Trojaner-Board - Skype Spam Virus

ich habe dieses Programm soeben auf meinen Laptop herunter geladen und auf den zweiten link geklickt.
leider habe ich die untersten anweisungen zu spät gelesen und stattdessen die angaben des links befolgt. daher habe ich auf "scan" geklickt, nicht auf "quick scan". Ich hoffe, das ist jetzt nicht so schlimm, ich kann es nämlich nicht mehr aufhalten.
ich werde es nach abschluss noch versuchen.
welcher inhalt ist gemeint, den ich in das "benutzerdefinierte ..."-box kopieren soll? ist das das viele im gelben kasten?

ich hoffe, ich habs jetzt nicht verschlimmert,
Akinorev

also es hat funktioniert, glaub ich :)
hier, das hat das programm ausgespuckt:

dieses fenster trägt den namen otl.txt-editorOTL Logfile:

Code:

OTL logfile created on: 16.03.2013 12:52:54 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Das Vroni\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,48 Gb Total Physical Memory | 5,78 Gb Available Physical Memory | 77,34% Memory free

14,96 Gb Paging File | 13,04 Gb Available in Paging File | 87,16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 271,00 Gb Total Space | 142,91 Gb Free Space | 52,73% Space Free | Partition Type: NTFS

Drive D: | 406,14 Gb Total Space | 405,74 Gb Free Space | 99,90% Space Free | Partition Type: NTFS

Drive E: | 7,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: GWENDOLYN | User Name: Das Vroni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Das Vroni\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Users\Das Vroni\S-80-5421-8975-4765\winmgr.exe ()

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)

PRC - C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe (SAMSUNG Electronics)

PRC - C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics)

PRC - C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)

PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)

PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Users\Das Vroni\S-80-5421-8975-4765\winmgr.exe ()

MOD - C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll ()

MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()

MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()

MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()

MOD - C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe (Symantec Corporation)

SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)

SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)

DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)

DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)

DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)

DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)

DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)

DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )

DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys (Symantec Corporation)

DRV:64bit: - (SGDrv) -- C:\Windows\SysNative\drivers\SGDrv64.sys (Phoenix Technologies Ltd.)

DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys (Symantec Corporation)

DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys (Symantec Corporation)

DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys (Symantec Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys (Symantec Corporation)

DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys (Symantec Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120420.032\EX64.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120420.032\ENG64.SYS (Symantec Corporation)

DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120420.001\IDSviA64.sys (Symantec Corporation)

DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys (Symantec Corporation)

DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com/

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{9916605F-57F2-424C-93BF-B2AE578FED36}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=9b0e527c-e6b6-4f0a-81bd-4fb3b597fa75&apn_sauid=3006A5FD-AC9C-470C-A3A0-1562A9C711C2

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.ecosia.de"

FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.4.20130221100632

FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.5

FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=9b0e527c-e6b6-4f0a-81bd-4fb3b597fa75&apn_ptnrs=%5EAGS&apn_sauid=3006A5FD-AC9C-470C-A3A0-1562A9C711C2&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012.04.20 17:30:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013.03.16 11:46:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.14 17:05:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2012.04.14 17:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\Extensions

[2013.03.06 21:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\Firefox\Profiles\cbpogod4.default\extensions

[2013.02.28 20:52:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\Firefox\Profiles\cbpogod4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2012.12.19 16:28:41 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\Firefox\Profiles\cbpogod4.default\extensions\toolbar@ask.com

[2012.11.20 14:54:06 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\firefox\profiles\cbpogod4.default\extensions\elemhidehelper@adblockplus.org.xpi

[2013.03.06 21:20:37 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\firefox\profiles\cbpogod4.default\extensions\personas@christopher.beard.xpi

[2012.09.09 21:31:20 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Das Vroni\AppData\Roaming\mozilla\firefox\profiles\cbpogod4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2012.12.19 16:28:41 | 000,002,344 | ---- | M] () -- C:\Users\Das Vroni\AppData\Roaming\mozilla\firefox\profiles\cbpogod4.default\searchplugins\askcom.xml

[2012.12.03 21:48:18 | 000,002,289 | ---- | M] () -- C:\Users\Das Vroni\AppData\Roaming\mozilla\firefox\profiles\cbpogod4.default\searchplugins\ecosia.xml

[2012.04.14 17:05:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.14 17:05:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions

[2012.04.14 17:05:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2011.11.05 08:10:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.11.05 04:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.11.05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.11.05 04:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.11.05 04:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.11.05 04:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.11.05 04:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found

O4 - HKCU..\Run: [Microsoft Windows Manager] C:\Users\Das Vroni\S-80-5421-8975-4765\winmgr.exe ()

O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe (Adobe Systems Incorporated)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B901EF96-5E7F-4A43-9AF7-C17B951B233F}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D96E33C9-9C49-41B5-9CCB-F54ED90CC9D8}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{7b6c5c67-04ca-11e2-8830-e8039a365954}\Shell - "" = AutoRun

O33 - MountPoints2\{7b6c5c67-04ca-11e2-8830-e8039a365954}\Shell\AutoRun\command - "" = H:\Setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

 

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.03.12 18:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013.03.12 18:53:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2013.03.12 18:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013.03.12 18:49:30 | 000,000,000 | ---D | C] -- C:\Users\Das Vroni\AppData\Local\Programs

