Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.10.2012, 16:16   #1
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Hallo an das Trojaner-Board,
erstmal vielen Dank, dass es diese Hilfeseite gibt. Nun zu unserem Problem:
Auf dem Laptop unseres Sohnes tauchte der GVU Trojaner, wie im Trojaner Board bereits beschrieben auf und überdeckte den Desktop mit dem Hinweis, dass 100 € Strafe wegen Nichteinhaltung der GVU-Regeln zu zahlen sind usw.
Daraufhin haben wir zuerst den Virenscanner (Avira Free Antivirus) laufen lassen, einige Funde in die Quarantäne und von dort gelöscht. Danach haben wir am Trojaner Board nachgelesen und folgendes durchgeführt:

Malwarebytes heruntergeladen und in nicht aktualisierter Form scannen lassen, dies aber vorzeitig abgebrochen, da wir inzwischen herausgefunden hatten, wie man offline aktualisieren kann. Die aktuelle Datei rules.ref haben wir in C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref auf dem Laptop eingefügt. Beim Starten von Malwarebytes erscheint nun eine Fehlermeldung, dass die Datenbank nicht gefunden wird oder beschädigt ist. Über den Explorer konnten wir sehen, dass beim Starten von Malwarebytes die Datei rules.ref gelöscht wird.

Da wir nun nicht mehr weiter wissen, wenden wir uns mit der Bitte um Hilfe an Sie. Wir haben die Anleitung für Hilfesuchende genauestens befolgt (defogger und otl, gmer nicht notwendig) und senden hier nun die OTL.txt und Extra.txt Dateien:
Vielen Dank für die Hilfe!

OTL logfile created on: 10/25/2012 4:13:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7.91 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.65% Memory free
15.83 Gb Paging File | 13.78 Gb Available in Paging File | 87.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 102.88 Gb Free Space | 44.73% Space Free | Partition Type: NTFS
Drive D: | 342.41 Gb Total Space | 342.31 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 491.23 Mb Total Space | 445.65 Mb Free Space | 90.72% Space Free | Partition Type: FAT

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 21:11:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012/10/18 14:40:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
PRC - [2012/10/05 13:44:46 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/08/29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/08/23 15:40:04 | 000,188,760 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012/08/22 16:39:31 | 000,307,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/08/10 15:14:45 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/08/04 14:38:41 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/09 19:44:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 19:44:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/08/23 22:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/05/05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/05/05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/05/04 23:01:52 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/02/25 03:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/07 11:55:24 | 001,757,264 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2011/01/12 00:42:50 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2011/01/11 08:31:34 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2011/01/04 15:06:42 | 007,060,560 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
PRC - [2010/12/23 08:07:58 | 000,945,232 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/11/29 07:42:38 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
PRC - [2010/11/17 10:24:54 | 004,387,632 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2010/11/10 02:03:52 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010/09/20 05:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2009/11/02 07:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/10/13 13:34:42 | 001,024,000 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/05 13:44:46 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/10/05 13:44:46 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/10/05 13:44:46 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012/10/05 13:44:46 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/10/05 13:44:46 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/08/23 15:40:04 | 000,167,256 | ---- | M] () -- C:\Program Files\Web Assistant\Extension32.dll
MOD - [2011/05/04 23:01:50 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010/10/25 14:44:50 | 001,973,760 | ---- | M] () -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
MOD - [2010/07/05 12:42:58 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
MOD - [2010/05/07 16:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/11/02 07:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 07:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/10/13 13:34:50 | 002,052,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\MDataStore.dll
MOD - [2008/10/13 13:34:46 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\MItems.dll
MOD - [2008/10/13 13:34:46 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\MEvent.dll
MOD - [2008/10/13 13:34:44 | 001,269,760 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\MThumbnailService.dll
MOD - [2008/10/13 13:34:42 | 002,326,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\MItemPlugins.dll
MOD - [2008/10/13 13:34:42 | 001,024,000 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
MOD - [2008/07/17 12:42:44 | 000,362,029 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\sqlite3.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/13 15:26:50 | 001,259,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (WebOptimizer)
SRV:64bit: - [2012/08/23 15:40:04 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2010/10/08 03:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 11:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 21:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/10/17 22:29:36 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/05 13:44:46 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 19:44:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 19:44:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/05/05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/05/04 23:01:52 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/01 14:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 03:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/09 19:44:13 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/09 19:44:13 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/25 13:41:14 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/12/25 13:41:14 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/12/15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/08/17 09:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/17 09:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/17 09:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/17 09:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/05/04 23:01:52 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/05/01 07:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/22 12:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/17 04:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/13 00:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/10 02:04:14 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/20 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/10/08 03:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/09/13 11:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 08:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011/10/06 11:02:22 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/?gl=DE&hl=de
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{393B4ACC-A025-477C-8763-5124F6FA3ED6}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=5235F1AB-E8A4-4D70-8A9E-25B4F4EFB666&apn_sauid=70F44CA7-3844-43D4-BD3D-3745FFA10980&
IE - HKCU\..\SearchScopes\{589E7158-E3EF-4E74-8A4D-169C47BB72A3}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_deDE489
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyFkIm53w&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb165?a=6OyFkIm53w&i=26"
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.478
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6OyFkIm53w&&i=26&search="


FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/08/29 16:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/08/29 16:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/03 20:02:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 15:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/03 20:02:43 | 000,000,000 | ---D | M]

