| TorpedoMoska | 16.07.2013 13:36 |
OTL und Extras
OTL Code:
OTL logfile created on: 15.07.2013 19:36:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 6,10 Gb Available Physical Memory | 77,09% Memory free
15,81 Gb Paging File | 13,91 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 305,67 Gb Total Space | 188,84 Gb Free Space | 61,78% Space Free | Partition Type: NTFS
Drive D: | 367,97 Gb Total Space | 154,03 Gb Free Space | 41,86% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.07.15 13:36:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\2 OTL.exe
PRC - [2013.07.13 16:08:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.22 12:52:30 | 002,073,416 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
PRC - [2012.10.22 12:48:32 | 000,770,888 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
PRC - [2012.10.22 12:48:26 | 000,283,464 | ---- | M] () -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
PRC - [2012.10.22 12:48:20 | 000,557,896 | ---- | M] (PacketVideo) -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
PRC - [2011.11.20 08:07:19 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.11.17 01:04:20 | 000,822,384 | ---- | M] (ACD Systems) -- C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe
PRC - [2011.07.08 02:32:30 | 000,088,704 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.07.07 01:20:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.06.30 02:16:10 | 000,503,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011.05.27 18:17:20 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.05.27 15:59:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.25 16:53:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011.05.20 21:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.05.11 01:55:40 | 000,338,208 | -H-- | M] (Splashtop Inc.) -- C:\ASUS.SYS\SIONExportService.exe
PRC - [2011.03.13 20:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.01.15 01:41:58 | 001,839,616 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010.10.08 00:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.10.06 07:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 07:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.08.18 00:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.07.10 08:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010.02.03 10:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.08.04 18:21:58 | 000,030,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
PRC - [2009.06.24 11:57:04 | 000,136,704 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2008.06.05 11:19:18 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2013.07.13 13:47:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll
MOD - [2013.07.13 13:46:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
MOD - [2013.07.13 13:45:48 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013.07.13 13:45:30 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013.07.13 13:44:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013.07.13 13:44:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013.07.13 13:44:33 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013.07.13 13:44:20 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.06.09 05:24:50 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011.02.19 06:23:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.11.05 03:57:48 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.08.04 18:23:16 | 000,063,032 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
MOD - [2009.08.04 18:23:02 | 000,075,320 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2011.11.11 04:08:32 | 000,126,520 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2011.01.26 00:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.04.17 02:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2013.07.13 16:08:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013.06.11 20:28:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.31 23:35:39 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2012.10.22 12:48:32 | 000,770,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe -- (TwonkyProxy)
SRV - [2012.10.22 12:48:26 | 000,283,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe -- (TwonkyWebDav)
SRV - [2012.10.22 12:48:20 | 000,557,896 | ---- | M] (PacketVideo) [Auto | Running] -- C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe -- (TwonkyServer)
SRV - [2011.07.08 02:32:30 | 000,088,704 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.05.27 18:17:20 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.05.27 15:59:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.11 01:55:40 | 000,338,208 | -H-- | M] (Splashtop Inc.) [Auto | Running] -- C:\ASUS.SYS\SIONExportService.exe -- (Splashtop MDES)
