Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 15.10.2012, 20:45   #1
Damien91
 
"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. - Standard

Problem: "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.



Hallo liebe Forengemeinde,

Ich habe gestern offenbar mehrere dumme fatale Fehler gemacht.
Ich liste die Geschehnisse zuerst einmal hier auf:

1. eine uminöse Skype Nachricht erreichte mich gestern von einem Bekannten, in der erschien dass ich irgendwo tolle Bilder in meinem Profil hätte. Darunter ein Link. Naiv wie ich bin, öffne ich diesen und es lädt sich eine Datei herunter, mit Skype Logo. Also öffne ich sie, und zack, da wars zu spät. Sämtliche Skype Kontakte bekamen von mir dieselbe Nachricht mit solchem Link zugeschickt -.-
Zitat:
moin, kaum zu glauben was für schöne fotos von dir auf deinem profil?
Lautete die Nachricht. Darunter ein Skype Link mit meinem Benutzernamen am Ende.

Mit diesem Video konnte ich offenbar etwas erreichen und den Wurm entfernen:
Zitat:
hxxp://www.youtube.com/watch?v=v5EI_nMhhpQ&feature=plcp
Als ich dann auf meine (sehr wichtige) externe Festplatte "H:\" zugreifen wollte, musste ich feststellen dass dort alle Ordner zu Verknüpfungen geworden sind. Außerdem sind Ordner und Dateien aufgelistet, die ich gar nicht kenne.
Ich habe aus einem Ordner "RECYCLE" alles heraus gelöscht.
Man muss sagen, immer wenn ich einen der Ordner öffnete, kam eine Meldung die mir sagte irgendwo dort wäre eine gefährliche Datei (e621ca05.exe)
Nach dem löschen des RECYCLE Ordnerinhaltes kam ich dann auf der externen Festplatte "H" nirgends mehr rein.
Zitat:
"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.
Ich stellte die gelöschten Dateien wieder her, doch vergebens.

Alles klingt sehr nach diesem Problem:

http://www.trojaner-board.de/115010-...estplatte.html

Da ich mich nun hilfesuchend an euch Fachmänner wende, habe ich schon fleißig vorgearbeitet, wie es im Threat zuvor gewünscht war, und die Logdateien von Malwarebytes, OTL und CCleaner erstellt. Hier das Ergebnis:

Malwarebytes:
mbam-log-2012-10-15 (20-52-00).txt

HTML-Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.15.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Hannes :: KIELBASSA [Administrator]

15.10.2012 18:43:09
mbam-log-2012-10-15 (20-52-00).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 500062
Laufzeit: 2 Stunde(n), 6 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 10
C:\Users\Hannes\AppData\Roaming\1452.exe (Trojan.Ransom) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\2602.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\2E9E.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\3790.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\3FD4.exe (Trojan.Ransom) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\56F0.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\5EAC.exe (Trojan.Ransom) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\C3B6.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\EFC9.exe (Trojan.Ransom.ANC) -> Keine Aktion durchgeführt.
C:\Users\Hannes\AppData\Roaming\Vwgkgf.exe.old (Trojan.FakeSkype) -> Keine Aktion durchgeführt.


(Ende)



OTL
OTL.txt

HTML-Code:
OTL logfile created on: 15.10.2012 20:54:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,74% Memory free
7,83 Gb Paging File | 5,28 Gb Available in Paging File | 67,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 20,60 Gb Free Space | 17,28% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 146,75 Gb Free Space | 95,38% Space Free | Partition Type: NTFS
Drive H: | 298,05 Gb Total Space | 82,68 Gb Free Space | 27,74% Space Free | Partition Type: FAT32
 