[2011/12/15 14:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012/06/18 17:10:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\bg9lxlqz.default\extensions
[2012/06/18 17:10:15 | 000,002,203 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\bg9lxlqz.default\searchplugins\MyStart Search.xml
[2012/04/14 19:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/14 19:08:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/09 21:10:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012/08/29 16:29:19 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2011/11/21 06:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/21 03:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/21 03:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/21 03:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/21 03:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/21 03:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/21 03:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.com/
CHR - homepage: hxxp://www.google.com/
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Montiera Chrome Toolbar = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\
CHR - Extension: Google-Suche = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: Word CaptureX Extension = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\
CHR - Extension: Google Mail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (FileConverter 1.3 Toolbar) - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDC0CBAE-8184-44F0-AB01-62CCC661AA3C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E02088E9-47F0-4D18-918A-941C271634D4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/25 16:08:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/10/21 17:07:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012/10/21 17:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/21 17:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/21 17:07:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/10/21 17:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/19 10:23:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5059D127-F6D6-4D9C-A278-1EA2FD867C92}
[2012/10/18 14:40:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012/10/17 12:49:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\HP
[2012/10/03 16:14:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2499EEDF-AD41-491D-8153-7772425CBBDD}
[2012/09/25 17:50:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/09/25 17:50:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Conduit

========== Files - Modified Within 30 Days ==========

[2012/10/25 16:11:59 | 000,000,000 | ---- | M] () -- C:\Users\User\defogger_reenable
[2012/10/25 16:09:55 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/25 16:09:55 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/25 16:02:32 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/25 16:02:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/10/25 16:01:55 | 4202,893,311 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/24 21:30:05 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/10/24 20:42:31 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/22 21:12:36 | 000,302,592 | ---- | M] () -- C:\Users\User\Desktop\q45mwet3.exe
[2012/10/22 21:11:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/10/22 21:11:20 | 000,050,477 | ---- | M] () -- C:\Users\User\Desktop\Defogger.exe
[2012/10/21 17:07:21 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/10/21 15:21:26 | 001,527,504 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/10/21 15:21:26 | 000,664,634 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/10/21 15:21:26 | 000,624,776 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/10/21 15:21:26 | 000,134,770 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/10/21 15:21:26 | 000,110,414 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/10/21 14:59:44 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/10/18 14:40:46 | 000,000,818 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/10/13 18:26:35 | 000,006,656 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/13 18:22:54 | 000,000,807 | ---- | M] () -- C:\Users\User\Desktop\Neuer Ordner (2) - Verknüpfung.lnk
[2012/10/13 18:07:09 | 000,548,910 | ---- | M] () -- C:\Users\User\Desktop\leben_mit_diabetes.zip
[2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/10/25 16:11:59 | 000,000,000 | ---- | C] () -- C:\Users\User\defogger_reenable
[2012/10/25 16:08:35 | 000,302,592 | ---- | C] () -- C:\Users\User\Desktop\q45mwet3.exe
[2012/10/25 16:08:35 | 000,050,477 | ---- | C] () -- C:\Users\User\Desktop\Defogger.exe
[2012/10/21 17:07:21 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/10/18 14:40:46 | 000,000,818 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/10/18 14:40:43 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/10/13 18:22:54 | 000,000,807 | ---- | C] () -- C:\Users\User\Desktop\Neuer Ordner (2) - Verknüpfung.lnk
[2012/10/13 18:07:09 | 000,548,910 | ---- | C] () -- C:\Users\User\Desktop\leben_mit_diabetes.zip
[2012/08/03 19:59:42 | 000,245,445 | ---- | C] () -- C:\windows\hpoins19.dat
[2012/08/03 19:59:42 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2012/08/03 15:02:28 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat
[2012/08/03 15:02:02 | 001,554,122 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/08/03 14:36:04 | 000,006,656 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/02 11:40:32 | 000,004,556 | ---- | C] () -- C:\Users\User\AppData\Local\recently-used.xbel
[2011/12/25 20:27:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/09/19 09:07:46 | 000,015,360 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll
[2011/09/19 09:07:32 | 000,058,368 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll
[2011/09/06 06:52:13 | 000,258,864 | ---- | C] () -- C:\windows\SUPDRun.exe
[2011/09/06 06:48:44 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/09/06 06:48:43 | 000,207,376 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/09/06 06:48:42 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/09/06 03:38:21 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011/09/06 02:55:32 | 000,000,918 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/09/06 02:55:13 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/21 17:06:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/07/11 12:37:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.Nitrous
[2012/06/18 17:10:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BANDISOFT
[2012/01/07 19:15:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DisneyInteractiveStudios
[2012/01/10 16:10:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DynaGeo
[2012/07/12 20:19:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Etuhz
[2012/09/03 17:48:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LolClient
[2012/06/23 13:21:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nokia
[2012/05/17 20:09:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2012/06/24 09:06:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nseries
[2012/06/23 13:25:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC Suite
[2011/12/15 14:53:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2012/09/18 19:19:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2012/09/18 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ts3overlay
[2011/12/26 16:07:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ubisoft
[2012/01/21 02:52:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WB Games
[2012/01/07 18:42:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WildTangent
[2012/01/29 20:34:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 10/25/2012 4:13:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7.91 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.65% Memory free
15.83 Gb Paging File | 13.78 Gb Available in Paging File | 87.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 102.88 Gb Free Space | 44.73% Space Free | Partition Type: NTFS
Drive D: | 342.41 Gb Total Space | 342.31 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 491.23 Mb Total Space | 445.65 Mb Free Space | 90.72% Space Free | Partition Type: FAT