[2013.03.11 20:49:25 | 000,000,000 | RHSD | C] -- C:\Users\Das Vroni\S-80-5421-8975-4765

[2013.03.04 17:30:55 | 000,000,000 | ---D | C] -- C:\Users\Das Vroni\Documents\Youcam

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.03.16 12:33:24 | 000,001,098 | ---- | M] () -- C:\Users\Das Vroni\Desktop\OTL - Verknüpfung.lnk

[2013.03.16 12:17:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job

[2013.03.16 11:51:16 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.03.16 11:51:16 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.03.16 11:43:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2013.03.16 11:43:29 | 3736,850,431 | -HS- | M] () -- C:\hiberfil.sys

[2013.03.13 17:57:17 | 000,000,000 | -H-- | M] () -- C:\Users\Das Vroni\AppData\Roaming\winsvcns.sys

[2013.03.12 18:54:01 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013.03.11 20:22:15 | 001,612,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2013.03.11 20:22:15 | 000,696,870 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2013.03.11 20:22:15 | 000,652,148 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2013.03.11 20:22:15 | 000,148,134 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2013.03.11 20:22:15 | 000,121,080 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2013.02.18 20:13:25 | 000,313,659 | ---- | M] () -- C:\Users\Das Vroni\jonas mal wieder.JPG

[2013.02.14 18:47:16 | 000,331,392 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

 
 ========== Files Created - No Company Name ==========

 

[2013.03.16 12:33:24 | 000,001,098 | ---- | C] () -- C:\Users\Das Vroni\Desktop\OTL - Verknüpfung.lnk

[2013.03.12 18:54:00 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2013.03.11 20:49:38 | 000,000,000 | -H-- | C] () -- C:\Users\Das Vroni\AppData\Roaming\winsvcns.sys

[2013.02.18 20:13:20 | 000,313,659 | ---- | C] () -- C:\Users\Das Vroni\jonas mal wieder.JPG

[2013.02.11 19:48:58 | 000,002,019 | ---- | C] () -- C:\Users\Das Vroni\Adobe Reader XI.lnk

[2013.02.11 19:43:32 | 017,636,983 | ---- | C] () -- C:\Users\Das Vroni\Skript Kräuterspirale.pdf

[2013.02.07 19:45:50 | 000,628,409 | ---- | C] () -- C:\Users\Das Vroni\PKI_WT2013-TN-Info-Stand-07-01-13-FINAL.pdf

[2013.02.07 19:40:45 | 000,090,588 | ---- | C] () -- C:\Users\Das Vroni\wintertreffen 2013.pdf

[2013.02.03 18:50:15 | 002,414,763 | ---- | C] () -- C:\Users\Das Vroni\Map.jpg

[2013.01.28 15:49:04 | 000,002,046 | ---- | C] () -- C:\Users\Das Vroni\McAfee Security Scan Plus.lnk

[2013.01.22 18:03:49 | 000,077,220 | ---- | C] () -- C:\Users\Das Vroni\wasauchimmer.jpg

[2013.01.12 01:33:59 | 004,418,577 | ---- | C] () -- C:\Users\Das Vroni\robin.JPG

[2013.01.11 14:12:40 | 000,085,985 | ---- | C] () -- C:\Users\Das Vroni\Praktikumsfilm Veronika.wlmp

[2013.01.03 18:49:33 | 002,397,349 | ---- | C] () -- C:\Users\Das Vroni\tamaras dreasd.JPG

[2013.01.02 21:03:35 | 000,124,970 | ---- | C] () -- C:\Users\Das Vroni\BERLIN SILVESTER 12-13.wlmp

[2012.12.17 17:50:04 | 000,000,015 | ---- | C] () -- C:\Users\Das Vroni\Neues Textdokument .bat

[2012.12.06 21:17:43 | 002,970,286 | ---- | C] () -- C:\Users\Das Vroni\2012-12-06 21.10.54.jpg

[2012.12.06 20:34:15 | 000,053,495 | ---- | C] () -- C:\Users\Das Vroni\Messagebox - Frau - Unbekannt.png

[2012.12.06 19:59:13 | 000,021,546 | ---- | C] () -- C:\Users\Das Vroni\Ciel - Normal.png

[2012.12.05 19:44:48 | 001,297,508 | ---- | C] () -- C:\Users\Das Vroni\jonas zeichenkurs.JPG

[2012.12.05 19:39:15 | 001,663,402 | ---- | C] () -- C:\Users\Das Vroni\jonas kurse 2.JPG

[2012.12.05 19:35:29 | 001,975,029 | ---- | C] () -- C:\Users\Das Vroni\jonas kurse.JPG

[2012.12.02 11:05:46 | 000,000,032 | ---- | C] () -- C:\windows\Menu.INI

[2012.11.05 21:18:32 | 001,988,152 | ---- | C] () -- C:\Users\Das Vroni\schounas.JPG

[2012.10.29 19:38:21 | 000,040,672 | ---- | C] () -- C:\Users\Das Vroni\franzibandclown.jpg

[2012.06.20 16:55:42 | 001,590,378 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2012.06.16 12:26:32 | 000,020,845 | ---- | C] () -- C:\Users\Das Vroni\essiii 2.jpg

[2012.06.16 12:22:21 | 000,032,778 | ---- | C] () -- C:\Users\Das Vroni\essiii.jpg