Computer Name: KIELBASSA | User Name: Hannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Hannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Microsoft)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\ProgramData\DatacardService\DCService.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1031\UmOutlookStrings.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:[b]64bit:[/b] - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:[b]64bit:[/b] - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TiMiniService) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Trend Micro Inc.)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FreemakeVideoCapture) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Microsoft)
SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:[b]64bit:[/b] - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:[b]64bit:[/b] - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:[b]64bit:[/b] - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:[b]64bit:[/b] - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:[b]64bit:[/b] - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:[b]64bit:[/b] - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:[b]64bit:[/b] - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:[b]64bit:[/b] - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:[b]64bit:[/b] - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:[b]64bit:[/b] - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:[b]64bit:[/b] - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV:[b]64bit:[/b] - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV:[b]64bit:[/b] - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (ksaud) -- C:\Windows\SysNative\drivers\ksaud.sys (Creative Technology Ltd.)
DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:[b]64bit:[/b] - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SaiH0C2D) -- C:\Windows\SysNative\drivers\SaiH0C2D.sys (Saitek)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =  127.0.0.1;*.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: fmdownloader@gmail.com:1.0.0
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: stealthyextension@gmail.com:2.3.3
FF - prefs.js..network.proxy.http: "93.123.45.23"
FF - prefs.js..network.proxy.http_port: 8008
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.04.13 04:51:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ [2011.12.31 17:31:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.10 20:24:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.10 20:24:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.07 18:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hannes\AppData\Roaming\mozilla\Extensions
[2012.10.12 01:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hannes\AppData\Roaming\mozilla\Firefox\Profiles\m17vktlk.default\extensions
[2012.09.16 22:31:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Hannes\AppData\Roaming\mozilla\Firefox\Profiles\m17vktlk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.12 01:41:01 | 000,184,864 | ---- | M] () (No name found) -- C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\m17vktlk.default\extensions\stealthyextension@gmail.com.xpi
[2012.10.01 01:08:24 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\m17vktlk.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.09.10 20:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.10 20:24:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011.12.31 17:31:53 | 000,000,000 | ---D | M] (Freemake Video Downloader Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO DOWNLOADER\BROWSERPLUGIN\FIREFOX
[2012.09.10 20:24:41 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.28 20:22:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 20:10:33 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.28 20:22:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.28 20:22:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.28 20:22:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.28 20:22:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun File not found
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000011 [] - C:\Windows\system32\nspj7uz8.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{380389F5-1978-4D2C-A1F6-97676C386414}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BDF45EB-8281-455E-BA7F-B7FBF93FE4CB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DE7CF3B-4145-4F90-A36B-2EF8955EFA1C}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFECACB9-5D82-4CB3-99CD-0C1982721848}: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\Utilman.exe: Debugger - C:\Windows\SysNative\cmd.exe (Microsoft Corporation)
O27 - HKLM IFEO\Utilman.exe: Debugger - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3402b491-a745-11e1-bf6c-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{3402b491-a745-11e1-bf6c-14dae93eef71}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3402b497-a745-11e1-bf6c-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{3402b497-a745-11e1-bf6c-14dae93eef71}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3905068d-af84-11e1-9356-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{3905068d-af84-11e1-9356-14dae93eef71}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{5c850714-df5d-11e1-86d0-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{5c850714-df5d-11e1-86d0-14dae93eef71}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6818d084-b314-11e1-8293-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{6818d084-b314-11e1-8293-14dae93eef71}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ee16af77-3a34-11e1-8e6d-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{ee16af77-3a34-11e1-8e6d-14dae93eef71}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ee16af84-3a34-11e1-8e6d-14dae93eef71}\Shell - "" = AutoRun
O33 - MountPoints2\{ee16af84-3a34-11e1-8e6d-14dae93eef71}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012.10.15 20:53:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hannes\Desktop\OTL.exe
[2012.10.15 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Roaming\Malwarebytes
[2012.10.15 18:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.15 18:41:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.15 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.15 18:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.15 18:34:55 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Desktop\maurice
[2012.10.15 18:08:11 | 000,000,000 | ---D | C] -- C:\PPF_Scan2
[2012.10.15 13:29:59 | 000,000,000 | ---D | C] -- C:\PPFScan
[2012.10.15 10:51:46 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Roaming\AVG2013
[2012.10.15 10:47:40 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Roaming\TuneUp Software
[2012.10.15 10:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.10.15 10:47:09 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.10.15 10:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012.10.15 10:46:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.10.15 10:43:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.15 10:43:15 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Local\MFAData
[2012.10.15 10:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.10.15 10:43:15 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Local\Avg2013
[2012.10.15 02:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2012.10.15 01:46:55 | 001,036,288 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Hannes\AppData\Roaming\Vwgkgf.exe.old
[2012.10.15 00:47:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.10.15 00:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.10.15 00:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.10.10 00:06:26 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 00:06:25 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 00:06:24 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 00:06:10 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 00:06:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 00:06:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 00:06:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 00:06:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 00:06:08 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 00:06:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 00:06:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 00:06:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 00:06:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 00:06:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 00:06:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 00:06:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 00:06:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 00:06:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 00:06:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 00:06:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 00:06:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 00:06:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 00:06:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 00:06:07 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 00:06:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 00:06:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 00:06:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 00:06:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 00:06:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 00:06:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 00:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 00:06:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 00:06:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 00:05:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 00:05:34 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 00:05:33 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.07 11:30:47 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Desktop\Pascal
[2012.10.06 20:33:36 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Desktop\Luis
[2012.10.05 21:45:09 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Roaming\GoforFiles