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D87D76-28B0-431B-BDA8-E2AF257D5A66}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{28397B5F-5FEB-45D6-84FA-4F1453690B5D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E5A45ABD-5113-431E-8C57-552740BFB33A}" = lport=25565 | protocol=6 | dir=in | name=minecraft server |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01982D6C-C88C-47ED-B6FE-6AA443E4A0FD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{0F960FA6-F77B-4616-88F8-58BCF12590F8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{100BDA2B-A596-4E4B-9ECA-4D0EAD829B70}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{14852E8D-7DA3-4BA4-9BAB-DA0E9ADD003F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{14B560D2-97DE-4A0B-A8A7-60D58983FDCA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{151B8035-5EB1-46B7-876E-8BC990F6CAE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{1CE340C4-FCF6-4A13-82E7-B71BC5E027D6}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{215D042B-85BF-454F-96ED-ACDCE24E2924}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{25AE7993-C844-42D0-BFBF-66D34AD47BCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{2A7B608A-78ED-4059-84DA-E57503162264}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{37A48405-75E7-49EF-BD11-E18EB171680A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{37ED4353-F539-46E6-A858-84FBEC9B158F}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{3AAFF387-ED98-43CC-B564-BC6CFE0B52F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe |
"{3DAC71E0-451B-4B61-B49B-FE4184A3D3E3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{3E890D5B-5E92-4A78-A4E0-5D718AC407AA}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{41FA4011-EE4F-489D-8C47-A33B99E36609}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{42181859-C20A-40EF-871B-6947BD8BD6C3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{45101200-2030-4253-A358-3AF6050B014A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{4B363A06-7047-4C33-8296-E400B5687B0B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4B80EDAE-3DD8-422C-86BF-86EDA2DB3783}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{4E47BA05-D992-4132-924A-42BEFE3B26E6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4EAD87C3-03F9-4798-9E25-425FF36D6915}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{509BFBEB-C568-4AF4-8E88-F78E83590A6A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{54AC6423-B3AA-4154-B9E5-768235DCFE2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{58023D13-61D3-4301-ABE8-D2A25A1FFEAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{592A3D2B-B011-43CB-B937-82D7781EF258}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5B4A6DCC-3ED1-421A-B887-4E600C758AA9}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe |
"{5FAB45DB-0367-4778-852B-389E2C1EFF65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{6ABA91F2-A150-460F-A52D-60EB4E5705AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6ACB8BE2-DAEE-44DB-9241-9F461BB945F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{6D916981-5F0D-43DF-B750-4D3AD4BB7813}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7140D962-BC3C-4E27-B9B8-DE0E3FF8B8E5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{77C44C04-075C-4460-A8D1-1D5D8C58CAD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{7BFDC501-A1ED-480F-B6CD-03E1C4A81A0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{7EE91244-CDE5-4001-BDB4-E78E4DFB5EC8}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{87657EED-BF0A-4E86-A383-9CC035C4325C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8CD8D871-C537-4BCC-9266-E9CAF734E480}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{94CFE4B4-DFDD-48E4-8C6D-3F31CA93781C}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe |
"{982E7334-233D-41B4-B206-7ADDD17B2AAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{A908D698-1221-4686-AE28-79EF0B329189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{A9F6A2AC-7FB6-456B-8184-4AF48D542365}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AAD1ED69-A716-489B-9D90-70625AE5760A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{AC7C4D1F-7BC8-418F-B3AF-CBD5AF028C51}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{B708E468-E30E-4922-A141-E183CAD59A44}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C1CF5CE4-3B7C-43E3-B363-B7F726D4511B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{C3863ED2-D550-4078-99BC-AD8AC9398F54}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C38DA49D-7A3C-410F-B519-6AC1C71EC659}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{C44A2BD7-A7CB-4BE5-A934-DF6DDDE0C920}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C5815388-F5CD-4DA3-B3B6-77DA074FF5DC}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{C8946997-4BF5-4994-8B83-A6F64B312CB6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{C9403DF3-BF0F-4EFF-A9BB-3BB7BC195246}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{D2649D4F-5264-4234-92AF-A8E9F8E7CCD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{D5A8657D-BD22-4AA1-A17F-65481F219DA7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{D5D36A87-FC93-4E3D-ADE5-6E3D7D4D962C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{D79DF1FF-9087-4C21-A7C9-CDAF3D825188}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D936A707-E2D6-44FC-B044-A083142F3CA1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{DB26E373-1B45-44BF-A5C3-32FF6DE57495}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{DB8F5918-EF3E-415B-AAA8-307427C278E0}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe |
"{DBB34EA3-D757-4B75-A307-6BADC06EF25D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{DDF7F7B5-642A-4FFD-8C36-4472D1934670}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{E2ED00B2-C6BE-4FAA-9FDC-F0822B6D0511}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E34AF834-6313-424F-971C-4C514AD37556}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E8AEE564-CC11-4BB7-BDFD-35A37920BF6B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{EA51B200-BFA0-499F-BA1E-9574ACBB46EE}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe |
"{ED377CA8-879C-4707-9A50-4E16263F15E2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{ED495545-6FFD-4DD0-8183-D30B44C646C6}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{ED77D2BD-CF36-4311-8F0B-2E29C1840198}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EFBE05A6-B250-47A5-84F2-C181380595B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{F57CEF27-0FA6-46AF-B104-E292A4DCB938}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{FB673508-C987-4CC1-BB12-6F86CFFA6599}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{FEBB1BFF-C267-4B50-939B-5980AB17E0A4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"TCP Query User{09680D95-4088-41C1-8AF8-221E07F0D926}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{4353F165-1107-4295-A86A-F511BFDF4CCF}C:\users\user\appdata\roaming\etuhz\cecie.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\etuhz\cecie.exe |
"TCP Query User{7BBBC36A-7A73-4843-802D-EF5255A99B51}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{33F4F3CF-7731-476E-A99D-46BDBF5C1D0E}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{4E6F08B1-157A-41B3-9F9D-E30401B049D6}C:\users\user\appdata\roaming\etuhz\cecie.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\etuhz\cecie.exe |
"UDP Query User{FC1AA85D-B28A-4F6F-96B9-0C10C9760709}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.72
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.72
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Elantech" = ETDWare PS/2-X64 8.0.7.2_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GIMP-2_is1" = GIMP 2.8.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
"WNLT" = Web Optimizer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}" = WordCaptureX Pro
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}" = PhoneShare
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4371DBFF-8F97-4A64-A18D-EF8F6EA06A69}" = Nokia Ovi Content Copier
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5C2909FF-1E30-48B3-8820-6F40D3E4A0C7}" = Nokia Ovi Application Installer
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5C5A944F-096E-4ADD-B8E8-887F18BA6228}" = LEGO® Harry Potter™: Die Jahre 5-7
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{61920449-0393-4707-B7DD-E6C0013C8B2C}" = 원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64958DA4-79D3-43FD-AF06-720DAD044F9E}" = LEGO® Pirates of the Caribbean Das Videospiel
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Start
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}" = Movie Color Enhancer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83D2FFB0-E378-49FE-8A53-580CA7B5761F}" = Windows Live Messenger
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8732818E-CA78-4ACB-B077-22311BF4C0E4}" = Easy Network Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF2565F-894C-4F11-8DCB-FBA97CADE10B}" = Nokia Ovi Suite
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A272197C-D2EE-4DF9-8AB0-B05F4CFFDEA0}" = Nokia Ovi System Utilities
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE977FE5-F014-4F1E-83F7-B4FD143B5EEF}" = Nokia Photos
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA76E65F-6679-495A-A8A6-42AD6602ED4C}" = EasyFileShare
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFD0E594-823B-4E2B-B680-720B3C852588}" = BatteryLifeExtender
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"FileConverter_1.3 Toolbar" = FileConverter 1.3 Toolbar
"Game Console - WildGames" = WildTangent ORB Game Console
"Google Chrome" = Google Chrome
"incredibar" = Incredibar Toolbar on IE and Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3010
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3010
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3010
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"ProInst" = Intel PROSet Wireless
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"Steam App 206480" = Dungeons & Dragons Online®
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/26/2012 11:48:46 AM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16450 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 10e8 Startzeit: 01cd9bfe466e0980 Endzeit: 5 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:

Error - 9/26/2012 12:39:02 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 16b8 Startzeit:
01cd9bfee1e31cff Endzeit: 26 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
ac0966d6-07f8-11e2-aae2-e811329f75bb

Error - 9/28/2012 8:37:24 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/29/2012 6:29:25 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/29/2012 10:16:57 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/30/2012 9:12:41 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/30/2012 11:59:27 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/2/2012 9:50:28 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/2/2012 12:15:18 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1450 Startzeit:
01cda0a7cbcedaa5 Endzeit: 33 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:


Error - 10/2/2012 3:32:44 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 4d8 Startzeit:
01cda0cdb84cff57 Endzeit: 37 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:


Error - 10/3/2012 10:01:01 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/2/2012 8:37:14 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 8/2/2012 8:37:19 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 8/2/2012 8:37:24 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 8/2/2012 8:37:29 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 8/2/2012 8:37:35 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 8/2/2012 11:20:23 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/3/2012 8:31:35 AM | Computer Name = User-PC | Source = DCOM | ID = 10010
Description =

Error - 8/8/2012 10:03:23 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/8/2012 12:11:02 PM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/10/2012 9:10:03 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >

Alt 27.10.2012, 22:15   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
:Files
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
C:\ProgramData\lsass.exe
C:\ProgramData\*.pad
C:\Users\User\AppData\Roaming\Etuhz
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________

__________________

Alt 29.10.2012, 19:31   #3
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Hallo,
hier der gewünschte logfile:

All processes killed
========== OTL ==========
C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk moved successfully.
C:\ProgramData\lsass.exe moved successfully.
========== FILES ==========
File\Folder C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File\Folder C:\ProgramData\lsass.exe not found.
C:\ProgramData\dsgsdgdsgdsgw.pad moved successfully.
C:\Users\User\AppData\Roaming\Etuhz folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\User\Desktop\cmd.bat deleted successfully.
C:\Users\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: User
->Temp folder emptied: 3038584218 bytes
->Temporary Internet Files folder emptied: 3381464931 bytes
->Java cache emptied: 472 bytes
->FireFox cache emptied: 70215553 bytes
->Google Chrome cache emptied: 6570034 bytes
->Flash cache emptied: 20639 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 895231165 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 3158490 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7,053.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 10292012_202020

Files\Folders moved on Reboot...
C:\Users\User\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
__________________

Alt 31.10.2012, 15:22   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.10.2012, 16:58   #5
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Hallo Cosinus,
beim Ausführen von aswMBR stellt sich das Problem, dass wir auf dem betroffenen Laptop den Spiegelstrich 2 nicht ausführen können, da von dort kein Internetzugriff möglich ist (GVU Trojaner überdeckt Desktop). Wir haben die Frage zur Aktualisierung mit ja beantwortet und könnten nun scannen. Sollen wir trotzdem scannen?


Alt 31.10.2012, 17:22   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Ist der GVU immer noch aktiv? Ich dachte das wäre nicht mehr der Fall!
__________________
--> GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren

Geändert von cosinus (03.11.2012 um 15:33 Uhr) Grund: OTL weg

Alt 02.11.2012, 13:44   #7
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Ah, ok...
Nein, der GVU Trojaner ist nicht mehr aktiv! Wir hatten nur seit dem Anfang das LAN-Kabel nicht mehr angeschlossen.