[2012.06.12 17:07:32 | 000,002,480 | ---- | C] () -- C:\Users\Das Vroni\Norton Internet Security.lnk

[2012.06.04 15:43:05 | 000,024,245 | ---- | C] () -- C:\Users\Das Vroni\kjhkd.png

[2012.05.17 11:08:00 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI

[2012.05.17 11:02:58 | 000,001,946 | ---- | C] () -- C:\Users\Das Vroni\DAEMON Tools Lite.lnk

[2012.05.06 18:37:40 | 002,167,617 | ---- | C] () -- C:\Users\Das Vroni\evaaa.JPG

[2012.04.17 18:15:12 | 087,227,952 | ---- | C] () -- C:\Users\Das Vroni\avira_free_antivirus_de.exe

[2012.04.14 19:49:33 | 003,819,520 | ---- | C] () -- C:\Users\Das Vroni\hamachi2.1.0.124.msi

[2012.04.14 17:05:45 | 000,001,130 | ---- | C] () -- C:\Users\Das Vroni\Mozilla Firefox.lnk

[2012.04.14 16:58:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2012.04.14 13:32:30 | 000,002,535 | ---- | C] () -- C:\Users\Das Vroni\Skype.lnk

[2011.11.03 19:47:41 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe

[2011.11.03 19:03:59 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

[2011.11.03 18:44:53 | 000,001,276 | ---- | C] () -- C:\windows\HotFixList.ini

[2011.11.01 08:00:03 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat

[2011.11.01 08:00:03 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat

[2011.11.01 08:00:02 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

[2011.10.13 08:53:18 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\OpenVideo.dll

[2011.10.13 08:53:02 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\OVDecoder.dll

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.05.17 11:04:19 | 000,000,000 | ---D | M] -- C:\Users\Das Vroni\AppData\Roaming\DAEMON Tools Lite

[2012.05.01 16:53:25 | 000,000,000 | ---D | M] -- C:\Users\Das Vroni\AppData\Roaming\Leadertech

[2012.12.15 12:27:48 | 000,000,000 | ---D | M] -- C:\Users\Das Vroni\AppData\Roaming\Mount&Blade

[2012.06.20 16:50:09 | 000,000,000 | ---D | M] -- C:\Users\Das Vroni\AppData\Roaming\OpenOffice.org

[2012.11.30 15:16:14 | 000,000,000 | ---D | M] -- C:\Users\Das Vroni\AppData\Roaming\Origin

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012.04.14 13:18:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin

[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.09.24 11:38:04 | 000,000,000 | R--D | M] -- C:\Program Files

[2013.03.12 18:53:59 | 000,000,000 | R--D | M] -- C:\Program Files (x86)

[2013.02.11 19:46:24 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2012.04.14 13:10:04 | 000,000,000 | -HSD | M] -- C:\Recovery

[2013.03.16 13:07:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.04.14 13:11:25 | 000,000,000 | R--D | M] -- C:\Users

[2012.12.02 11:05:46 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT

[2009.07.14 06:08:49 | 000,032,640 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT

[2012.04.15 19:36:34 | 000,000,884 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll

[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2008.06.06 06:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

 
 < MD5 for: IASTORV.SYS  >

[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll

[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll

[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll

[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe

[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe

[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %USERPROFILE%\*.* >

[2012.12.06 21:18:37 | 002,970,286 | ---- | M] () -- C:\Users\Das Vroni\2012-12-06 21.10.54.jpg

[2013.02.11 19:48:58 | 000,002,019 | ---- | M] () -- C:\Users\Das Vroni\Adobe Reader XI.lnk

[2012.12.29 17:58:50 | 000,035,328 | ---- | M] () -- C:\Users\Das Vroni\Arbeitsschrittebeschreibung für die FOS.doc

[2012.04.17 18:13:21 | 087,227,952 | ---- | M] () -- C:\Users\Das Vroni\avira_free_antivirus_de.exe

[2013.01.02 21:03:40 | 000,124,970 | ---- | M] () -- C:\Users\Das Vroni\BERLIN SILVESTER 12-13.wlmp

[2012.12.06 19:59:14 | 000,021,546 | ---- | M] () -- C:\Users\Das Vroni\Ciel - Normal.png

[2012.05.17 11:02:58 | 000,001,946 | ---- | M] () -- C:\Users\Das Vroni\DAEMON Tools Lite.lnk

[2012.06.26 19:25:57 | 001,843,200 | ---- | M] () -- C:\Users\Das Vroni\Damals war es Friedrich.doc

[2012.04.14 13:14:42 | 000,000,148 | ---- | M] () -- C:\Users\Das Vroni\DiskScrP.txt

[2012.06.16 12:26:43 | 000,020,845 | ---- | M] () -- C:\Users\Das Vroni\essiii 2.jpg

[2012.06.16 12:22:33 | 000,032,778 | ---- | M] () -- C:\Users\Das Vroni\essiii.jpg

[2012.05.06 18:38:02 | 002,167,617 | ---- | M] () -- C:\Users\Das Vroni\evaaa.JPG

[2012.10.29 19:38:22 | 000,040,672 | ---- | M] () -- C:\Users\Das Vroni\franzibandclown.jpg

[2012.02.28 19:46:42 | 003,819,520 | ---- | M] () -- C:\Users\Das Vroni\hamachi2.1.0.124.msi