[2012.10.05 03:26:22 | 000,111,456 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012.10.02 03:30:38 | 000,185,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2012.09.26 14:12:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.25 18:56:12 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Documents\Native Instruments
[2012.09.25 18:37:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7707EA53-E29B-48FC-B28B-C8EE171EA0EB}
[2012.09.25 18:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments
[2012.09.25 18:35:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A2A4D724-2D08-46E4-BAA8-EC9EE875D133}
[2012.09.25 18:35:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
[2012.09.25 18:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2012.09.25 18:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012.09.25 18:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2012.09.25 18:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2012.09.24 15:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.24 15:51:20 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.09.24 15:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.24 15:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.24 15:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.24 15:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.24 07:58:54 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Local\ElevatedDiagnostics
[2012.09.24 01:00:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.24 01:00:34 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.24 01:00:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.24 01:00:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.24 01:00:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.24 01:00:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.24 01:00:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.24 01:00:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.24 01:00:32 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.24 01:00:32 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.24 01:00:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.24 01:00:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.24 01:00:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.24 01:00:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.24 01:00:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 03:46:04 | 000,200,032 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012.09.21 03:46:00 | 000,225,120 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2012.09.21 03:45:50 | 000,061,792 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012.10.15 20:53:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hannes\Desktop\OTL.exe
[2012.10.15 20:12:12 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.15 18:41:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.15 13:29:38 | 006,170,946 | ---- | M] () -- C:\PPFScan.zip
[2012.10.15 13:18:41 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 13:18:41 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.15 13:10:42 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012.10.15 13:10:35 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.10.15 13:10:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.15 13:10:28 | 3152,203,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 10:53:28 | 000,001,391 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.10.15 10:53:27 | 000,002,250 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.10.15 10:47:40 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.10.15 10:41:04 | 000,006,904 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2012.10.15 01:46:58 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\56F0.exe
[2012.10.15 01:46:55 | 001,036,288 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Hannes\AppData\Roaming\Vwgkgf.exe.old
[2012.10.15 01:39:47 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\C3B6.exe
[2012.10.15 00:56:33 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\2E9E.exe
[2012.10.15 00:47:33 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.15 00:34:26 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\EFC9.exe
[2012.10.15 00:16:11 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\3790.exe
[2012.10.14 23:54:15 | 000,076,288 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\2602.exe
[2012.10.14 22:38:02 | 000,091,136 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\5EAC.exe
[2012.10.14 22:20:15 | 000,091,136 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\1452.exe
[2012.10.14 22:02:57 | 000,091,136 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\3FD4.exe
[2012.10.12 21:32:10 | 003,255,641 | ---- | M] () -- C:\Users\Hannes\Desktop\Linkin Park - Castle of Glass.mp3
[2012.10.09 00:12:38 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 00:12:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.05 16:50:32 | 000,054,039 | ---- | M] () -- C:\Users\Hannes\.recently-used.xbel
[2012.10.05 03:26:22 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012.10.02 17:35:17 | 001,531,218 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.02 17:35:17 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.10.02 17:35:17 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.02 17:35:17 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.10.02 17:35:17 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2012.10.01 21:56:54 | 000,015,477 | ---- | M] () -- C:\Users\Hannes\Desktop\relativ.odt
[2012.09.29 17:17:29 | 000,283,745 | ---- | M] () -- C:\Users\Hannes\Desktop\screen_aragon.jpg
[2012.09.28 22:15:46 | 000,000,023 | ---- | M] () -- C:\Windows\Telemax.cfg
[2012.09.26 23:50:45 | 003,257,187 | ---- | M] () -- C:\Users\Hannes\Desktop\Filterfunk - S.O.S. (Message in a bottle).mp3
[2012.09.26 22:14:17 | 000,949,574 | ---- | M] () -- C:\Users\Hannes\Desktop\darkangel.bmp
[2012.09.26 21:21:29 | 004,596,611 | ---- | M] () -- C:\Users\Hannes\Desktop\O Holy Night.mp3
[2012.09.26 18:14:00 | 000,072,320 | ---- | M] () -- C:\Users\Hannes\Desktop\screen.jpg
[2012.09.24 15:51:26 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2012.09.21 03:45:50 | 000,061,792 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012.09.16 21:13:24 | 000,161,389 | ---- | M] () -- C:\Users\Hannes\Desktop\IMG_0735.JPG
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012.10.15 18:41:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.15 13:29:30 | 006,170,946 | ---- | C] () -- C:\PPFScan.zip
[2012.10.15 10:47:40 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.10.15 03:58:59 | 000,006,904 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2012.10.15 01:46:58 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\56F0.exe
[2012.10.15 01:39:47 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\C3B6.exe
[2012.10.15 00:56:33 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\2E9E.exe
[2012.10.15 00:47:33 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.10.15 00:34:26 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\EFC9.exe
[2012.10.15 00:16:11 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\3790.exe
[2012.10.14 23:54:15 | 000,076,288 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\2602.exe
[2012.10.14 22:38:02 | 000,091,136 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\5EAC.exe
[2012.10.14 22:20:15 | 000,091,136 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\1452.exe
[2012.10.14 22:02:57 | 000,091,136 | ---- | C] () -- C:\Users\Hannes\AppData\Roaming\3FD4.exe
[2012.10.12 21:32:02 | 003,255,641 | ---- | C] () -- C:\Users\Hannes\Desktop\Linkin Park - Castle of Glass.mp3
[2012.10.05 16:50:32 | 000,054,039 | ---- | C] () -- C:\Users\Hannes\.recently-used.xbel
[2012.10.01 21:56:53 | 000,015,477 | ---- | C] () -- C:\Users\Hannes\Desktop\relativ.odt
[2012.09.29 17:17:28 | 000,283,745 | ---- | C] () -- C:\Users\Hannes\Desktop\screen_aragon.jpg
[2012.09.26 23:50:39 | 003,257,187 | ---- | C] () -- C:\Users\Hannes\Desktop\Filterfunk - S.O.S. (Message in a bottle).mp3
[2012.09.26 22:14:17 | 000,949,574 | ---- | C] () -- C:\Users\Hannes\Desktop\darkangel.bmp
[2012.09.26 21:21:24 | 004,596,611 | ---- | C] () -- C:\Users\Hannes\Desktop\O Holy Night.mp3
[2012.09.26 18:14:00 | 000,072,320 | ---- | C] () -- C:\Users\Hannes\Desktop\screen.jpg
[2012.09.24 15:51:26 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.16 22:30:39 | 000,161,389 | ---- | C] () -- C:\Users\Hannes\Desktop\IMG_0735.JPG
[2012.01.01 18:36:16 | 000,001,352 | ---- | C] () -- C:\ProgramData\CfSB1090.ini
[2012.01.01 18:36:16 | 000,001,352 | ---- | C] () -- C:\ProgramData\CfSB0910.ini
[2012.01.01 18:36:16 | 000,001,302 | ---- | C] () -- C:\ProgramData\CfSB0300.ini
[2012.01.01 18:36:16 | 000,001,282 | ---- | C] () -- C:\ProgramData\CfSB0471.ini
[2012.01.01 18:36:16 | 000,001,208 | ---- | C] () -- C:\ProgramData\CfSB0490.ini
[2012.01.01 18:36:16 | 000,001,027 | ---- | C] () -- C:\ProgramData\CfSB0560.ini
[2012.01.01 18:36:16 | 000,001,026 | ---- | C] () -- C:\ProgramData\CfSB0271.ini
[2012.01.01 18:36:16 | 000,001,026 | ---- | C] () -- C:\ProgramData\CfSB0270.ini
[2011.12.28 21:58:49 | 000,001,320 | ---- | C] () -- C:\Users\Hannes\.xmlcopyeditor
[2011.12.26 11:57:01 | 001,557,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.25 23:18:29 | 000,000,023 | ---- | C] () -- C:\Windows\AIM_LANGUAGE.INI
[2011.12.25 23:18:26 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\glut32.dll
[2011.08.01 22:10:25 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011.08.01 22:10:21 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2011.08.01 22:10:21 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2011.08.01 22:05:52 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.05.31 05:23:33 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.05.31 05:23:31 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.05.31 05:23:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.02.11 23:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.06.16 13:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:FB1B13D8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F