SRV - [2011.04.20 19:57:02 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2011.03.13 20:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.03.13 20:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.01.15 01:41:58 | 001,839,616 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2010.10.06 07:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.06 07:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 20:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.24 11:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 20:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.10.31 23:36:49 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.10.08 14:09:34 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.08 06:22:38 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011.12.08 06:22:38 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011.10.08 09:28:44 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2011.10.07 11:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.09 05:24:50 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.06.02 20:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 20:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.24 03:17:08 | 012,259,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.05.05 14:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.04.26 05:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.18 07:36:18 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011.03.13 20:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 20:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 20:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 20:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 20:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 20:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 20:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011.03.03 15:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.02.26 03:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.21 19:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.08.24 11:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.04.17 02:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.11.02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.05.23 18:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.05.26 05:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10053&barid={C85C127E-EC11-11E2-978C-742F68E36D21}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10053&barid={C85C127E-EC11-11E2-978C-742F68E36D21}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=HitachiXHTS547575A9E384_J2540054CYWYPECYWYPEX&ts=1373724521
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {1040F243-993E-498C-8A81-980D0B85852F}
IE - HKCU\..\SearchScopes\{1040F243-993E-498C-8A81-980D0B85852F}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE474
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012.10.31 23:36:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.10.31 23:36:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\Lyrics@LyricsContainer.co: C:\Program Files (x86)\LyricsContainer\120.xpi [2013.07.14 01:12:02 | 000,007,589 | ---- | M] ()
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.de/search?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: LyricsContainer = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfmigjiaapipflmopkaaooigcjjdojh\1.120_0\
CHR - Extension: Docs = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Plus-HD-1.6 = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.23.23_0\crossrider
CHR - Extension: Plus-HD-1.6 = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.23.23_0\
CHR - Extension: Anti-Banner = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Plus-HD-1.6) - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACPW05DE] C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe (ACD Systems)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\02 Microsoft Outlook 2010.lnk = C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{013308F2-961A-4F19-9F50-4B85ABC34572}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SISetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.15 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Anti-Malware
[2013.07.15 19:16:37 | 000,000,000 | R--D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.07.15 13:51:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\2 OTL.exe
[2013.07.14 23:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.07.14 17:07:55 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2013.07.14 17:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.14 17:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.14 17:06:41 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.14 17:06:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.14 17:06:25 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Programs
[2013.07.14 01:13:19 | 000,000,000 | ---D | C] -- C:\Users\xxx\Qtrax
[2013.07.14 01:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-1.6
[2013.07.14 01:12:31 | 004,953,944 | ---- | C] (FLVMPlayer ) -- C:\Users\xxx\Desktop\FLVMPlayer.exe
[2013.07.14 01:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsContainer
[2013.07.13 16:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2013.07.13 16:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013.07.13 16:15:08 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\NCH Software
