Gb Total Space | 13.65 Gb Free Space | 92.05% Space Free | Partition Type: FAT32
Drive G: | 3.80 Gb Total Space | 1.81 Gb Free Space | 47.58% Space Free | Partition Type: FAT32
Computer Name: MARIASRECHNER | User Name: BERGKRISTALL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Aquaria.MariasRechner\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Users\Aquaria.MariasRechner\Local Settings\Apps\F.lux\flux.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd ()
MOD - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd ()
MOD - C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Users\Aquaria.MariasRechner\Local Settings\Apps\F.lux\flux.exe ()
========== Services (SafeList) ==========
SRV:64bit: - (secinitd) -- C:\Windows\SysNative\d3dxof64.exe ()
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Splashtop MDES) -- C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - ({73526619-C24F-470B-9BED-53D455FBB5C6}) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (Cyberlink Corp.)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://asus.msn.com [binary data]
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus.msn.com [binary data]
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=ie9hp
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\..\SearchScopes\{2EE28B92-C46E-4AB5-BB66-8A7527220737}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://ie.msn.de/willkommen/
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=ie9hp
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\..\SearchScopes,DefaultScope = {CAE61CDE-0F8E-46D8-845D-C94CC4D858DA}
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\..\SearchScopes\{CAE61CDE-0F8E-46D8-845D-C94CC4D858DA}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
IE - HKU\S-1-5-21-542383332-4153358020-2719540128-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012/01/20 00:59:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/29 18:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/23 14:11:51 | 000,000,000 | ---D | M]
[2013/03/15 21:08:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BERGKRISTALL\AppData\Roaming\mozilla\Extensions
[2012/02/03 21:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/08/11 18:31:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013/03/03 22:06:32 | 000,001,400 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/03/03 22:06:32 | 000,001,679 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/03 22:06:32 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/03/03 22:06:32 | 000,006,818 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/02/26 00:16:42 | 000,001,279 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/03/03 22:06:32 | 000,000,903 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013/03/13 17:24:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No CLSID value found.
O2:64bit: - BHO: (no name) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No CLSID value found.
O2 - BHO: (no name) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - No CLSID value found.
O2 - BHO: (no name) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (no name) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-542383332-4153358020-2719540128-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found
O4 - HKU\S-1-5-21-542383332-4153358020-2719540128-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-542383332-4153358020-2719540128-1005..\Run: [F.lux] C:\Users\Aquaria.MariasRechner\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-21-542383332-4153358020-2719540128-1005..\Run: [sbitunesagent] C:\Program Files (x86)\Philips\Philips Songbird\songbirditunesagent.exe ()
O4 - HKU\S-1-5-21-542383332-4153358020-2719540128-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Aquaria.MariasRechner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Maria Wohlfarth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-542383332-4153358020-2719540128-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{472526DB-FACF-4C72-8CC4-6BF1B4BA372E}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAB72536-28FF-4C93-886C-41FD60ED208B}: DhcpNameServer = 13.5.0.10
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp - No CLSID value found
O18:64bit: - Protocol\Handler\tmpx - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp - No CLSID value found
O18 - Protocol\Handler\tmpx - No CLSID value found
O18 - Protocol\Handler\tmtbim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/15 22:08:05 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Malwarebytes
[2013/03/15 21:12:33 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\ASUS WebStorage
[2013/03/15 21:10:02 | 002,347,384 | ---- | C] (ESET) -- C:\Users\BERGKRISTALL\Desktop\esetsmartinstaller_enu.exe
[2013/03/15 21:08:09 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Mozilla
[2013/03/15 21:08:09 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\Mozilla
[2013/03/15 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Avira
[2013/03/15 20:57:14 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\MediaServer
[2013/03/15 20:57:13 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/03/15 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\BMExplorer
[2013/03/15 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\Documents\Bluetooth Folder
[2013/03/15 20:57:11 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\CyberLink
[2013/03/15 20:57:10 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\CyberLink
[2013/03/15 20:57:09 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Apple Computer
[2013/03/15 20:55:20 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/15 20:55:20 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Searches
[2013/03/15 20:55:20 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/15 20:55:11 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Identities
[2013/03/15 20:55:09 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Contacts
[2013/03/15 20:55:06 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\VirtualStore