< End of report >


OTL
Extras.txt



HTML-Code:
OTL Extras logfile created on: 15.10.2012 20:54:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,74% Memory free
7,83 Gb Paging File | 5,28 Gb Available in Paging File | 67,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 20,60 Gb Free Space | 17,28% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 146,75 Gb Free Space | 95,38% Space Free | Partition Type: NTFS
Drive H: | 298,05 Gb Total Space | 82,68 Gb Free Space | 27,74% Space Free | Partition Type: FAT32
 
Computer Name: KIELBASSA | User Name: Hannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E5E742-D00B-4259-8E89-9BF482C8DBF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0B7BFF64-3321-43B1-8BFE-E949F463E639}" = lport=80 | protocol=6 | dir=in | name=portzilla | 
"{27A70AA2-AE8D-424D-BB32-59B75D7AA743}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4B8414AB-EF87-4E87-B3E2-4E81A555F27A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{62D68600-1566-4841-AE9D-CDCD79264BF1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{68E3C505-DBD8-4ABD-BD9B-307B67CDDA17}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{7C3206FD-EF3A-4F20-B19E-D1C7B2D38422}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{96E50826-5763-4F7C-9C3F-9EEAA7880D91}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{A73D21E0-2A37-468B-97E6-CCE261297780}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C86F11C7-45B8-4DDB-978E-2E5F4FF477D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C91B9424-3A89-4E46-8581-56AF7087F375}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CC69F13F-4366-4DA8-9385-A4FBF1D54E83}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FEDD84E8-E22C-4819-BB18-0EA1EBC1377D}" = rport=80 | protocol=6 | dir=out | name=portzilla | 
"{FF2CAC67-8E03-4636-B952-2BFF2F07BCF3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B0C917-8D07-47E5-BC8D-379C4DCFD5BE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0613819D-12FE-4E9C-9471-40185B98059F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{0ABE4624-AD5B-4249-A542-5CA3926E309B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{1433ADA2-5900-4529-A8B8-BDABA9FF56B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{19831690-6C12-470D-AF79-DF09F5938958}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1A711653-AE56-4781-9B0F-E08B09ABD42E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1AAB0ED7-75FF-46BB-B86A-BF16DF392D3D}" = protocol=6 | dir=out | app=system | 
"{1F613550-42D9-4B65-A07C-86440D1333AF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{1FF77936-77CF-42A2-BF97-CA738C5D7FEB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{2849F3ED-C5B4-414D-903D-F9833D2BAB9B}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\motogp 08\launcher.exe | 
"{3029D8D4-16CD-4D65-B89D-2B6D12C2C0F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3085D343-B749-47AC-BC41-EC81513C65C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3980DD5D-579A-47BD-9E26-4E303859C4BA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{3FBFE550-A11C-46E4-A1C8-6B23A5EB565E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{5841D293-622C-461D-B4B5-B089FA18A0DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\freier91\counter-strike\hl.exe | 
"{5A2874A7-F5F3-4133-B2F0-6F09012AF484}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{626A9366-99C4-4370-9970-6004C527F266}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7042B5DD-FCF7-4731-A77C-61CFC6C8FD0F}" = dir=out | app=%programfiles% (x86)\filezilla ftp client\filezilla.exe | 
"{724A9711-6C51-4A1C-A358-92A73BF57A76}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{724C1C73-245D-4F1B-B19C-86FCBA4A2BFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{758728D5-C5CD-464C-B66D-E7740F502283}" = protocol=6 | dir=in | app=c:\users\hannes\appdata\roaming\dropbox\bin\dropbox.exe | 
"{788C5CAA-B865-4D8E-8B54-E45787B909CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7BE2B377-5C9D-4F36-BF1C-7E9F4BB51134}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{97449A8C-7EC4-44BF-9F56-1D0071CE1DA5}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\motogp 08\launcher.exe | 
"{ABC2B705-8F11-416A-A629-E121D1C2E909}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{B3056D4E-492B-430D-B0E6-28F298D46CF0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{B4A98FA2-DE77-4A70-B880-28A2E56D6AB8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B7B9CD1C-619B-412D-BB9A-40C428342C77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BCB306BF-A1E6-46C9-BF12-74E490AF5FCE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{BFAEA048-8DC6-4306-A8E5-9A2698B02DF3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C78E86E7-C625-4D69-95AD-6ECDEF8E2AEB}" = protocol=17 | dir=in | app=c:\users\hannes\appdata\roaming\dropbox\bin\dropbox.exe | 
"{D1C61C95-F41C-4F17-B1D5-8D3AEBEF1E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{D1FA73CF-28C2-446C-9260-9F7D61D61203}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{DBF68FFD-AA31-4319-AA59-DACF981C8B4F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DEC855E7-8328-4E89-86C0-8951C38CAE00}" = dir=in | app=%programfiles% (x86)\filezilla ftp client\filezilla.exe | 