[2013.07.13 16:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013.07.13 16:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Videoverwandte Programme
[2013.07.13 16:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
[2013.07.13 16:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2013.07.13 16:08:58 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\WebCake
[2013.07.13 16:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.07.13 16:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.07.13 16:08:18 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\eIntaller
[2013.07.13 16:08:14 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Dealply
[2013.07.13 16:07:58 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[2013.07.13 16:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
[2013.07.13 16:07:54 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\SwvUpdater
========== Files - Modified Within 30 Days ==========
[2013.07.15 19:33:31 | 000,000,000 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2013.07.15 19:32:10 | 001,529,502 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.15 19:32:10 | 000,665,812 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.15 19:32:10 | 000,627,654 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.15 19:32:10 | 000,133,992 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.15 19:32:10 | 000,110,374 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.15 19:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.15 19:26:52 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.07.15 19:25:27 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.15 19:25:27 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.15 19:18:11 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\LyricsContainer Update.job
[2013.07.15 19:15:23 | 000,001,914 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.6-chromeinstaller.job
[2013.07.15 19:15:22 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013.07.15 19:15:22 | 000,001,206 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.6-codedownloader.job
[2013.07.15 19:15:22 | 000,001,202 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.6-updater.job
[2013.07.15 19:15:22 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.15 19:15:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.6-enabler.job
[2013.07.15 19:15:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.15 19:14:58 | 2072,027,135 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.15 13:38:04 | 000,377,856 | ---- | M] () -- C:\Users\xxx\Desktop\3 gmer_2.1.19163 desktop.exe
[2013.07.15 13:36:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\2 OTL.exe
[2013.07.15 07:46:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.15 07:08:00 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2013.07.15 02:57:15 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.14 17:06:44 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.14 16:09:36 | 000,001,574 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.07.14 16:08:03 | 000,002,532 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.07.14 01:14:16 | 000,002,367 | ---- | M] () -- C:\Users\xxx\Desktop\Qtrax Player.lnk
[2013.07.14 01:12:59 | 004,953,944 | ---- | M] (FLVMPlayer ) -- C:\Users\xxx\Desktop\FLVMPlayer.exe
[2013.07.13 17:00:27 | 000,203,776 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.13 16:15:25 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.07.13 16:14:26 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.07.13 13:30:18 | 000,498,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.03 22:40:44 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.03 22:40:43 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.06.23 18:29:39 | 000,001,334 | ---- | M] () -- C:\Users\Public\Desktop\Saturn Fotoservice.lnk
[2013.06.22 19:02:42 | 000,000,224 | ---- | M] () -- C:\WifiInfo.ini.enc
========== Files Created - No Company Name ==========
[2013.07.15 19:33:31 | 000,000,000 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2013.07.15 19:31:44 | 000,377,856 | ---- | C] () -- C:\Users\xxx\Desktop\3 gmer_2.1.19163 desktop.exe
[2013.07.14 23:20:40 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.14 17:06:44 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.14 01:14:16 | 000,002,367 | ---- | C] () -- C:\Users\xxx\Desktop\Qtrax Player.lnk
[2013.07.14 01:14:15 | 000,002,397 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
[2013.07.14 01:13:15 | 000,001,202 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.6-updater.job
[2013.07.14 01:13:12 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.6-enabler.job
[2013.07.14 01:13:07 | 000,001,206 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.6-codedownloader.job
[2013.07.14 01:12:46 | 000,001,914 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.6-chromeinstaller.job
[2013.07.14 01:12:02 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\LyricsContainer Update.job