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Vorlagen
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\AppData\Local\Verlauf
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\AppData\Local\Temporary Internet Files
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Startmenü
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\SendTo
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Recent
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Netzwerkumgebung
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Lokale Einstellungen
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Documents\Eigene Videos
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Documents\Eigene Musik
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Eigene Dateien
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Documents\Eigene Bilder
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Druckumgebung
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Cookies
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\AppData\Local\Anwendungsdaten
[2013/03/15 20:54:31 | 000,000,000 | -HSD | C] -- C:\Users\BERGKRISTALL\Anwendungsdaten
[2013/03/15 20:54:30 | 000,000,000 | --SD | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Videos
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Saved Games
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Pictures
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Music
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Links
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Favorites
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Downloads
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Documents
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\Desktop
[2013/03/15 20:54:30 | 000,000,000 | R--D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/15 20:54:30 | 000,000,000 | -H-D | C] -- C:\Users\BERGKRISTALL\AppData
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\temp
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\Microsoft
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Media Center Programs
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2013/03/15 20:54:30 | 000,000,000 | ---D | C] -- C:\Users\BERGKRISTALL\AppData\Local\ASUS
[2013/03/14 17:16:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/13 23:20:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/13 22:38:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 22:38:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 22:38:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 22:38:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 22:38:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 22:38:26 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 22:38:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 22:38:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 22:38:25 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 22:38:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 22:38:24 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 22:38:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 22:38:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 22:38:21 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 22:38:20 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 22:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 22:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 22:35:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/13 22:13:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/03/13 22:13:30 | 000,000,000 | ---D | C] -- C:\JRT
[2013/03/13 17:41:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/13 17:12:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/03/13 17:12:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/03/13 17:12:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/03/13 17:12:08 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/03/13 17:12:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/13 17:11:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/05 22:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/03/05 04:43:37 | 002,770,944 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013/03/05 00:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/03/03 22:06:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO
[2013/02/27 03:00:54 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/02/27 03:00:54 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/02/27 03:00:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/02/27 03:00:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/02/27 03:00:50 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/02/27 03:00:50 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/02/27 03:00:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 03:00:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 03:00:44 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/02/27 03:00:44 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 03:00:44 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 03:00:44 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 03:00:44 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 03:00:44 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 03:00:44 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 03:00:43 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/02/27 03:00:43 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/02/27 03:00:43 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/02/27 03:00:43 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/02/27 03:00:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 03:00:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 03:00:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 03:00:43 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 03:00:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 03:00:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 03:00:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 