Wir haben jetzt in der aktuellen Version gescannt.
Hier ist schon mal die aswMBR.txt:
(Das Log vom TDSS Killer folgt, da wir dies noch nicht geschafft haben)

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-31 20:06:37
-----------------------------
20:06:37.997 OS Version: Windows x64 6.1.7601 Service Pack 1
20:06:37.997 Number of processors: 8 586 0x2A07
20:06:37.997 ComputerName: USER-PC UserName: User
20:06:38.371 Initialize success
20:06:43.550 AVAST engine defs: 12103100
20:06:59.025 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:06:59.025 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3
20:06:59.072 Disk 0 MBR read successfully
20:06:59.072 Disk 0 MBR scan
20:06:59.088 Disk 0 unknown MBR code
20:06:59.103 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:06:59.119 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 235520 MB offset 206848
20:06:59.135 Disk 0 Partition - 00 0F Extended LBA 350626 MB offset 482551808
20:06:59.181 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 24233 MB offset 1200633856
20:06:59.259 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 350625 MB offset 482553856
20:06:59.306 Disk 0 scanning C:\windows\system32\drivers
20:07:08.261 Service scanning
20:07:31.099 Modules scanning
20:07:31.614 Disk 0 trace - called modules:
20:07:31.645 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:07:31.661 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80092ea790]
20:07:31.676 3 CLASSPNP.SYS[fffff880013ce43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007543050]
20:07:31.676 Scan finished successfully
20:10:14.650 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
20:10:14.650 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"

Alt 03.11.2012, 15:30   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Was ist mit TDSS-Killer? Bitte erstmal noch kein neues Log mit OTL machen
Die Logs bitte in CODE-Tags!

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.11.2012, 16:26   #9
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Also, hier das Log vom TDSS-Killer:

Code:
ATTFilter
17:16:47.0359 5676  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:16:47.0571 5676  ============================================================
17:16:47.0571 5676  Current date / time: 2012/11/04 17:16:47.0571
17:16:47.0571 5676  SystemInfo:
17:16:47.0571 5676  
17:16:47.0571 5676  OS Version: 6.1.7601 ServicePack: 1.0
17:16:47.0571 5676  Product type: Workstation
17:16:47.0571 5676  ComputerName: USER-PC
17:16:47.0571 5676  UserName: User
17:16:47.0571 5676  Windows directory: C:\windows
17:16:47.0571 5676  System windows directory: C:\windows
17:16:47.0571 5676  Running under WOW64
17:16:47.0571 5676  Processor architecture: Intel x64
17:16:47.0571 5676  Number of processors: 8
17:16:47.0571 5676  Page size: 0x1000
17:16:47.0571 5676  Boot type: Normal boot
17:16:47.0571 5676  ============================================================
17:16:47.0922 5676  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:16:47.0925 5676  ============================================================
17:16:47.0925 5676  \Device\Harddisk0\DR0:
17:16:47.0925 5676  MBR partitions:
17:16:47.0925 5676  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:16:47.0925 5676  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1CC00000
17:16:47.0946 5676  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CC33000, BlocksNum 0x2ACD0800
17:16:47.0946 5676  ============================================================
17:16:47.0973 5676  C: <-> \Device\Harddisk0\DR0\Partition2
17:16:48.0027 5676  D: <-> \Device\Harddisk0\DR0\Partition3
17:16:48.0027 5676  ============================================================
17:16:48.0027 5676  Initialize success
17:16:48.0027 5676  ============================================================
17:17:53.0054 4824  ============================================================
17:17:53.0054 4824  Scan started
17:17:53.0054 4824  Mode: Manual; SigCheck; TDLFS; 
17:17:53.0054 4824  ============================================================
17:17:53.0288 4824  ================ Scan system memory ========================
17:17:53.0288 4824  System memory - ok
17:17:53.0288 4824  ================ Scan services =============================
17:17:53.0475 4824  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
17:17:53.0568 4824  1394ohci - ok
17:17:53.0600 4824  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
17:17:53.0631 4824  ACPI - ok
17:17:53.0646 4824  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
17:17:53.0709 4824  AcpiPmi - ok
17:17:53.0849 4824  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:17:53.0880 4824  AdobeARMservice - ok
17:17:54.0005 4824  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:17:54.0036 4824  AdobeFlashPlayerUpdateSvc - ok
17:17:54.0099 4824  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
17:17:54.0130 4824  adp94xx - ok
17:17:54.0177 4824  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
17:17:54.0192 4824  adpahci - ok
17:17:54.0224 4824  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
17:17:54.0224 4824  adpu320 - ok
17:17:54.0255 4824  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
17:17:54.0442 4824  AeLookupSvc - ok
17:17:54.0504 4824  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
17:17:54.0567 4824  AFD - ok
17:17:54.0598 4824  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
17:17:54.0614 4824  agp440 - ok
17:17:54.0645 4824  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
17:17:54.0707 4824  ALG - ok
17:17:54.0754 4824  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
17:17:54.0770 4824  aliide - ok
17:17:54.0801 4824  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
17:17:54.0816 4824  amdide - ok
17:17:54.0816 4824  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
17:17:54.0863 4824  AmdK8 - ok
17:17:54.0879 4824  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
17:17:54.0926 4824  AmdPPM - ok
17:17:54.0972 4824  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
17:17:55.0004 4824  amdsata - ok
17:17:55.0050 4824  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
17:17:55.0082 4824  amdsbs - ok
17:17:55.0097 4824  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
17:17:55.0097 4824  amdxata - ok
17:17:55.0175 4824  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:17:55.0206 4824  AntiVirSchedulerService - ok
17:17:55.0284 4824  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:17:55.0300 4824  AntiVirService - ok
17:17:55.0362 4824  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
17:17:55.0534 4824  AppID - ok
17:17:55.0581 4824  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
17:17:55.0643 4824  AppIDSvc - ok
17:17:55.0690 4824  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\windows\System32\appinfo.dll
17:17:55.0721 4824  Appinfo - ok
17:17:55.0752 4824  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
17:17:55.0752 4824  arc - ok
17:17:55.0768 4824  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
17:17:55.0768 4824  arcsas - ok
17:17:55.0846 4824  aspnet_state - ok
17:17:55.0862 4824  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
17:17:55.0955 4824  AsyncMac - ok
17:17:55.0986 4824  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
17:17:56.0002 4824  atapi - ok
17:17:56.0064 4824  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\windows\system32\DRIVERS\atksgt.sys
17:17:56.0080 4824  atksgt - ok
17:17:56.0127 4824  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:17:56.0189 4824  AudioEndpointBuilder - ok
17:17:56.0189 4824  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
17:17:56.0220 4824  AudioSrv - ok
17:17:56.0236 4824  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
17:17:56.0252 4824  avgntflt - ok
17:17:56.0283 4824  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
17:17:56.0298 4824  avipbb - ok
17:17:56.0314 4824  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
17:17:56.0314 4824  avkmgr - ok
17:17:56.0345 4824  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
17:17:56.0408 4824  AxInstSV - ok
17:17:56.0439 4824  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
17:17:56.0486 4824  b06bdrv - ok
17:17:56.0517 4824  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
17:17:56.0564 4824  b57nd60a - ok
17:17:56.0642 4824  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:17:56.0673 4824  BBSvc - ok
17:17:56.0704 4824  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
17:17:56.0766 4824  BDESVC - ok
17:17:56.0798 4824  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
17:17:56.0860 4824  Beep - ok
17:17:56.0907 4824  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
17:17:56.0969 4824  BFE - ok
17:17:56.0985 4824  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
17:17:57.0032 4824  BITS - ok
17:17:57.0063 4824  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
17:17:57.0078 4824  blbdrive - ok
17:17:57.0110 4824  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
17:17:57.0156 4824  bowser - ok
17:17:57.0188 4824  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
17:17:57.0219 4824  BrFiltLo - ok
17:17:57.0219 4824  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
17:17:57.0234 4824  BrFiltUp - ok
17:17:57.0281 4824  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
17:17:57.0328 4824  Browser - ok
17:17:57.0359 4824  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
17:17:57.0422 4824  Brserid - ok
17:17:57.0422 4824  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
17:17:57.0453 4824  BrSerWdm - ok
17:17:57.0468 4824  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
17:17:57.0484 4824  BrUsbMdm - ok
17:17:57.0500 4824  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
17:17:57.0531 4824  BrUsbSer - ok
17:17:57.0578 4824  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
17:17:57.0640 4824  BthEnum - ok
17:17:57.0656 4824  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
17:17:57.0702 4824  BTHMODEM - ok
17:17:57.0734 4824  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
17:17:57.0765 4824  BthPan - ok
17:17:57.0796 4824  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
17:17:57.0858 4824  BTHPORT - ok
17:17:57.0890 4824  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
17:17:57.0952 4824  bthserv - ok
17:17:57.0983 4824  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
17:17:58.0014 4824  BTHUSB - ok
17:17:58.0046 4824  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