[2013.07.13 16:15:25 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Videobearbeitungs-Software.lnk
[2013.07.13 16:15:25 | 000,001,176 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.07.13 16:14:26 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.07.13 16:14:26 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.07.13 16:08:14 | 000,000,304 | ---- | C] () -- C:\Windows\tasks\Dealply.job
[2013.07.03 22:40:44 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.07.03 22:40:43 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.02.24 19:29:18 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv7
[2012.12.02 23:34:28 | 000,000,639 | ---- | C] () -- C:\Users\xxx\_Musik - Verknüpfung.lnk
[2012.12.02 23:34:22 | 000,000,639 | ---- | C] () -- C:\Users\xxx\_Fotos - Verknüpfung.lnk
[2012.12.02 23:34:16 | 000,000,676 | ---- | C] () -- C:\Users\xxx\_Daten_Jens - Verknüpfung.lnk
[2012.12.02 23:34:08 | 000,000,683 | ---- | C] () -- C:\Users\xxx\_Daten_Beide - Verknüpfung.lnk
[2012.12.02 23:34:02 | 000,000,676 | ---- | C] () -- C:\Users\xxx\_Daten_Anja - Verknüpfung.lnk
[2012.12.02 22:53:38 | 000,038,435 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.02.28 19:13:29 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2012.02.27 18:07:48 | 000,017,408 | ---- | C] () -- C:\Users\xxx\AppData\Local\WebpageIcons.db
[2012.02.24 18:49:41 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Basic Synth
[2012.02.24 18:49:41 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\Authentication
[2012.02.24 18:49:41 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2012.02.23 22:48:14 | 000,203,776 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.20 07:37:51 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.08.19 04:33:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.08.19 04:32:39 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.19 04:32:36 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.19 04:32:34 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.02.23 22:45:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ACD Systems
[2012.02.23 21:16:04 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ASUS WebStorage
[2012.02.28 19:38:19 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Canneverbe Limited
[2013.07.13 16:08:14 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dealply
[2013.07.13 16:08:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\eIntaller
[2012.12.27 20:54:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\elsterformular
[2012.02.28 12:01:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mp3DirectCut
[2013.06.11 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mp3tag
[2012.02.25 14:44:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nikon
[2012.02.24 18:28:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nuance
[2013.02.15 23:21:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\streamWriter
[2012.02.23 21:23:21 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Tools
[2013.02.24 19:29:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TwonkyServer
[2013.07.14 23:00:00 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WebCake
[2012.12.02 19:21:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Windows Live Writer
[2012.02.24 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Zeon
========== Purity Check ==========
< End of report >
Extras Code:
OTL Extras logfile created on: 15.07.2013 19:36:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 6,10 Gb Available Physical Memory | 77,09% Memory free
15,81 Gb Paging File | 13,91 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 305,67 Gb Total Space | 188,84 Gb Free Space | 61,78% Space Free | Partition Type: NTFS
Drive D: | 367,97 Gb Total Space | 154,03 Gb Free Space | 41,86% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Saturn Fotoservice\Saturn Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Saturn Fotoservice] -- "C:\Program Files (x86)\Saturn Fotoservice\Saturn Fotoservice\Saturn Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Saturn Fotoservice\Saturn Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Saturn Fotoservice] -- "C:\Program Files (x86)\Saturn Fotoservice\Saturn Fotoservice\Saturn Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06C1C753-55E0-4164-A71D-3624FA36870E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{08FBD584-E9DA-42B0-B03D-901BEB76029A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{08FF5CA9-A7C1-45A7-A0C8-E20899B198EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0FB78D79-B012-46DD-BF40-7D40AE18F693}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{11022C34-B7C5-4A39-852B-6469833C889F}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port |
"{14342E1E-E758-4D05-ABF8-F8334CAD3C32}" = rport=139 | protocol=6 | dir=out | app=system |
"{27E89964-EF43-4748-90D0-0438E3952E7D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{5232C3B5-98AD-4BDF-BE97-B5E15C17A52C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EAFBDE6-01A0-457F-8480-89D15C0E2C0A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{621B01E4-3D4D-4C51-83C9-5C73F9F990DF}" = lport=139 | protocol=6 | dir=in | app=system |