"{E1961299-8F53-46B7-AFDD-AA09357440A5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{E44ED274-BEB0-4DDF-BFAB-D13C0AB11737}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E79E9A00-4AB7-4604-867A-BB1F26BB0129}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{FA66990D-F63D-4A36-9F07-D958E0541714}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"TCP Query User{420D6895-171E-474D-B920-453B7FAB1A02}C:\users\hannes\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\hannes\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{57068E5D-248C-4A5F-9E03-77C1133D7E47}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"TCP Query User{C21A39D4-FCBD-4FCA-AC24-30017B62E2C2}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe | 
"TCP Query User{C68E6C17-D94E-45E0-9D36-20810F50298C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{103709F8-69C3-4171-BE49-536D3AA992C4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{4FE2528B-EB7E-4F70-835F-CDD1CA63AF76}C:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight simulator x\fsx.exe | 
"UDP Query User{A9AC11CC-1A01-4E09-BF78-63461976A65B}C:\users\hannes\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\hannes\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{B8460581-260A-4A16-B6F8-2E9BC8F37C5A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{2C43E67B-0CDC-48BE-A374-23BEB0E48A72}" = AVG 2013
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{92C0E71C-5917-4FF2-9A5E-8BB0E85E0625}" = AVG 2013
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"AVG" = AVG 2013
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{494420A9-5F25-457B-9BBF-228E6A73B94B}" = MAGIX Speed burnR (MSI)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D606567-5047-451A-B49E-29FCB6012B4E}" = Microsoft Flight Simulator X: Acceleration
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C09EDA0B-0F8A-4F02-8922-43247E695F0F}" = RACE STUDIO 2
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1345EF1-9655-47C0-BB35-6DC2BD0A2826}" = Trapcode Particular 32 bit
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAD6325D-55CF-4D30-9DB9-2ADFE02D0777}" = MAGIX Screenshare
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.3.5
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_K3 Series_ENG_Basic" = AsusScr_K3 Series_ENG_Basic
"Audacity_is1" = Audacity 2.0
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"FileZilla Client" = FileZilla Client 3.5.3
"FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Microsoft Flight Simulator X: Acceleration
"FormatFactory" = FormatFactory 2.90
"Free Audio Converter_is1" = Free Audio Converter version 5.0.4.1228
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{D1345EF1-9655-47C0-BB35-6DC2BD0A2826}" = Trapcode Particular 32 bit
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"IrfanView" = IrfanView (remove only)
"Jewel Quest 3" = Jewel Quest 3
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Pamela" = Pamela Pro 4.8
"Plants vs Zombies" = Plants vs Zombies
"PSPad editor_is1" = PSPad editor
"RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Flight Simulator X
"SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}" = Flight Simulator X Service Pack 1
"Steam App 10" = Counter-Strike
"Steam App 220" = Half-Life 2
"Telekom Internet Manager" = Telekom Internet Manager
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 2.0.2
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"World of Goo" = World of Goo
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 29.05.2012 16:02:13 | Computer Name = Kielbassa | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 29.05.2012 16:02:53 | Computer Name = Kielbassa | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 29.05.2012 16:04:32 | Computer Name = Kielbassa | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 29.05.2012 16:12:43 | Computer Name = Kielbassa | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.05.2012 03:32:49 | Computer Name = Kielbassa | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.05.2012 03:34:06 | Computer Name = Kielbassa | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 30.05.2012 03:35:12 | Computer Name = Kielbassa | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.05.2012 03:43:10 | Computer Name = Kielbassa | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 30.05.2012 23:48:40 | Computer Name = Kielbassa | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
Error - 30.05.2012 23:49:16 | Computer Name = Kielbassa | Source = MsiInstaller | ID = 10005
Description = 
 
[ System Events ]
Error - 20.04.2012 06:38:35 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 20.04.2012 08:30:57 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 20.04.2012 08:42:30 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 20.04.2012 08:55:06 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 20.04.2012 08:56:48 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 20.04.2012 09:00:15 | Computer Name = Kielbassa | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 07.05.2012 14:03:01 | Computer Name = Kielbassa | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 07.05.2012 14:03:01 | Computer Name = Kielbassa | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 15.05.2012 17:05:19 | Computer Name = Kielbassa | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 30.05.2012 03:37:47 | Computer Name = Kielbassa | Source = Tcpip | ID = 4199
Description = Das System hat einen Adressenkonflikt der IP-Adresse 109.42.32.26 
mit dem Computer mit der  Netzwerkhardwareadresse 02-50-F3-00-00-00 ermittelt. Netzwerkvorgänge
 könnten daher auf diesem  System unterbrochen werden.
 