[2013.01.05 13:09:33 | 000,015,734 | ---- | M] () -- C:\Users\Das Vroni\Homepage und Printmedien Jonas Gampe.docx

[2012.06.26 19:25:36 | 001,024,000 | ---- | M] () -- C:\Users\Das Vroni\Inhaltsverzeichnis.doc

[2012.12.05 19:39:40 | 001,663,402 | ---- | M] () -- C:\Users\Das Vroni\jonas kurse 2.JPG

[2012.12.05 19:36:00 | 001,975,029 | ---- | M] () -- C:\Users\Das Vroni\jonas kurse.JPG

[2013.02.18 20:13:25 | 000,313,659 | ---- | M] () -- C:\Users\Das Vroni\jonas mal wieder.JPG

[2012.12.05 19:45:08 | 001,297,508 | ---- | M] () -- C:\Users\Das Vroni\jonas zeichenkurs.JPG

[2012.06.04 15:43:05 | 000,024,245 | ---- | M] () -- C:\Users\Das Vroni\kjhkd.png

[2013.02.03 18:52:57 | 002,414,763 | ---- | M] () -- C:\Users\Das Vroni\Map.jpg

[2013.02.10 16:34:17 | 000,002,046 | ---- | M] () -- C:\Users\Das Vroni\McAfee Security Scan Plus.lnk

[2012.12.06 20:34:21 | 000,053,495 | ---- | M] () -- C:\Users\Das Vroni\Messagebox - Frau - Unbekannt.png

[2012.04.14 17:05:45 | 000,001,130 | ---- | M] () -- C:\Users\Das Vroni\Mozilla Firefox.lnk

[2012.12.17 17:50:08 | 000,000,015 | ---- | M] () -- C:\Users\Das Vroni\Neues Textdokument .bat

[2012.06.12 17:07:32 | 000,002,480 | ---- | M] () -- C:\Users\Das Vroni\Norton Internet Security.lnk

[2013.03.16 13:42:26 | 002,097,152 | -HS- | M] () -- C:\Users\Das Vroni\NTUSER.DAT

[2013.03.16 13:42:26 | 000,262,144 | -HS- | M] () -- C:\Users\Das Vroni\ntuser.dat.LOG1

[2012.04.14 13:11:25 | 000,000,000 | -HS- | M] () -- C:\Users\Das Vroni\ntuser.dat.LOG2

[2012.04.14 14:57:35 | 000,065,536 | -HS- | M] () -- C:\Users\Das Vroni\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2012.04.14 14:57:35 | 000,524,288 | -HS- | M] () -- C:\Users\Das Vroni\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2012.04.14 14:57:35 | 000,524,288 | -HS- | M] () -- C:\Users\Das Vroni\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2012.04.14 13:11:25 | 000,000,020 | -HS- | M] () -- C:\Users\Das Vroni\ntuser.ini

[2013.02.07 19:46:00 | 000,628,409 | ---- | M] () -- C:\Users\Das Vroni\PKI_WT2013-TN-Info-Stand-07-01-13-FINAL.pdf

[2013.01.11 15:33:04 | 000,085,985 | ---- | M] () -- C:\Users\Das Vroni\Praktikumsfilm Veronika.wlmp

[2012.09.24 18:47:24 | 000,014,056 | ---- | M] () -- C:\Users\Das Vroni\Prolog von K.docx

[2012.06.26 14:40:22 | 019,765,248 | ---- | M] () -- C:\Users\Das Vroni\Präsentation Damals war es Friedrich.ppt

[2013.01.12 01:35:02 | 004,418,577 | ---- | M] () -- C:\Users\Das Vroni\robin.JPG

[2012.08.08 19:25:57 | 000,001,711 | ---- | M] () -- C:\Users\Das Vroni\Rot, Grau, etwas Licht.txt

[2012.11.05 21:19:02 | 001,988,152 | ---- | M] () -- C:\Users\Das Vroni\schounas.JPG

[2013.02.11 19:26:50 | 001,709,108 | ---- | M] () -- C:\Users\Das Vroni\Skript Kräuterspirale.docx

[2013.02.11 19:43:37 | 017,636,983 | ---- | M] () -- C:\Users\Das Vroni\Skript Kräuterspirale.pdf

[2012.04.14 13:32:30 | 000,002,535 | ---- | M] () -- C:\Users\Das Vroni\Skype.lnk

[2013.01.03 18:50:23 | 002,397,349 | ---- | M] () -- C:\Users\Das Vroni\tamaras dreasd.JPG

[2013.02.18 18:31:58 | 000,154,624 | -HS- | M] () -- C:\Users\Das Vroni\Thumbs.db

[2013.01.22 18:03:50 | 000,077,220 | ---- | M] () -- C:\Users\Das Vroni\wasauchimmer.jpg

[2013.02.07 19:40:48 | 000,090,588 | ---- | M] () -- C:\Users\Das Vroni\wintertreffen 2013.pdf

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

 
 <           >
 

< End of report >

--- --- ---

meine güte, das ist ja eine menge text ...
es kam auch gerade noch eine warnung von avira, da steht:
sicherheitshinweis
datum/uhrzeit: 16.03.2013, 13:58:19
typ: fund
der zugriff auf die Datei 'C:/Users/Das Vroni/AppData/Local/.../(eine zehnstellige Nummer).exe', die ein Virus odeer unerwünschtes Programm 'WORM/Phorpiex.B.227'enthält, wurde verweigert.
Sie können die Datei entfernen oder weitere Informationen über das Problem abrufen.
Wenn Sie nnicht sicher sind, was zu tun ist, helfen Ihnen unsere Experten gerne weiter!