"{6A337210-9D2C-4EBD-91C1-08637204DE6E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6AF7350C-E8B8-4793-8CF9-E170DF7FD65F}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port |
"{6ECC7487-6355-4583-8DE2-B3334BA2C9EE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{71B49517-3461-460B-9259-6B62F0A1DC9A}" = lport=137 | protocol=17 | dir=in | app=system |
"{89B12867-B570-40BF-B205-4E0276211ED4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{90C657B6-61E3-4ACD-86E3-0E055B714C9E}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port |
"{90D89644-1FF6-437A-A1AB-499859A5E52E}" = rport=137 | protocol=17 | dir=out | app=system |
"{9D20EE2C-28C0-46A1-BE7A-1C2171BD6AD9}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D47872D-032B-455C-82C7-4F11B9961491}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{A9C74BAA-BE5F-4DB2-843C-A65F5A19AB54}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ACA190A5-3EC5-4EA1-B19F-52E862DC802C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE0D7653-2AAC-4D41-A08B-F0B52C04F7D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4D6D88F-582D-4337-85A9-55DC080E43FF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E1B30A05-E7AF-4C3C-BCAB-81F3FA51382A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F425B16F-F39C-4F7B-833A-30369781EEE7}" = lport=138 | protocol=17 | dir=in | app=system |
"{F4D22AF2-9974-4E19-B152-150034B11609}" = lport=445 | protocol=6 | dir=in | app=system |
"{F85F7116-DDB0-49DC-A974-6FE58ECEC3DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCB31791-C535-4C49-8B28-D32579912C36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFC14B55-56B3-4214-838E-AD17ACA72510}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0065111C-562F-40E0-847F-56B95B1EB520}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{02D11ED0-6E0F-4655-816D-720936939494}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{06B2A73F-611A-4EA9-A806-614CAC75EC96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0FE19DF2-A36F-4FE5-9222-3BB52C5D1E78}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{10E59A45-DE8A-42FE-96C5-033CA918E518}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1451AE0A-56A4-4E8F-8058-24EB5089E349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14C83036-F564-4ADB-8B72-CB61A53B6706}" = protocol=17 | dir=in | app=c:\ljp1100_p1560_p1600_full_solution\productinst64.exe |
"{2633DC1A-5D9D-4B2F-A43C-90B30108CD04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{265E8AFC-7B6A-4025-8024-42C817ED9D01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C37F120-69C0-400D-9DCE-01709724B753}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{33E6E1B4-2B9D-4614-B0E6-C88EB7380F28}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{33F7EC75-4949-464A-B548-AA919E6F200E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{383DB608-8E39-4CA0-88B3-896F04875D92}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3BB43EBA-0121-4F84-A90B-5AF71BD86735}" = protocol=6 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkyserver.exe |
"{4163AF30-AD14-4A72-A044-6B228CB22779}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{41988E21-9BA2-4B6A-9E7E-8CCE0557CFE7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{49E53989-C386-4281-9868-579E95540875}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\local\temp\nsuc012.tmp\sweetim_0307_y-d1264dfa.exe |
"{4BC57399-B218-4C11-B784-FFF888AAF275}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{4C664534-7106-413B-AA0C-67505455F2D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{54AD3969-AD7C-4C95-8DC5-9A2CD3C6A7BB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{62352C51-56E4-4EFF-8425-0CE7EB0E1F6A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6771451D-313F-4ACB-A0D1-A437D40CFFFB}" = protocol=6 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkystarter.exe |
"{6F470A5F-0345-475D-8928-4B026CF7878D}" = protocol=6 | dir=out | app=system |
"{87CB35AF-4F8F-4157-8937-ACB4297D2867}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8B626844-AB1D-45B7-B78C-7C7519775497}" = protocol=17 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkystarter.exe |
"{95A8B839-2D4F-4CBB-BF0C-1C9FC4084AF0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{96CB79F4-2D43-443C-83E6-018F5D9913A8}" = protocol=6 | dir=in | app=c:\ljp1100_p1560_p1600_full_solution\productinst64.exe |
"{98CA956C-14FB-4018-B62C-472842F33B45}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B7F333A-6CCC-48EA-90F5-217FF0D440D3}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\local\temp\nsuc012.tmp\sweetim_0307_y-d1264dfa.exe |
"{A0F1FDE9-EDB9-473B-A0B0-14B5A2A3D1C9}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A28C1B85-B5D4-4669-9FB3-4F550CD0D0D6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{A51F77F3-3F8B-4D66-A635-52630744A533}" = protocol=17 | dir=in | app=c:\program files (x86)\twonky\twonkyserver\twonkyserver.exe |