03:00:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 03:00:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 03:00:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 03:00:42 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/02/27 03:00:42 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/02/27 03:00:42 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/02/27 03:00:42 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/02/27 03:00:42 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/02/27 03:00:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/02/27 03:00:41 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/02/27 03:00:41 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/02/27 03:00:41 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/02/27 03:00:41 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/02/27 03:00:40 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/02/27 03:00:40 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/02/26 22:15:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.7
[2013/02/26 22:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013/02/26 22:05:53 | 000,000,000 | ---D | C] -- C:\MediaServer
[2013/02/26 22:05:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013/02/26 22:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013/02/26 22:05:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2013/02/26 21:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013/02/26 02:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
[2013/02/26 02:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013/02/26 00:16:42 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll
========== Files - Modified Within 30 Days ==========
[2013/03/15 22:44:51 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013/03/15 22:42:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 22:42:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/15 22:34:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/15 22:34:23 | 2072,027,135 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/15 21:10:03 | 002,347,384 | ---- | M] (ESET) -- C:\Users\BERGKRISTALL\Desktop\esetsmartinstaller_enu.exe
[2013/03/15 21:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/15 20:54:41 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/03/15 14:03:27 | 008,133,930 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/15 14:03:27 | 000,706,520 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/03/15 14:03:27 | 000,705,544 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/03/15 14:03:27 | 000,703,282 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013/03/15 14:03:27 | 000,701,198 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/03/15 14:03:27 | 000,691,432 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013/03/15 14:03:27 | 000,688,048 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013/03/15 14:03:27 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/03/15 14:03:27 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/15 14:03:27 | 000,563,860 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2013/03/15 14:03:27 | 000,397,410 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/03/15 14:03:27 | 000,365,612 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2013/03/15 14:03:27 | 000,141,234 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/03/15 14:03:27 | 000,137,924 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013/03/15 14:03:27 | 000,137,112 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013/03/15 14:03:27 | 000,136,688 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013/03/15 14:03:27 | 000,134,312 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/03/15 14:03:27 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/03/15 14:03:27 | 000,131,316 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/03/15 14:03:27 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/03/15 14:03:27 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/15 14:03:27 | 000,093,608 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2013/03/15 14:03:27 | 000,073,266 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2013/03/14 00:07:31 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/14 00:07:31 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/13 17:24:23 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/03/08 17:07:58 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/05 17:26:31 | 000,002,114 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013/03/05 13:54:41 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/26 22:15:50 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink MediaEspresso 6.7.lnk
[2013/02/26 22:05:32 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2013/02/26 20:51:43 | 000,002,490 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013/02/26 00:16:42 | 000,119,808 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc.exe
[2013/02/26 00:16:41 | 000,118,272 | ---- | M] () -- C:\Windows\SysNative\d3dxof64.exe
[2013/02/14 11:55:47 | 000,385,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013/03/15 20:55:34 | 000,001,407 | ---- | C] () -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/03/15 20:55:27 | 000,001,441 | ---- | C] () -- C:\Users\BERGKRISTALL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/13 17:12:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/13 17:12:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/13 17:12:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/13 17:12:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/13 17:12:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/05 13:54:41 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/26 22:15:50 | 000,002,125 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink MediaEspresso 6.7.lnk
[2013/02/26 22:05:32 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2013/02/26 00:16:42 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2013/02/26 00:16:42 | 000,119,808 | ---- | C] () -- C:\Windows\SysNative\GFilterSvc.exe