Der Virus war auch immer in dieser Richtung, könnte ich jetzt nicht einfach auf entfernen klicken?

vielen danke für die Mühe!!

Akinorev

hier ist dann der zweite teil: Extras.txt

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 16.03.2013 12:52:54 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Das Vroni\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,48 Gb Total Physical Memory | 5,78 Gb Available Physical Memory | 77,34% Memory free

14,96 Gb Paging File | 13,04 Gb Available in Paging File | 87,16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 271,00 Gb Total Space | 142,91 Gb Free Space | 52,73% Space Free | Partition Type: NTFS

Drive D: | 406,14 Gb Total Space | 405,74 Gb Free Space | 99,90% Space Free | Partition Type: NTFS

Drive E: | 7,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: GWENDOLYN | User Name: Das Vroni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0216F2E4-5141-4C5C-A224-62BCBC5DF8D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{04D88630-7141-4541-A960-2610AC4579E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{1888DF07-6ACB-45C7-BCE4-1FDB1F242ADE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{1EA35D6B-E88C-43F7-BB62-46CD81944FC1}" = rport=138 | protocol=17 | dir=out | app=system | 

"{2169E630-1D47-4D6C-99FC-E90159690056}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{259274DB-37A9-4692-AADE-830DC57D4EE6}" = lport=137 | protocol=17 | dir=in | app=system | 

"{30558E93-C4AB-4433-94EF-2AF1AD8193BC}" = rport=445 | protocol=6 | dir=out | app=system | 

"{3A90EB60-AC15-4C7A-8BF2-DCD875D340FA}" = rport=139 | protocol=6 | dir=out | app=system | 

"{4038F4B4-5217-45BD-A9AE-FA0D1456DF96}" = lport=445 | protocol=6 | dir=in | app=system | 

"{6505A935-8AD6-409B-B46F-0390084A8BE1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{6704B911-9C83-4CCB-B720-1A9A757AC6A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{7AAE3469-7594-489B-AC30-19AB6052E5CD}" = rport=137 | protocol=17 | dir=out | app=system | 

"{8CB8640B-5C1D-444A-B969-A40FEEF028E5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{8CD05D2F-14CB-44A6-87BC-F52248280888}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{968DD376-1065-40B7-81FC-FDF1B6952B5B}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{A3B505B8-F8B9-4B8B-84FE-423CD1B862B8}" = lport=139 | protocol=6 | dir=in | app=system | 

"{A4C53833-C864-4E2C-9335-BB8FE2A9574B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{A5E08449-5A48-4CF3-B0B1-EC8082CEFFB2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{AA3EFE3B-22D3-4C92-95CE-17C0B0FE7102}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D3A12754-2A57-4885-842D-8AA3ED44C871}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{D6E27206-3DC3-4317-A5DC-43AE60D10D63}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{EA331389-CB4A-41A3-8372-E228691C9563}" = lport=138 | protocol=17 | dir=in | app=system | 

"{F212233B-FA6A-460C-871E-E5D47075A330}" = lport=2869 | protocol=6 | dir=in | app=system | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{024B75A6-C3A5-4D42-8D45-1870DB529469}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{0DE39A06-6FFB-4C91-A420-065074D646B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{11B8F2C9-B0FF-490A-A458-2EBF82D67AC0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 

"{121F42A3-4915-44DF-AC84-C39C3EEED692}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{1D0B4983-04E4-4493-8CF8-D08BAC2983EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{27897909-3333-4AB8-8321-4ED5F0AB237E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{28246DAE-C085-4386-9678-F503F1C87DB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{39EC607B-68A3-4693-8E9A-C92A83462C85}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{3A2CCB23-4F2A-433F-82EF-51FF1475545B}" = protocol=58 | dir=in | app=system | 

"{3C8771C3-628F-4226-9E98-BF807C407702}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{3DE67F7C-1488-4DB3-8A2A-45192F3C651A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{58AAA891-F29F-4C73-AD8A-B2A4E46E9CA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{6965AA9B-7D97-42E1-9200-526FEEE430F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{6A5A7B70-5523-4C80-B8C9-C5322DF9D843}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{6B62A0E8-45BC-49F9-BE74-CA06218D7D13}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 

"{71B8BF8B-369B-47E1-B20F-091076706CE4}" = protocol=6 | dir=out | app=system | 

"{7634B4ED-8A95-45E1-ACE4-306434E21B8B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{7F050173-0CBE-4F82-A183-23B68F0BA6EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{7FBC6719-7BE7-4D30-8AAF-59903392D4C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{86E5A681-7411-4E57-BB26-EE2E18FC48E1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{922B0015-7C6B-4511-B09B-FBBD7FA204C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{B643C5E9-D117-47DF-89E0-DC8BD5C27470}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{BE30B280-17BC-4A73-98B2-9C910301EC90}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{BF429F9C-1575-41DC-B0A0-79AFC8EEC111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{C9CB6078-6322-4BE6-BB1F-D8FB35F2A4BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{D2BB4FB1-3B6F-4E99-96DC-654F3AC31DD7}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe | 