"{A7D18DC3-A2B2-4A26-AF2B-A6FAF6CF1F12}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{ABDD64C2-D215-4FC4-8D95-103F36D427DB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ACF9C9CE-64FF-479B-B1C5-0656FD58EEED}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{AF3D4EC5-BB12-4EBD-A60A-98983EEF80B3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B1AD1F66-E5CF-470E-9BD2-AD9690E4D41E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B40650A1-C3F6-4692-AA8B-A7E512F7DFE9}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{BEDD66D0-2B4E-4496-8BCB-7A056A10849A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D33DF40F-164C-4381-90C2-707CB8B03FE7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3AF25A3-52BD-40A2-8ED2-EDEA8623BBC0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D7D32346-3DAF-4264-9FE4-614B6C76CE9C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DC68984B-6E3E-449F-876F-CC5ECA355C5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E31CE3D2-CA5E-4438-9B5C-2C44D7F905AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5FAA4B3-05AE-48F0-B068-39273E67E4EE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{E733C864-A0DE-4C3D-949E-AA50395A30B4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ECF4FA3A-45F2-4E53-A5A9-6A2829A04D86}" = dir=in | app=c:\users\xxx\appdata\local\microsoft\skydrive\skydrive.exe |
"{F06DB4E7-DFF7-4500-A654-28C18B97A763}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{F18C24B0-0045-48FC-81E2-9452F1AA7374}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FACD7A7B-D0E3-405F-B061-ADF174112577}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FE254289-BB29-4D5E-A051-B41D5A10D6D0}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"TCP Query User{999BB7E9-A17B-4673-93A5-63FB9BDB7F25}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |
"UDP Query User{3DD1F143-670D-44F9-98EC-24899E23AADB}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{627673ff-f4ea-43fd-893d-28fc6176fb2d}" = Gigaset QuickSync
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.74
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"AsMakeLink" = AsMakeLink
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PhotomatixEssentials3x64_is1" = Photomatix Essentials 64-bit version 3.1.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000AD938-EEBB-46F5-BD33-23CB34A57C54}" = Movie Maker
"{01944037-D136-45EE-A007-403EAD929FC7}" = Windows Live Writer
"{01ABAEC3-8F96-4D00-9672-E49AAFDC0685}" = Windows Live Writer Resources
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{061FF8F3-5226-4278-8AAB-282C1B024F58}" = Photo Common
"{06EED60F-7FFC-43A7-936E-AA4A8BD948B4}" = Windows Live Writer
"{087D261B-73AE-4B8A-8F18-2EE80DD2ED8B}" = Фотоальбом
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0AD576A7-EDCE-469E-ADD7-1AC9DB200C6B}" = Windows Live Mail
"{0BC39E89-506A-4ADA-8924-27AEE2C97618}" = Windows Live Writer
"{0BFF2188-2D8E-4BE2-95D0-B3CCD4C6A0C9}" = Photo Common
"{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
"{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}" = Movie Maker
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1D03A585-879D-45DB-B77A-C4D5A04E7286}" = Windows Live Family Safety
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{1FEE19BC-6F0C-42E4-82FF-FB597F6141DF}" = Windows Live Essentials
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2177152C-83DD-4540-B2F0-970F7303B7BA}" = Windows Live Writer Resources
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{241F87F6-CEA4-4493-B4EE-0973C6088FEC}" = Windows Live Family Safety
"{252D22BA-FD4A-48C0-A937-C0E0B799F1EF}" = Windows Live Family Safety
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}" = Movie Maker
"{2AEAFC79-79E6-4784-9CF9-D9D82932BF88}" = Windows Live Family Safety
"{2B068A64-F867-44E9-8827-A795647C8730}" = Фотографии (общедоступная версия)
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}" = ACDSee Pro 5
"{373EF285-A2DC-44EB-8D79-18918F33CB3A}" = Windows Live Messenger
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3C41298B-A3F5-40C8-8BE3-A9A3F0644B0A}" = Windows Live Writer
"{3C63F944-803E-49A7-B3A2-B8AB3313E883}" = Windows Live UX Platform Language Pack
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D44D783-D027-4135-AC39-81E320ED2D3A}" = Windows Live Family Safety
"{3F459DA9-0D88-452E-97A4-5B69C8C8C6B5}" = Windows Live Family Safety
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43CCAC37-4E31-495F-9077-471E4E92DCEA}" = Windows Live Messenger
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"{476C5E21-9418-4A76-80A3-0C6A470AC637}" = Windows Live Essentials
"{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5006FD66-7E9B-4F92-BD36-275AD7712348}" = معرض الصور
"{525E7EA7-481F-499D-A7F7-4682AC46A454}" = Movie Maker
"{5681FEA2-1CF8-461E-B611-55D2C50FC4EF}" = بريد Windows Live
"{5917D694-AFC3-46BF-8CAB-0DABAF9D6FCB}" = Windows Live UX Platform Language Pack
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5FE3BC4E-2BD5-4D6B-8BC4-640A42626AAD}" = Почта Windows Live
"{62BBCDDC-4979-4E59-9D97-5B8E874C3191}" = Movie Maker