[2013/02/26 00:16:41 | 000,118,272 | ---- | C] () -- C:\Windows\SysNative\d3dxof64.exe
[2011/12/03 04:44:11 | 008,232,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/29 02:51:27 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/08/31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/08/19 03:33:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/08/19 03:32:39 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/08/19 03:32:34 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/10 23:55:50 | 000,368,400 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/12/04 20:56:12 | 000,000,000 | ---D | M] -- C:\Users\Aquaria\AppData\Roaming\ASUS WebStorage
[2012/03/21 00:50:54 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals
[2012/03/22 03:27:06 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Abra Academy
[2012/01/13 20:24:05 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Amazon
[2012/01/13 00:41:13 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Artweaver Free
[2011/12/10 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\ASUS WebStorage
[2012/03/20 16:07:04 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Az-Art
[2012/12/03 14:11:11 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Boolat Games
[2013/01/18 12:59:27 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Boomzap
[2012/01/14 04:14:55 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\DAZ 3D
[2012/12/08 19:18:42 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Edraw Mind Map
[2012/03/12 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Elephant Games
[2012/08/03 14:50:29 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\ERS Game Studios
[2012/03/20 11:42:12 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Gogii
[2012/04/12 01:35:47 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\gtk-2.0
[2013/03/09 12:14:25 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\inkscape
[2012/03/21 00:51:49 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\MA2
[2012/03/26 20:01:41 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Meridian93
[2011/12/21 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\OpenOffice.org
[2013/01/04 22:33:09 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Orneon
[2012/09/29 17:22:28 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Philips
[2013/03/15 14:04:56 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Philips-Songbird
[2012/02/12 12:03:17 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Radialpoint
[2012/12/29 09:29:23 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Rainbow
[2013/03/15 19:57:27 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\SoftGrid Client
[2011/12/14 16:39:48 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\streamripper
[2012/01/20 01:00:55 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Swiss Academic Software
[2012/09/20 16:40:35 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\Windows Live Writer
[2012/12/27 19:11:03 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\XnView
[2012/02/12 12:03:08 | 000,000,000 | ---D | M] -- C:\Users\Aquaria.MariasRechner\AppData\Roaming\{{userdatapath.company}}
[2013/03/15 21:12:33 | 000,000,000 | ---D | M] -- C:\Users\BERGKRISTALL\AppData\Roaming\ASUS WebStorage
[2013/01/02 00:27:42 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals
[2012/03/22 03:24:19 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Abra Academy
[2011/12/04 04:08:44 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Amazon
[2011/12/03 00:28:11 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\ASUS WebStorage
[2012/03/19 22:07:29 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Az-Art
[2013/01/17 19:54:28 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Boomzap
[2012/02/02 00:15:33 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\DAZ 3D
[2012/03/25 21:53:58 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Dekovir
[2011/12/03 01:56:55 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Downloaded Installations
[2012/12/08 18:37:14 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Edraw Mind Map
[2012/03/13 18:00:59 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Elephant Games
[2012/02/09 02:25:45 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\ERS Game Studios
[2012/03/19 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Gogii
[2012/02/02 01:09:54 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\IcoFX
[2013/03/08 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\inkscape
[2012/03/25 22:37:58 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Meridian93
[2011/12/03 01:55:06 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Nitro PDF
[2011/12/03 00:34:07 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Nuance
[2011/12/03 04:40:21 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\OpenOffice.org
[2013/02/26 00:16:42 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Opera
[2013/01/02 00:41:19 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Orneon
[2013/03/05 00:06:32 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\QuickScan
[2012/02/11 21:31:30 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Radialpoint
[2012/12/28 16:52:44 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Rainbow
[2013/03/13 22:34:16 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\SoftGrid Client
[2011/12/08 04:03:37 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\streamripper
[2011/12/03 04:44:50 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\TP
[2013/02/26 02:29:38 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Wise Disk Cleaner
[2013/03/03 22:23:09 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Wise Registry Cleaner
[2011/12/03 00:34:04 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\Zeon
[2012/02/11 21:58:52 | 000,000,000 | ---D | M] -- C:\Users\Maria Wohlfarth\AppData\Roaming\{{userdatapath.company}}
========== Purity Check ==========
< End of report >
Code:
OTL Extras logfile created on: 3/15/2013 10:47:35 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aquaria.MariasRechner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.91 Gb Total Physical Memory | 5.78 Gb Available Physical Memory | 73.14% Memory free
15.81 Gb Paging File | 13.59 Gb Available in Paging File | 85.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 305.67 Gb Total Space | 175.33 Gb Free Space | 57.36% Space Free | Partition Type: NTFS
Drive D: | 367.97 Gb Total Space | 355.62 Gb Free Space | 96.64% Space Free | Partition Type: NTFS
Drive F: | 14.83 Gb Total Space | 13.65 Gb Free Space | 92.05% Space Free | Partition Type: FAT32
Drive G: | 3.80 Gb Total Space | 1.81 Gb Free Space | 47.58% Space Free | Partition Type: FAT32
Computer Name: MARIASRECHNER | User Name: BERGKRISTALL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-542383332-4153358020-2719540128-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03374369-29B8-498E-8EEA-9A491A218B5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{0E39FEF6-1FCD-45E4-AD61-C3CC303DC0B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13FD5E8E-CC0A-4CAE-A8EC-ABAD54609A84}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1CEC1512-BEE9-40E2-9C74-F46C7366E94A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B6B8543-2F6E-43B2-96BF-A74079DFB358}" = rport=139 | protocol=6 | dir=out | app=system |
"{4CC190BB-2D4C-4E58-B2D7-6494589A2A7F}" = lport=139 | protocol=6 | dir=in | app=system |
"{4EA5703C-7329-4F56-A671-C88ECD41DDB0}" = lport=138 | protocol=17 | dir=in | app=system |
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{6120440A-6801-4740-9A03-7FE7AA72AC17}" = rport=138 | protocol=17 | dir=out | app=system |
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7EDA2D0F-9565-4E31-8CD1-97A5231B9189}" = lport=445 | protocol=6 | dir=in | app=system |
"{85D4A1DB-156E-45C8-8968-15C7EA44A151}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{89113D06-E3D5-49A7-9856-9E2775632F95}" = rport=445 | protocol=6 | dir=out | app=system |
"{8D688385-9104-4FF3-BE3D-28B7D2D59362}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8EFCA642-564A-4023-998E-B59AEFB67090}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9357CE08-0AA1-4819-A0F7-263FC257043A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9735A264-B861-4C85-9022-E60099F68C8B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{ACA48445-98A7-4395-AF16-B4668DE88C3B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AE366A47-2CC4-4C8E-9C68-A3EE46A50F79}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFFBD841-0971-4826-9D75-447EF13A9EDE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B92833AB-1682-40F4-9B55-D80B3476C46F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE28CBB8-D4D4-4582-948E-AF0F7AD42F9A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D662F18D-0DE0-4197-88AC-A6D9B588AAFE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E7294DB9-E707-434E-A807-DD0BF7F74F64}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F3E173A1-B600-417E-92A5-9DFAEECF97C8}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0583604E-9C23-4FAC-A86B-4D821F0355CB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0BE4E83C-CE6C-4C45-A80C-0034D3E43FD8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0C32B695-2393-4C43-9CE5-25BB31020208}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{107C4BF2-7492-4492-ABFA-D80819990EB6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{1549554E-270D-4FCD-84B5-51EF5C88A9F3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{16AC0CDA-309F-47EC-BADA-708B2635A390}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{170D01B4-8E6E-49FB-BF3D-3A9DD9CB304A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{3162169B-81B6-4AED-AEB3-7A6711AEB3D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B0D3C74-3124-42D9-8B60-B215385FE169}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{41778980-3D38-49C1-8518-AA77CCC54FD9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4831BE12-7EA9-4CEF-93F5-6E373189DF54}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{513E8BF9-7A3F-4ACB-AC6C-68AC8DFD3D68}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{561376D4-CDAE-4217-9CCA-E625F16996EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D79AC48-775E-47E8-8E8D-BC15612A1055}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{77E2118B-E954-4B7C-A3EE-D1F9A25AC586}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{7A692C6F-175C-4590-A7FF-62988D1A5AE6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7CB3309E-ACB0-446D-BED6-64FE4DEBAFF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{801886BB-5AFB-4669-AFBA-D53DF5E5BC09}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{815523A5-A2F6-485B-9063-765C5DFDA0C6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{870CDFE1-DAD7-47DC-8A63-75C6CEA7BF3E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8CAB0023-E43A-4ACA-B871-3A39CF4C33E6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D9AF99E-48D8-4131-B2E7-977DB77A846E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E30A05E-C912-40A2-90CF-9EE024DDC6C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9203B834-0E81-4C4A-A00D-203B32276868}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94F0BC9D-1EBC-4719-B008-EF0352791717}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{9EA5D877-E091-461B-9514-F65A484DFA15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A4C3D668-82B4-42D2-99B9-7D1F51B857FE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB04A308-4E99-4DAF-9239-64F6808BFD5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE3A674C-E0E4-43A7-A948-C3C1DC391A18}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{C0891C94-94AD-4C93-81F4-097206DA3920}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8FB76A2-B5F1-4F2C-90EF-9DF1667B6FBB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D0F7D040-06DD-4CCF-BAEE-2EBBE4DCB4B1}" = protocol=6 | dir=out | app=system |