 
< End of report >

Alt 15.10.2012, 20:46   #2
Damien91
 
"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. - Standard

"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. Anleitung / Hilfe




CCleaner
install.txt


HTML-Code:
7-Zip 9.20		29.03.2012		
Adobe After Effects CS4	Adobe Systems Incorporated	15.01.2012	1,09GB	9
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	08.10.2012	6,00MB	11.4.402.287
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	09.10.2012	6,00MB	11.4.402.287
Alcor Micro USB Card Reader	Alcor Micro Corp.	01.08.2011	2,89MB	1.8.17.26026
Any DVD Converter Professional 4.3.5	Any-DVD-Converter.com	13.03.2012	102MB	
Apple Application Support	Apple Inc.	24.09.2012	64,5MB	2.2.2
Apple Mobile Device Support	Apple Inc.	24.09.2012	23,7MB	6.0.0.59
Apple Software Update	Apple Inc.	24.01.2012	2,38MB	2.1.3.127
ASUS AI Recovery	ASUS	01.08.2011	6,95MB	1.0.13
ASUS FancyStart	ASUSTeK Computer Inc.	26.12.2011	12,0MB	1.1.0
ASUS LifeFrame3	ASUS	26.12.2011	30,2MB	3.0.21
ASUS Live Update	ASUS	01.08.2011		2.5.9
ASUS Power4Gear Hybrid	ASUS	01.08.2011	13,2MB	1.1.43
ASUS SmartLogon	ASUS	26.12.2011	11,1MB	1.0.0011
ASUS Splendid Video Enhancement Technology	ASUS	14.01.2012	24,4MB	1.02.0031
ASUS Virtual Camera	asus	26.12.2011	3,13MB	1.0.21
ASUS WebStorage	eCareme Technologies, Inc.	01.08.2011		3.0.84.161
AsusScr_K3 Series_ENG_Basic	ASUS	01.08.2011	58,6MB	1.0.0001
AsusVibe2.0	ASUSTEK	01.08.2011		2.0.4.617
ATK Package	ASUS	01.08.2011	12,0MB	1.0.0008
Audacity 2.0	Audacity Team	18.03.2012	42,1MB	
AVG 2013	AVG Technologies	15.10.2012		2013.0.2740
Bonjour	Apple Inc.	24.01.2012	2,00MB	3.0.0.10
Bookworm Deluxe	Oberon Media Inc.	01.08.2011		
CCleaner	Piriform	24.09.2012		3.23
Cisco EAP-FAST Module	Cisco Systems, Inc.	01.08.2011	1,55MB	2.2.14
Cisco LEAP Module	Cisco Systems, Inc.	01.08.2011	644KB	1.0.19
Cisco PEAP Module	Cisco Systems, Inc.	01.08.2011	1,23MB	1.1.6
Control ActiveX de Windows Live Mesh para conexiones remotas	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
Controlo ActiveX do Windows Live Mesh para Ligações Remotas	Microsoft Corporation	12.04.2011	5,38MB	15.4.5722.2
Contrôle ActiveX Windows Live Mesh pour connexions à distance	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
Cooking Dash	Oberon Media Inc.	01.08.2011		
Counter-Strike	Valve	22.02.2012		
Counter-Strike 1.6		22.02.2012		1.00.0000
CyberLink LabelPrint	CyberLink Corp.	01.08.2011	137MB	2.5.1908
CyberLink Power2Go	CyberLink Corp.	01.08.2011	110MB	6.1.3602c
Dropbox	Dropbox, Inc.	13.06.2012		1.4.7
ETDWare PS/2-X64 8.0.5.0_WHQL	ELAN Microelectronic Corp.	01.08.2011		8.0.5.0
Fast Boot	ASUS	01.08.2011	1,46MB	1.0.8
FileZilla Client 3.5.3	FileZilla Project	14.01.2012	16,3MB	3.5.3
Firebird SQL Server - MAGIX Edition	MAGIX AG	15.08.2012	10,1MB	2.1.27.0
FormatFactory 2.90	Free Time	06.04.2012		2.90
Free Audio Converter version 5.0.4.1228	DVDVideoSoft Ltd.	19.02.2012	57,3MB	
Freemake Video Downloader	Ellora Assets Corporation	31.12.2011	32,4MB	3.0.0
GIMP 2.6.11	The GIMP Team	27.12.2011	107MB	2.6.11
Google Toolbar for Internet Explorer	Google Inc.	01.08.2011		
Governor of Poker	Oberon Media Inc.	01.08.2011		
Half-Life 2	Valve	26.12.2011		
Hotel Dash Suite Success	Oberon Media Inc.	01.08.2011		
Intel(R) Control Center	Intel Corporation	01.08.2011		1.2.1.1007
Intel(R) Management Engine Components	Intel Corporation	01.08.2011		7.0.0.1118
Intel(R) Processor Graphics	Intel Corporation	01.08.2011		8.15.10.2291
IrfanView (remove only)	Irfan Skiljan	30.01.2012	1,50MB	4.32
iTunes	Apple Inc.	24.09.2012	182MB	10.7.0.21
Java(TM) 6 Update 35	Oracle	05.09.2012	95,7MB	6.0.350
Jewel Quest 3	Oberon Media Inc.	01.08.2011		
Luxor 3	Oberon Media Inc.	01.08.2011		
MAGIX Screenshare	MAGIX AG	15.08.2012	1,43MB	4.3.6.1987
MAGIX Speed burnR (MSI)	MAGIX AG	15.08.2012	53,0MB	7.0.2.6
Mahjongg dimensions	Oberon Media Inc.	01.08.2011		
Malwarebytes Anti-Malware Version 1.65.0.1400	Malwarebytes Corporation	15.10.2012	19,3MB	1.65.0.1400
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	28.12.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	28.12.2011	2,93MB	4.0.30319