"{E5752669-C81B-46D8-918D-1041403C090E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"TCP Query User{59E01627-F04F-4C33-935F-1096161C3B99}C:\program files (x86)\bioware corp\neverwinter nights\nwmain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bioware corp\neverwinter nights\nwmain.exe | 

"TCP Query User{7B7DDA1E-3A31-4D50-B732-EDD61C7527DF}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war\rometw.exe | 

"TCP Query User{825043EC-27AA-46F0-8023-1134F1702239}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe | 

"TCP Query User{87018109-E35B-4314-B4A1-56A4B78BC394}C:\users\das vroni\age of empires\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\das vroni\age of empires\age2_x1\age2_x1.exe | 

"TCP Query User{8E6FEE69-022B-4EE5-826E-A4E1A0FFC47F}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"TCP Query User{A5525B1F-B4D3-46B2-87BD-28DF707776EF}C:\program files (x86)\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\game.exe | 

"TCP Query User{BDE6DCEE-0FC2-4440-AEB0-9A0908053A74}C:\users\das vroni\desktop\age of empires\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\das vroni\desktop\age of empires\age2_x1\age2_x1.exe | 

"TCP Query User{C78D7F3D-92A3-4A0F-ACFF-2FC5E02E6FB1}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 

"TCP Query User{D4AC9F5E-AE46-43AF-8F9D-3F2362117977}C:\program files (x86)\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\game.exe | 

"TCP Query User{DA21F325-BA41-424C-9996-1B9422A5F3A8}C:\users\das vroni\age of empires\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\das vroni\age of empires\age2_x1\age2_x1.exe | 

"TCP Query User{F343CA80-BAC3-411C-A0D3-AC11F4A06A81}C:\users\das vroni\spielesucht\age of empires\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\das vroni\spielesucht\age of empires\age2_x1\age2_x1.exe | 

"TCP Query User{FEF608A2-28FC-4383-8065-1056E2540F10}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"UDP Query User{1B616C81-E975-4B2B-B9E3-A0E4A77E39C5}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 

"UDP Query User{35C37E3F-6303-4C09-87C7-FB783C756743}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war\rometw.exe | 

"UDP Query User{38BB319A-9ECB-43D2-A7D1-568D3D9F4B46}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"UDP Query User{498A647E-CCDA-4CC3-B946-0693830F2D6F}C:\program files (x86)\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\game.exe | 

"UDP Query User{586E212E-CE6A-42E0-9E6F-6F9CA728E0EC}C:\program files (x86)\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\game.exe | 

"UDP Query User{74474254-4748-4EEE-B924-391FA0D0DA2B}C:\program files (x86)\bioware corp\neverwinter nights\nwmain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bioware corp\neverwinter nights\nwmain.exe | 

"UDP Query User{7D27F2CC-6579-469C-A2FD-CB7C1B6443E1}C:\users\das vroni\age of empires\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\das vroni\age of empires\age2_x1\age2_x1.exe | 

"UDP Query User{8A4B27D7-7192-4304-8601-EEAA9E1B742C}C:\users\das vroni\age of empires\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\das vroni\age of empires\age2_x1\age2_x1.exe | 

"UDP Query User{A00A57E7-C253-4AA7-95F3-DF0D2EAA9505}C:\users\das vroni\desktop\age of empires\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\das vroni\desktop\age of empires\age2_x1\age2_x1.exe | 

"UDP Query User{AAA5AC53-B2F3-4ED4-A2DF-FFA1E73CA9FB}C:\users\das vroni\spielesucht\age of empires\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\das vroni\spielesucht\age of empires\age2_x1\age2_x1.exe | 

"UDP Query User{CE0B7CE2-1CB8-4AA1-867A-86C271866C58}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 

"UDP Query User{CE404C7C-D90E-4ADA-B1F9-C7CA8E85C357}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources

"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1B4ED54A-A741-5D36-40C6-0DA839CA033F}" = AMD Catalyst Install Manager

"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources

"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources

"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources

"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources

"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources

"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources

"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources

"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources

"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources

"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources

"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources

"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources

"{45E3D837-4855-7F41-A22E-D1D0AEA71EF8}" = AMD Steady Video Plug-In 

"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources

"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources

"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources

"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources

"{581F6FB0-46E6-42DA-98CC-ABB001386520}" = Motorola Mobile Drivers Installation 5.1.0

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources

"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources

"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources

"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources

"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources

"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources

"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources

"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources

"{804F1A38-3B3F-7C26-4706-43765849773E}" = ccc-utility64

"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources

"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources

"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources

"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources

"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources

"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources

"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources

"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources

"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources

"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources

"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources

"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources

"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources

"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Elantech" = ETDWare PS/2-X64 10.0.7.3_WHQL

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common

"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh

"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包

"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger

"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common

"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common

"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지

"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack

"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack

"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti

"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail

"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live

"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail

"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi

"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh

"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh

"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer

"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar

"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“

"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack

"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker

"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common

"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings

"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials

"{17A9BA11-389A-C33D-508E-E0D05186FD2A}" = CCC Help Turkish

"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials

"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer

"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = Die Sims™ 2 Villen- und Garten-Accessoires