"{E9F71ECB-FE66-4DC2-8B09-CA8B49662E65}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{08CC73E9-CE90-4215-BF4E-1F5524ED5D8C}C:\program files (x86)\philips\philips songbird\philips-songbird.exe" = protocol=6 | dir=in | app=c:\program files (x86)\philips\philips songbird\philips-songbird.exe |
"TCP Query User{42E271BA-A919-4DD0-96BF-4D6538BAD34E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{DE5DDBAB-A960-476D-8D76-F7BCB871064C}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{2200AA82-EBDA-4E43-845B-0167CE4ABDB2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{2A34FE88-97E0-4AAE-889B-5A14CE1F6055}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{51AC1EBA-DFE8-4340-AB78-77109FBE13A7}C:\program files (x86)\philips\philips songbird\philips-songbird.exe" = protocol=17 | dir=in | app=c:\program files (x86)\philips\philips songbird\philips-songbird.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety
"{287134AD-092F-4BD0-A6F4-911B0B351E87}" = Windows Live Family Safety
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{464F7B5E-80BB-4F34-A602-384F0702674A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5ECA80C9-7D7A-49AC-B487-52F1CF47ECEE}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{74AC7ECE-87E1-41F7-ABA2-5ED9B13CECFA}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{944E73EF-857E-4F71-9DC4-CD059D7ADDEF}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"AsMakeLink" = AsMakeLink
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.6.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1" = Artweaver Free 3.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.7
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_N5_En" = AsusScr_N5_En
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Antivirus Premium
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BFG-A Gypsy's Tale - Der Turm des Schicksals" = A Gypsy's Tale: Der Turm des Schicksals
"BFG-Abra Academy" = Abra Academy
"BFG-Allora und das zerbrochene Portal" = Allora und das zerbrochene Portal
"BFG-Awakening - Das Koenigreich der Kobolde Sammleredition" = Awakening: Das Königreich der Kobolde Sammleredition
"BFG-Awakening 2 - Der Mondenwald" = Awakening 2: Der Mondenwald
"BFGC" = Big Fish Games: Game Manager
"BFG-Das gelobte Land" = Das gelobte Land
"BFG-Das Vermaechtnis - Der Baum des Lebens" = Das Vermächtnis: Der Baum des Lebens
"BFG-Die Chroniken von Emerland Solitaer" = Die Chroniken von Emerland Solitär
"BFG-Echoes of the Past - Die Rache der Hexe Sammleredition" = Echoes of the Past: Die Rache der Hexe Sammleredition
"BFG-Echoes of the Past - Royal House of Stone" = Echoes of the Past: Royal House of Stone
"BFG-Gehirntraining" = Gehirntraining
"BFG-Grim Tales - Das Vermaechtnis Sammleredition" = Grim Tales: Das Vermächtnis Sammleredition
"BFG-Hidden Magic" = Hidden Magic
"BFG-Liong - The Lost Amulets" = Liong: The Lost Amulets
"BFG-Magic Farm" = Magic Farm
"BFG-Monarch - The Butterfly King" = Monarch - The Butterfly King
"BFG-Mushroom Age" = Mushroom Age
"BFG-Mystery Age - Die Dunklen Priester" = Mystery Age: Die Dunklen Priester
"BFG-Otherworld - Fruehling der Schatten Sammleredition" = Otherworld: Frühling der Schatten Sammleredition
"BFG-Prinzessin Isabella - Die Rueckkehr des Fluches" = Prinzessin Isabella: Die Rückkehr des Fluches
"BFG-Roads of Rome" = Roads of Rome
"BFG-Spirits of Mystery - Der Gesang des Phoenix" = Spirits of Mystery: Der Gesang des Phönix
"BFG-Spirits of Mystery - Dunkler Fluch Sammleredition" = Spirits of Mystery: Dunkler Fluch Sammleredition
"Bookworm Deluxe" = Bookworm Deluxe
"Cheatbook 07.2009" = Cheatbook 07.2009
"Cooking Dash" = Cooking Dash
"Edraw Mind Map Freeware_is1" = Edraw Mind Map 6.5
"ESET Online Scanner" = ESET Online Scanner v3
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"IcoFX_is1" = IcoFX 1.6.4
"Inkscape" = Inkscape 0.48.2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.7
"Luxor 3" = Luxor 3
"MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDFConverter Desktop_is1" = PDFConverter Desktop
"Philips Songbird" = Philips Songbird
"Plants vs Zombies" = Plants vs Zombies
"Streamripper" = Streamripper (Remove only)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.76
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.64
"World of Goo" = World of Goo
"XnView_is1" = XnView 1.99.6
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-542383332-4153358020-2719540128-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Flux" = F.lux
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/15/2013 5:07:21 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:11:18 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:11:18 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(2).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:32:01 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:36:29 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:36:29 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:36:43 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:39:17 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:39:17 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 3/15/2013 5:39:21 PM | Computer Name = MariasRechner | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Aquaria.MariasRechner\Desktop\esetsmartinstaller_enu(4).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 3/15/2013 5:07:51 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:51 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:51 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:51 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:53 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:53 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:53 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:53 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:07:53 PM | Computer Name = MariasRechner | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 3/15/2013 5:36:18 PM | Computer Name = MariasRechner | Source = DCOM | ID = 10010
Description =
< End of report >
|
GMER herunter: (Dateiname zufällig) 
Tauchen Probleme auf? 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
Textbox. 