"{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}" = 影像中心
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69FCA957-224F-4623-8BE0-6295CFB2C3E4}" = Windows Live Mail
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DFDA9F-C07B-40B6-BA5C-C4C04AFF883D}" = Windows Live Family Safety
"{73669388-1011-4B57-A90F-8B0415093AB2}" = Windows Live Writer
"{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{794D971F-7EC1-4F71-A51C-773074CAB8DA}" = Windows Live Writer
"{79A1AF43-BD17-4A81-B38A-6D6535D3F377}" = Windows Live Writer
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8030AE22-7FA0-4880-A538-8906EDBF49F4}" = Windows Live Writer Resources
"{81CF4226-47C1-418C-8718-1B3ED2C37878}" = Windows Live Essentials
"{83C9377F-5ED1-4AD8-B113-7C876AEAF3AB}" = Windows Live Messenger
"{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{87425773-10F4-4858-8CBF-465093FA43DE}" = Windows Live Mail
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AAEB5A5-A397-46B6-8AF3-B6DC790C4E48}" = Windows Live Messenger
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E241C05-52BF-4862-AD1F-AAE465C0075B}" = Windows Live Mail
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F7FECEC-088F-431D-A5FB-2B59E1E69943}" = Galería de fotos
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{96914829-DF65-40AE-8A31-6F3E96BAEBBD}" = Windows Live Mail
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{989889A7-D13D-4DA4-B059-B250784DFABC}" = Photo Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B4D3AFE-8679-4704-AA4C-BAB0E41870EF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C60D080-84E7-43A5-8ECA-28253D253BD7}" = Windows Live Essentials
"{A0E4C4A6-1CC7-4442-8CAE-2D825B7BC1C1}" = Windows Live Writer Resources
"{A132CE8A-79EA-4BB5-9A24-4348B4DDD48A}" = Photo Common
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A19A8C25-272A-4CD6-8BA8-3772321A021B}" = Συλλογή φωτογραφιών
"{A58FCEF4-3191-466C-8949-0FFFFFB7631D}" = Windows Live Writer Resources
"{A5DC64EE-2FC4-4C35-9975-639DD8499369}" = Windows Live Family Safety
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ADE1F206-1365-4B14-9A24-4B1A7DD58BAC}" = Windows Live UX Platform Language Pack
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}" = Movie Maker
"{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B27EDD14-869E-4A44-905A-5DE652F7278F}" = Windows Live Messenger
"{B306F739-A414-4698-BFAD-0AB23F73D14F}" = Windows Live Messenger
"{B328282C-DCE9-49B7-8B98-C08D9AA28C46}" = Windows Live Mail
"{B67B2671-2981-466B-BA14-25538AA871DC}" = Windows Live Messenger
"{B693A4C3-B708-4F25-978E-56CA2517914C}" = Windows Live UX Platform Language Pack
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B77D2795-23C0-4DBD-B7B5-CFB542D1FA3F}" = Windows Live Writer Resources
"{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{BE5FFB4F-FA58-48DF-BDA9-E7AE79DA9C3E}" = Windows Live Family Safety
"{BFA6D5AD-25EA-475F-AD80-ECD408C674AB}" = Movie Maker
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C40D110E-0718-4E11-A69B-D4EC7BF2EB04}" = Windows Live UX Platform Language Pack
"{C41A3B9E-A238-4E83-AD37-D1EDD1105F5A}" = Windows Live Writer
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4E8BC59-BD60-4B73-999B-758890DF4E62}" = Windows Live Writer Resources
"{C595F480-788A-4F8F-8277-1A91F32CA879}" = Windows Live Writer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C8BBA220-8549-462A-B411-1AF44DE098B5}" = Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0F03C35-6196-4992-8621-6F390DFA9073}" = Windows Live Messenger
"{D16E0F0C-5D10-45CF-A585-CE3689B5A913}" = Windows Live Writer
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D4EA8070-20E0-4BAF-BC44-D166C292FEBE}" = Windows Live Writer Resources
"{D5082B89-2E86-447E-A02C-922534592FA8}" = Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DB169E8F-5332-4DBF-B085-84AA2C373304}" = Windows Live Messenger
"{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF9A76D9-BBFA-483C-AD7F-7D6E7627AD0E}" = Windows Live Family Safety
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}" = Movie Maker
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E37CD6E8-BC51-4D48-9840-803EC3B418D3}" = גלריית התמונות
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E570053D-8ABC-4938-9E23-C634E08E7490}" = Windows Live Mail
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7AE39C6-B669-433F-A351-CA132C611310}" = Windows Live UX Platform Language Pack
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EA2BE047-FF29-4336-BB70-6AF201085BAF}" = Windows Live 程式集
"{EA348D4B-FB4D-4449-8749-654CA51F56A6}" = Windows Live UX Platform Language Pack
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F54A07A9-9716-4094-9E79-F5E929679FFF}" = Windows Live Writer Resources
"{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}" = Galeria de Fotografias
"{F67CA22C-C11F-4573-8406-57F75BA06B51}" = Photo Gallery
"{F7304CCF-B4A0-49C7-88A8-CD3F28FFBF9A}" = Основные компоненты Windows Live
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA75723A-BF4A-40A2-BFCB-BBC320C27DC9}" = Windows Live Mail