"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima

"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer

"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite

"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack

"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail

"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack

"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources

"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail

"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer

"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources

"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program

"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer

"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack

"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh

"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger

"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources

"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition

"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger

"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources

"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer

"{332C7CD9-34DF-0157-3CBB-B0CA0A3E9F9E}" = CCC Help Spanish

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{343A6D63-E943-FFBE-C750-ED20422EC0EC}" = CCC Help Russian

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10

"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack

"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh

"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials

"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3F357AC3-D10E-5F8E-5F0D-21813283A75B}" = CCC Help Greek

"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh

"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials

"{4215D8AD-4EE5-0BFB-0D8A-A9B8134A2BA5}" = CCC Help English

"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer

"{4292173D-CDB8-7562-92FC-6ED59181D210}" = CCC Help German

"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery

"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials

"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common

"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger

"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live

"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources

"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere

"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer

"{48DB5914-8772-472D-B8DF-E2092BE598F6}" = Adobe Flash Player 10 ActiveX

"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials

"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer

"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger

"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack

"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4

"{4CBCDE18-2A92-5076-9C63-C3E70AA8D64F}" = CCC Help Italian

"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack

"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2

"{4EA30BB1-DDB2-2B98-891E-CED9A8132A81}" = CCC Help Thai

"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common

"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack

"{50EE4129-2B14-D002-92A8-6A0503493B86}" = CCC Help Portuguese

"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta

"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일

"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack

"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources

"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger

"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh

"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri

"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh

"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common

"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker

"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources

"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack

"{5E664F04-69B7-242E-E68B-BB1CCAB3836E}" = CCC Help Danish

"{5E8C456C-2FDD-AE39-B9A3-53149E25449B}" = CCC Help Norwegian

"{5F702CEA-61F2-103B-68BF-8B7D38BC55F9}" = Catalyst Control Center Localization All

"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker

"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail

"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker

"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live

"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh

"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials

"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker

"{66A98CB1-3256-1191-C302-D2F3FA9DD065}" = CCC Help Polish

"{66B0D063-011A-F89D-5628-F99D71FBD284}" = CCC Help Chinese Traditional

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer

"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources

"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack

"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger

"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh

"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker

"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common

"{6B77DDC6-93A8-4730-887E-C8F46728358F}" = Catalyst Control Center - Branding

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker

"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common

"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources

"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials

"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer

"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh

"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack

"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources

"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker

"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh

"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack

"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail

"{76CD3D3A-3419-B56C-C9ED-49EC12F2520C}" = CCC Help Chinese Standard

"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack

"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack

"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common

"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources

"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live

"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common

"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh

"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger

"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live

"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common

"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker

"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business

"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库

"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live

"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common

"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources

"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common

"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources

"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources

"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh

"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials

"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83A9A723-239D-B643-C1E3-6F0D17A8F84C}" = Catalyst Control Center InstallProxy

"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die Sims Mittelalter

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{83D2FFB0-E378-49FE-8A53-580CA7B5761F}" = Windows Live Messenger

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common

"{846267F2-A5EF-2CE6-9FC3-3D24FDE64A2E}" = CCC Help Dutch

"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials

"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery

"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker

"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{95BB7324-77D3-4BF3-8CF6-29F0857AC175}" = Easy File Share

"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria

"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail

"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker

"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker

"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials

"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker

"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger

"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh

"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger

"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources

"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials

"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh

"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration

"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail

"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common

"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh

"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common

"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger

"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common

"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer

"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources

"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials

"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live

"{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher

"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources

"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija

"{B8BCB744-89CC-BD99-9740-E317835031C3}" = CCC Help Swedish

"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer

"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer

"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide

"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger

"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger

"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common

"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi

"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker

"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh

"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger

"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live

"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3

"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh

"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch

"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer

"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail

"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija

"{C886C799-FBD0-0A18-E992-DE26B964D727}" = CCC Help French

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer

"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger

"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live

"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger

"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker

"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common

"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer

"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery

"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija

"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker

"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh

"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer

"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack

"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger

"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{D8281314-4EEA-B91B-18C7-8A5C37A3E634}" = CCC Help Czech

"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources

"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer

"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker

"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker

"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail

"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer

"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0BE1488-4FEA-43AC-EA7E-B22AB7016A7C}" = AMD VISION Engine Control Center

"{E2DD7CF7-478A-2139-F601-0621DC9F0FD2}" = CCC Help Korean

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija

"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer

"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources

"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live

"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer

"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live

"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger

"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources

"{EA50969B-A027-5CC6-852A-31877EC40D92}" = CCC Help Hungarian

"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack

"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh

"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger

"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger

"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack

"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources

"{F5FB1356-7F0A-0554-B287-336C3AF604B6}" = CCC Help Finnish

"{F5FE4120-A51D-997D-D313-D982B5336109}" = CCC Help Japanese

"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail

"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Easy Support Center 1.0

"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger

"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos

"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh

"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger

"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail

"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker

"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie

"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live

"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials

"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials

"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker

"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger

"Age of Empires 2.0" = Microsoft Age of Empires II

"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion

"Avira AntiVir Desktop" = Avira Free Antivirus

"DAEMON Tools Lite" = DAEMON Tools Lite

"Diablo II" = Diablo II

"Game Console - WildGames" = WildTangent ORB Game Console

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite

"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"LogMeIn Hamachi" = LogMeIn Hamachi

"McAfee Security Scan" = McAfee Security Scan Plus

"Mount&Blade" = Mount&Blade

"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

"NIS" = Norton Internet Security

"WildTangent wildgames Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live 程式集

"WT085559" = Diner Dash 2 Restaurant Rescue

"WT085567" = Chuzzle Deluxe

"WT085580" = John Deere Drive Green

"WT085581" = Penguins!