17:17:58.0092 4824  cdfs - ok
17:17:58.0124 4824  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
17:17:58.0155 4824  cdrom - ok
17:17:58.0186 4824  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
17:17:58.0264 4824  CertPropSvc - ok
17:17:58.0264 4824  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
17:17:58.0295 4824  circlass - ok
17:17:58.0311 4824  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
17:17:58.0326 4824  CLFS - ok
17:17:58.0358 4824  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:17:58.0373 4824  clr_optimization_v2.0.50727_32 - ok
17:17:58.0451 4824  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:17:58.0467 4824  clr_optimization_v2.0.50727_64 - ok
17:17:58.0576 4824  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:17:58.0607 4824  clr_optimization_v4.0.30319_32 - ok
17:17:58.0654 4824  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:17:58.0670 4824  clr_optimization_v4.0.30319_64 - ok
17:17:58.0716 4824  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\windows\system32\DRIVERS\clwvd.sys
17:17:58.0748 4824  clwvd - ok
17:17:58.0763 4824  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
17:17:58.0810 4824  CmBatt - ok
17:17:58.0841 4824  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
17:17:58.0872 4824  cmdide - ok
17:17:58.0904 4824  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\windows\system32\Drivers\cng.sys
17:17:58.0935 4824  CNG - ok
17:17:58.0950 4824  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
17:17:58.0966 4824  Compbatt - ok
17:17:58.0997 4824  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
17:17:59.0044 4824  CompositeBus - ok
17:17:59.0060 4824  COMSysApp - ok
17:17:59.0075 4824  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
17:17:59.0091 4824  crcdisk - ok
17:17:59.0122 4824  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\windows\system32\cryptsvc.dll
17:17:59.0169 4824  CryptSvc - ok
17:17:59.0200 4824  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
17:17:59.0262 4824  DcomLaunch - ok
17:17:59.0294 4824  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
17:17:59.0325 4824  defragsvc - ok
17:17:59.0372 4824  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
17:17:59.0450 4824  DfsC - ok
17:17:59.0465 4824  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
17:17:59.0512 4824  Dhcp - ok
17:17:59.0528 4824  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
17:17:59.0559 4824  discache - ok
17:17:59.0590 4824  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
17:17:59.0590 4824  Disk - ok
17:17:59.0637 4824  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
17:17:59.0684 4824  Dnscache - ok
17:17:59.0715 4824  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
17:17:59.0762 4824  dot3svc - ok
17:17:59.0808 4824  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
17:17:59.0840 4824  Dot4 - ok
17:17:59.0886 4824  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\windows\system32\DRIVERS\Dot4Prt.sys
17:17:59.0933 4824  Dot4Print - ok
17:17:59.0964 4824  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\windows\system32\DRIVERS\dot4usb.sys
17:17:59.0996 4824  dot4usb - ok
17:18:00.0027 4824  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
17:18:00.0058 4824  DPS - ok
17:18:00.0089 4824  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
17:18:00.0105 4824  drmkaud - ok
17:18:00.0136 4824  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
17:18:00.0152 4824  DXGKrnl - ok
17:18:00.0198 4824  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
17:18:00.0245 4824  EapHost - ok
17:18:00.0339 4824  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
17:18:00.0401 4824  ebdrv - ok
17:18:00.0432 4824  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
17:18:00.0464 4824  EFS - ok
17:18:00.0542 4824  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
17:18:00.0588 4824  ehRecvr - ok
17:18:00.0604 4824  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
17:18:00.0651 4824  ehSched - ok
17:18:00.0682 4824  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
17:18:00.0713 4824  elxstor - ok
17:18:00.0744 4824  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
17:18:00.0744 4824  ErrDev - ok
17:18:00.0807 4824  [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD             C:\windows\system32\DRIVERS\ETD.sys
17:18:00.0822 4824  ETD - ok
17:18:00.0869 4824  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
17:18:00.0916 4824  EventSystem - ok
17:18:00.0932 4824  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
17:18:00.0978 4824  exfat - ok
17:18:00.0994 4824  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
17:18:01.0025 4824  fastfat - ok
17:18:01.0056 4824  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
17:18:01.0103 4824  Fax - ok
17:18:01.0119 4824  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
17:18:01.0134 4824  fdc - ok
17:18:01.0166 4824  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
17:18:01.0228 4824  fdPHost - ok
17:18:01.0244 4824  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
17:18:01.0290 4824  FDResPub - ok
17:18:01.0306 4824  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
17:18:01.0306 4824  FileInfo - ok
17:18:01.0322 4824  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
17:18:01.0368 4824  Filetrace - ok
17:18:01.0384 4824  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
17:18:01.0384 4824  flpydisk - ok
17:18:01.0400 4824  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
17:18:01.0415 4824  FltMgr - ok
17:18:01.0462 4824  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\windows\system32\FntCache.dll
17:18:01.0493 4824  FontCache - ok
17:18:01.0556 4824  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:18:01.0571 4824  FontCache3.0.0.0 - ok
17:18:01.0587 4824  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
17:18:01.0602 4824  FsDepends - ok
17:18:01.0634 4824  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
17:18:01.0634 4824  Fs_Rec - ok
17:18:01.0680 4824  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
17:18:01.0712 4824  fvevol - ok
17:18:01.0743 4824  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
17:18:01.0758 4824  gagp30kx - ok
17:18:01.0821 4824  [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
17:18:01.0852 4824  GameConsoleService - ok
17:18:01.0883 4824  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
17:18:01.0914 4824  gpsvc - ok
17:18:02.0008 4824  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:18:02.0039 4824  gupdate - ok
17:18:02.0055 4824  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:18:02.0070 4824  gupdatem - ok
17:18:02.0102 4824  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:18:02.0117 4824  gusvc - ok
17:18:02.0164 4824  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
17:18:02.0180 4824  hamachi - ok
17:18:02.0336 4824  [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:18:02.0382 4824  Hamachi2Svc - ok
17:18:02.0414 4824  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
17:18:02.0460 4824  hcw85cir - ok
17:18:02.0492 4824  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:18:02.0538 4824  HdAudAddService - ok
17:18:02.0554 4824  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
17:18:02.0601 4824  HDAudBus - ok
17:18:02.0601 4824  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
17:18:02.0632 4824  HidBatt - ok
17:18:02.0632 4824  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
17:18:02.0663 4824  HidBth - ok
17:18:02.0679 4824  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
17:18:02.0694 4824  HidIr - ok
17:18:02.0710 4824  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
17:18:02.0788 4824  hidserv - ok
17:18:02.0835 4824  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
17:18:02.0850 4824  HidUsb - ok
17:18:02.0882 4824  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
17:18:02.0944 4824  hkmsvc - ok
17:18:02.0975 4824  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:18:03.0006 4824  HomeGroupListener - ok
17:18:03.0022 4824  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:18:03.0053 4824  HomeGroupProvider - ok
17:18:03.0178 4824  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:18:03.0194 4824  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:18:03.0194 4824  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:18:03.0225 4824  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:18:03.0240 4824  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:18:03.0240 4824  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:18:03.0272 4824  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