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFD91C5-A25D-48D9-89DA-0FB7BB8B3EF7}" = Windows Live Writer Resources
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Anti-Twin 2012-03-23 11.35.37" = Anti-Twin (Installation 23.03.2012)
"Asus Vibe2.0" = AsusVibe2.0
"AsusScr_N5_En" = AsusScr_N5_En
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"DealPly" = DealPly (remove only)
"ElsterFormular" = ElsterFormular
"FreeCommander_is1" = FreeCommander 2009.02b
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"Lyrics@LyricsContainer.co" = LyricsContainer
"MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mp3tag" = Mp3tag v2.50
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Plus-HD-1.6" = Plus-HD-1.6
"Prism" = Prism Videodatei-Konverter
"Revo Uninstaller" = Revo Uninstaller 1.93
"Saturn Fotoservice" = Saturn Fotoservice
"streamWriter_is1" = streamWriter
"TwonkyServer" = Twonky 7
"VideoPad" = VideoPad Videobearbeitungs-Software
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WsysControl" = Wsys Control 1.0.0.2539
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2528993004.portal.qtrax.com" = Qtrax Player
"Dealply" = Dealply
"Qtrax" = Qtrax
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.12.2012 15:56:51 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ACDSeePro5.exe, Version: 5.2.157.0,
Zeitstempel: 0x4f755eba Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x1e94 Startzeit der fehlerhaften Anwendung: 0x01cde07e3105cbce Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeePro5.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b99fcb74-4c71-11e2-927d-742f68e36d21
Error - 22.12.2012 16:27:18 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.12.2012 16:27:18 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2496
Error - 22.12.2012 16:27:18 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2496
Error - 22.12.2012 16:27:22 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 22.12.2012 16:27:22 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6490
Error - 22.12.2012 16:27:22 | Computer Name = Notebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6490
Error - 22.12.2012 16:40:47 | Computer Name = Notebook | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ACDSeePro5.exe, Version: 5.2.157.0,
Zeitstempel: 0x4f755eba Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x1ce4 Startzeit der fehlerhaften Anwendung: 0x01cde08495b9bc98 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeePro5.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: dce7a36d-4c77-11e2-927d-742f68e36d21
Error - 23.12.2012 07:25:56 | Computer Name = Notebook | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Tools\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\Tools\freecommander\DelZip179.dll" in Zeile 8. Der Wert
"*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 27.12.2012 09:41:38 | Computer Name = Notebook | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Tools\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\Tools\freecommander\DelZip179.dll" in Zeile 8. Der Wert
"*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
[ System Events ]
Error - 13.07.2013 12:57:25 | Computer Name = Notebook | Source = Application Popup | ID = 86
Description = Für ein Dateiobjekt mit wartendem Löschvorgang wurde ein Vorgang angefordert,
der kein Schließvorgang ist.
Error - 13.07.2013 12:57:25 | Computer Name = Notebook | Source = Application Popup | ID = 86
Description = Für ein Dateiobjekt mit wartendem Löschvorgang wurde ein Vorgang angefordert,
der kein Schließvorgang ist.
Error - 14.07.2013 10:07:59 | Computer Name = Notebook | Source = Service Control Manager | ID = 7003
Description = Der Dienst "ATKGFNEX Service" ist von folgendem Dienst abhängig: ASMMAP64.
Dieser Dienst ist eventuell nicht installiert.
Error - 14.07.2013 10:09:19 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error - 14.07.2013 11:34:18 | Computer Name = Notebook | Source = Service Control Manager | ID = 7003
Description = Der Dienst "ATKGFNEX Service" ist von folgendem Dienst abhängig: ASMMAP64.
Dieser Dienst ist eventuell nicht installiert.
Error - 14.07.2013 11:35:43 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error - 14.07.2013 17:00:09 | Computer Name = Notebook | Source = Service Control Manager | ID = 7003
Description = Der Dienst "ATKGFNEX Service" ist von folgendem Dienst abhängig: ASMMAP64.
Dieser Dienst ist eventuell nicht installiert.
Error - 14.07.2013 17:01:36 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Wsys Service" wurde nicht richtig gestartet.
Error - 15.07.2013 13:15:21 | Computer Name = Notebook | Source = Service Control Manager | ID = 7003
Description = Der Dienst "ATKGFNEX Service" ist von folgendem Dienst abhängig: ASMMAP64.
Dieser Dienst ist eventuell nicht installiert.
Error - 15.07.2013 13:16:41 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Wsys Service" wurde nicht richtig gestartet.
< End of report >
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