"WT085583" = Polar Golfer

"WT085587" = Agatha Christie - Death on the Nile

"WT085597" = Build-a-lot

"WT085618" = Farm Frenzy

"WT085622" = Insaniquarium Deluxe

"WT085663" = Peggle

"WT085669" = Plants vs. Zombies

"WT089285" = Zuma Deluxe

"WT089286" = Bejeweled 2 Deluxe

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 10.01.2013 10:23:11 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x85c  Startzeit der fehlerhaften Anwendung: 0x01cdef3d4bd3abc6  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 42a9f901-5b31-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:28:29 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x10fc  Startzeit der fehlerhaften Anwendung: 0x01cdef3e08aabcd1  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 002f750b-5b32-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:34:02 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x654  Startzeit der fehlerhaften Anwendung: 0x01cdef3ed40e13c5  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 c6bc047b-5b32-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:39:35 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x1434  Startzeit der fehlerhaften Anwendung: 0x01cdef3f9a9c50eb  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 8d30027f-5b33-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:45:16 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x410  Startzeit der fehlerhaften Anwendung: 0x01cdef40610fb2ad  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 5870b5c0-5b34-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:51:07 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x14f0  Startzeit der fehlerhaften Anwendung: 0x01cdef412c911961  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 299cd8e3-5b35-11e2-8533-e8039a365954

 

Error - 10.01.2013 10:56:40 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x148c  Startzeit der fehlerhaften Anwendung: 0x01cdef41fd4fd319  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 f0239bdd-5b35-11e2-8533-e8039a365954

 

Error - 10.01.2013 11:02:14 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0x82c  Startzeit der fehlerhaften Anwendung: 0x01cdef42c408ca5f  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 b739336f-5b36-11e2-8533-e8039a365954

 

Error - 11.01.2013 03:48:11 | Computer Name = Gwendolyn | Source = WinMgmt | ID = 10

Description = 

 

Error - 11.01.2013 03:53:31 | Computer Name = Gwendolyn | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Name des fehlerhaften Moduls: SWMAgent.exe, Version: 1.1.22.19,

 Zeitstempel: 0x4e7983bf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00015ec8  ID des fehlerhaften

 Prozesses: 0xb78  Startzeit der fehlerhaften Anwendung: 0x01cdefcfeb0efdf6  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Pfad

 des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe

Berichtskennung:

 fdbc52f0-5bc3-11e2-9e32-e8039a365954

 

[ Media Center Events ]

Error - 24.09.2012 08:02:57 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 14:02:57 - Fehler beim Herstellen der Internetverbindung.  14:02:57 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 24.09.2012 08:03:03 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 14:03:02 - Fehler beim Herstellen der Internetverbindung.  14:03:02 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 14:32:26 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 20:32:26 - Fehler beim Herstellen der Internetverbindung.  20:32:26 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 14:32:40 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 20:32:31 - Fehler beim Herstellen der Internetverbindung.  20:32:31 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 15:32:58 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 21:32:58 - Fehler beim Herstellen der Internetverbindung.  21:32:58 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 15:33:04 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 21:33:03 - Fehler beim Herstellen der Internetverbindung.  21:33:03 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 16:33:23 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 22:33:23 - Fehler beim Herstellen der Internetverbindung.  22:33:23 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 16:33:29 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 22:33:28 - Fehler beim Herstellen der Internetverbindung.  22:33:28 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 17:33:48 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 23:33:48 - Fehler beim Herstellen der Internetverbindung.  23:33:48 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.09.2012 17:33:54 | Computer Name = Gwendolyn | Source = MCUpdate | ID = 0

Description = 23:33:53 - Fehler beim Herstellen der Internetverbindung.  23:33:53 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 10.03.2013 15:27:02 | Computer Name = Gwendolyn | Source = Ntfs | ID = 262199

Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.

Führen

 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy2" den Befehl "chkdsk" aus.

 

Error - 10.03.2013 15:27:06 | Computer Name = Gwendolyn | Source = Ntfs | ID = 262199

Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.

Führen

 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy2" den Befehl "chkdsk" aus.

 

Error - 10.03.2013 17:15:48 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

Error - 11.03.2013 16:32:57 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

Error - 11.03.2013 18:05:43 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

Error - 12.03.2013 11:38:40 | Computer Name = Gwendolyn | Source = Service Control Manager | ID = 7022

Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

 

Error - 12.03.2013 13:16:54 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

Error - 12.03.2013 13:23:16 | Computer Name = Gwendolyn | Source = Service Control Manager | ID = 7022

Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

 

Error - 12.03.2013 16:26:01 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

Error - 12.03.2013 16:49:22 | Computer Name = Gwendolyn | Source = DCOM | ID = 10010

Description = 

 

 

< End of report >

--- --- ---
[spoiler]