Microsoft Flight Simulator X: Acceleration	Microsoft Game Studios	05.01.2012		10.0.61637.0
Microsoft Office 2010	Microsoft Corporation	12.04.2011	6,31MB	14.0.4763.1000
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	26.12.2011		14.0.4763.1000
Microsoft Office Professional Plus 2010	Microsoft Corporation	29.12.2011		14.0.6029.1000
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	26.12.2011		14.0.4763.1000
Microsoft Silverlight	Microsoft Corporation	15.05.2012	80,3MB	4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	12.04.2011	1,69MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	25.01.2012	250KB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	27.12.2011	300KB	8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	27.12.2011	572KB	8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	27.05.2012	596KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	28.05.2012	600KB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	15.10.2012	11,1MB	10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU	Microsoft Corporation	17.01.2012	211MB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU	Microsoft Corporation	16.01.2012	95,7MB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime	Microsoft Corporation	16.01.2012	152KB	9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU	Microsoft Corporation	16.01.2012	226KB	9.0.30729
MotoGP 08	Capcom	28.12.2011		1.00.0000
Mozilla Firefox 15.0 (x86 de)	Mozilla	30.08.2012	38,4MB	15.0
Mozilla Firefox 15.0.1 (x86 de)	Mozilla	11.09.2012	38,4MB	15.0.1
Mozilla Maintenance Service	Mozilla	11.09.2012	327KB	15.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	06.01.2012	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	06.01.2012	1,34MB	4.20.9876.0
MSXML 4.0 SP2 Parser und SDK	Microsoft Corporation	04.01.2012	1,23MB	4.20.9818.0
Native Instruments Controller Editor		25.09.2012		
Native Instruments Controller Editor	Native Instruments	25.09.2012		
Native Instruments Service Center		25.09.2012		
Native Instruments Service Center	Native Instruments	25.09.2012		
Native Instruments Traktor 2		25.09.2012		
Native Instruments Traktor 2	Native Instruments	25.09.2012		
Nuance PDF Reader	Nuance Communications, Inc.	12.04.2011	47,8MB	6.00.0041
Pamela Pro 4.8	Scendix Software-Vertriebsges. mbH	27.02.2012		4.8
PDFCreator	Frank Heindörfer, Philip Chinery	23.02.2012		1.2.3
Plants vs Zombies	Oberon Media Inc.	01.08.2011		
PSPad editor	Jan Fiala	16.01.2012	13,7MB	
RACE STUDIO 2	AIM	25.12.2011		2.38.11 BETA
Ralink RT2860 Wireless LAN Card	Ralink	01.08.2011		1.5.9.0
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	01.08.2011		6.0.1.6324
Skype™ 5.10	Skype Technologies S.A.	15.10.2012	19,4MB	5.10.116
Steam	Valve	26.12.2011	10,6MB	1.0.0.0
syncables desktop SE	syncables	12.04.2011	163MB	5.5.746.11492
TeamSpeak 3 Client	TeamSpeak Systems GmbH	05.09.2012		3.0.8.1
Telekom Internet Manager	Huawei Technologies Co.,Ltd	08.01.2012		11.301.05.05.748
Trapcode Particular 32 bit	Red Giant Software	02.02.2012	18,2MB	2.1.1
Trend Micro Titanium Internet Security	Trend Micro Inc.	12.04.2011	210MB	3.0
Virtual DJ - Atomix Productions		11.01.2012		
Visual Studio 2010 x64 Redistributables	AVG Technologies	15.10.2012	12,4MB	13.0.0.1
VLC media player 2.0.2	VideoLAN	19.07.2012		2.0.2
Vodafone Mobile Connect Lite	Vodafone	06.06.2012	19,1MB	9.4.3.17550
Windows Live Essentials	Microsoft Corporation	12.04.2011		15.4.3508.1109
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
Windows Live Mesh ActiveX Control for Remote Connections	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	12.04.2011	5,38MB	15.4.5722.2
WinFlash	ASUS	26.12.2011	856KB	2.31.1
WinPcap 4.1.2	CACE Technologies	31.12.2011		4.1.0.2001
WinRAR		26.12.2011		
Wireless Console 3	ASUS	01.08.2011	2,44MB	3.0.19
World of Goo	Oberon Media Inc.	01.08.2011		
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις	Microsoft Corporation	12.04.2011	5,38MB	15.4.5722.2
Элемент управления Windows Live Mesh ActiveX для удаленных подключений	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة	Microsoft Corporation	12.04.2011	5,37MB	15.4.5722.2
適用遠端連線的 Windows Live Mesh ActiveX 控制項	Microsoft Corporation	12.04.2011	5,56MB	15.4.5722.2

Über Eure Hilfe würde ich mich sehr freuen
Ich bin sehr unglücklich darüber, und mit Sicherheit war mit das ne Lehre *grummel*

Vielen Dank vorab, und sorry für die Arbeit (schlechtes Gewissen)
Liebe Grüße,
Hannes
__________________


Alt 15.10.2012, 20:56   #3
cad
/// caddy ☀
 

"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. - Standard

"H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. Details



Hallo Damien91 und

wenn du deinen PC auf Malware untersuchen lassen möchtest, befindest du dich leider im falschen Unterforum.

Bitte lies folgende verlinkte Anleitung vollständig durch => Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
und erstelle anschließend dort => Plagegeister aller Art und deren Bekämpfung ein neues Thema.

P.S. Bitte die Logfiles als Anhang posten und nicht nochmal antworten.
Threads mit Antworten werden als bereits in Arbeit angesehen und eventuell übersehen.

Gruß cad
__________________
__________________

Antwort

Themen zu "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.
7-zip, adobe after effects, akamai, audacity, avg, bho, bonjour, defender, document, entfernen, fehler, festplatte, firefox, flash player, format, home, install.exe, jdownloader, logfile, microsoft office starter 2010, mozilla, msiinstaller, port, problem, realtek, registry, rundll, scan, software, svchost.exe, t-mobile, teamspeak, third party, trojan.ransom.anc, udp, visual studio, wurm



Ähnliche Themen: "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.


  1. "bat=exe konnte nicht gefunden werden" nach Start - Windows Vista
    Log-Analyse und Auswertung - 26.12.2014 (14)
  2. "\RECYCLER\e621ca505.exe konnte nicht gefunden werden" auf ext. Festplatte
    Log-Analyse und Auswertung - 26.12.2013 (15)
  3. "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden.
    Plagegeister aller Art und deren Bekämpfung - 06.11.2012 (63)
  4. "F:\RECYCLER\e621ca05.exe" kann nicht gefunden werden.
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (22)
  5. ,,Recycler/e621ca05.exe könnte nicht gefunden werden" auf externe Festplatte
    Alles rund um Windows - 19.10.2012 (1)
  6. Meldung nach dem Hochfahren meines Rechners "deo0_sar.exe konnte nicht gefunden werden"
    Log-Analyse und Auswertung - 27.09.2012 (4)
  7. "Bundespolizei"-Trojaner: 0_0u_l.exe - Das angegebene Modul konnte nicht gefunden werden
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (7)
  8. Systemsteuerung: "(null)" konnte nicht gefunden werden.
    Log-Analyse und Auswertung - 24.04.2012 (7)
  9. Fenster mit "Das Profil konnte nicht gefunden werden" bei jedem Start Virus? Trojaner?
    Log-Analyse und Auswertung - 31.01.2012 (0)
  10. Nach BKA-Trojaner bei jedem Start ein Fenster mit "Das Profil konnte nicht gefunden werden."
    Log-Analyse und Auswertung - 25.08.2011 (19)
  11. "Das Profil konnte nicht gefunden werden" - Meldung bei Systemstart
    Log-Analyse und Auswertung - 21.08.2011 (2)
  12. RECYCLER\S-***.com" konnte auch nicht gefunden werden.
    Log-Analyse und Auswertung - 08.07.2009 (15)
  13. Zugriff auf Laufwerke wird verweigert: "Recycler/... konnte nicht gefunden werden."
    Plagegeister aller Art und deren Bekämpfung - 19.05.2009 (3)
  14. "RECYCLER konnte nicht gefunden werde" - kann nicht auf C: zugreifen
    Plagegeister aller Art und deren Bekämpfung - 16.03.2009 (10)
  15. Vista meldet bei fast allen exe-Dateien: "*.exe konnte nicht gefunden werden"
    Plagegeister aller Art und deren Bekämpfung - 13.01.2009 (1)
  16. Fehlermeldungen "Url" konnte nicht gefunden werden....
    Log-Analyse und Auswertung - 12.03.2008 (0)
  17. "msconfig" konnte nicht gefunden werden
    Alles rund um Windows - 05.06.2005 (3)

Zum Thema "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. - Hallo liebe Forengemeinde, Ich habe gestern offenbar mehrere dumme fatale Fehler gemacht. Ich liste die Geschehnisse zuerst einmal hier auf: 1. eine uminöse Skype Nachricht erreichte mich gestern von einem - "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden....
Archiv
Du betrachtest: "H:\RECYCLER\e621ca05.exe" konnte nicht gefunden werden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.