17:18:03.0287 4824  HpSAMD - ok
17:18:03.0334 4824  [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:18:03.0381 4824  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:18:03.0381 4824  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:18:03.0412 4824  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
17:18:03.0474 4824  HTTP - ok
17:18:03.0506 4824  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
17:18:03.0521 4824  hwpolicy - ok
17:18:03.0552 4824  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
17:18:03.0568 4824  i8042prt - ok
17:18:03.0646 4824  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
17:18:03.0677 4824  iaStor - ok
17:18:03.0708 4824  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
17:18:03.0724 4824  iaStorV - ok
17:18:03.0771 4824  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:18:03.0802 4824  idsvc - ok
17:18:04.0036 4824  [ 8CB8667F5A3B5515F2585F3254F3AAF7 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
17:18:04.0348 4824  igfx - ok
17:18:04.0379 4824  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
17:18:04.0395 4824  iirsp - ok
17:18:04.0426 4824  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
17:18:04.0504 4824  IKEEXT - ok
17:18:04.0613 4824  [ 65F70696BE5ABC11634FCF96AF7D7896 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
17:18:04.0644 4824  IntcAzAudAddService - ok
17:18:04.0691 4824  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
17:18:04.0754 4824  IntcDAud - ok
17:18:04.0785 4824  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
17:18:04.0800 4824  intelide - ok
17:18:04.0832 4824  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
17:18:04.0863 4824  intelppm - ok
17:18:04.0878 4824  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
17:18:04.0956 4824  IPBusEnum - ok
17:18:04.0972 4824  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
17:18:05.0019 4824  IpFilterDriver - ok
17:18:05.0050 4824  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
17:18:05.0097 4824  iphlpsvc - ok
17:18:05.0097 4824  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
17:18:05.0112 4824  IPMIDRV - ok
17:18:05.0128 4824  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
17:18:05.0159 4824  IPNAT - ok
17:18:05.0175 4824  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
17:18:05.0190 4824  IRENUM - ok
17:18:05.0222 4824  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
17:18:05.0237 4824  isapnp - ok
17:18:05.0253 4824  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
17:18:05.0253 4824  iScsiPrt - ok
17:18:05.0284 4824  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
17:18:05.0300 4824  kbdclass - ok
17:18:05.0300 4824  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
17:18:05.0331 4824  kbdhid - ok
17:18:05.0346 4824  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
17:18:05.0362 4824  KeyIso - ok
17:18:05.0409 4824  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
17:18:05.0424 4824  KSecDD - ok
17:18:05.0440 4824  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
17:18:05.0456 4824  KSecPkg - ok
17:18:05.0471 4824  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
17:18:05.0534 4824  ksthunk - ok
17:18:05.0549 4824  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
17:18:05.0596 4824  KtmRm - ok
17:18:05.0627 4824  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
17:18:05.0674 4824  LanmanServer - ok
17:18:05.0705 4824  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:18:05.0736 4824  LanmanWorkstation - ok
17:18:05.0783 4824  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\windows\system32\DRIVERS\lirsgt.sys
17:18:05.0783 4824  lirsgt - ok
17:18:05.0830 4824  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
17:18:05.0908 4824  lltdio - ok
17:18:05.0955 4824  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
17:18:06.0048 4824  lltdsvc - ok
17:18:06.0064 4824  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
17:18:06.0111 4824  lmhosts - ok
17:18:06.0189 4824  [ F4A17DCAB576267C85663E64F3ACE5A4 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:18:06.0220 4824  LMS - ok
17:18:06.0251 4824  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
17:18:06.0267 4824  LSI_FC - ok
17:18:06.0329 4824  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
17:18:06.0360 4824  LSI_SAS - ok
17:18:06.0376 4824  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
17:18:06.0392 4824  LSI_SAS2 - ok
17:18:06.0392 4824  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
17:18:06.0407 4824  LSI_SCSI - ok
17:18:06.0423 4824  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
17:18:06.0470 4824  luafv - ok
17:18:06.0485 4824  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
17:18:06.0516 4824  Mcx2Svc - ok
17:18:06.0516 4824  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
17:18:06.0532 4824  megasas - ok
17:18:06.0563 4824  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
17:18:06.0579 4824  MegaSR - ok
17:18:06.0610 4824  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
17:18:06.0610 4824  MEIx64 - ok
17:18:06.0657 4824  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
17:18:06.0719 4824  MMCSS - ok
17:18:06.0719 4824  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
17:18:06.0766 4824  Modem - ok
17:18:06.0766 4824  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
17:18:06.0797 4824  monitor - ok
17:18:06.0860 4824  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
17:18:06.0875 4824  mouclass - ok
17:18:06.0922 4824  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
17:18:06.0953 4824  mouhid - ok
17:18:06.0969 4824  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
17:18:06.0984 4824  mountmgr - ok
17:18:07.0000 4824  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
17:18:07.0016 4824  mpio - ok
17:18:07.0031 4824  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
17:18:07.0078 4824  mpsdrv - ok
17:18:07.0094 4824  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
17:18:07.0140 4824  MpsSvc - ok
17:18:07.0156 4824  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
17:18:07.0187 4824  MRxDAV - ok
17:18:07.0234 4824  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
17:18:07.0296 4824  mrxsmb - ok
17:18:07.0359 4824  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
17:18:07.0406 4824  mrxsmb10 - ok
17:18:07.0437 4824  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
17:18:07.0452 4824  mrxsmb20 - ok
17:18:07.0484 4824  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
17:18:07.0484 4824  msahci - ok
17:18:07.0499 4824  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
17:18:07.0515 4824  msdsm - ok
17:18:07.0530 4824  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
17:18:07.0562 4824  MSDTC - ok
17:18:07.0577 4824  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
17:18:07.0624 4824  Msfs - ok
17:18:07.0640 4824  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
17:18:07.0686 4824  mshidkmdf - ok
17:18:07.0686 4824  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
17:18:07.0702 4824  msisadrv - ok
17:18:07.0718 4824  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
17:18:07.0764 4824  MSiSCSI - ok
17:18:07.0764 4824  msiserver - ok
17:18:07.0796 4824  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
17:18:07.0842 4824  MSKSSRV - ok
17:18:07.0874 4824  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
17:18:07.0936 4824  MSPCLOCK - ok
17:18:07.0952 4824  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
17:18:07.0983 4824  MSPQM - ok
17:18:07.0998 4824  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
17:18:08.0014 4824  MsRPC - ok
17:18:08.0045 4824  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
17:18:08.0045 4824  mssmbios - ok
17:18:08.0061 4824  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
17:18:08.0092 4824  MSTEE - ok
17:18:08.0108 4824  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
17:18:08.0123 4824  MTConfig - ok
17:18:08.0139 4824  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
17:18:08.0139 4824  Mup - ok
17:18:08.0170 4824  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
17:18:08.0201 4824  napagent - ok
17:18:08.0232 4824  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
17:18:08.0264 4824  NativeWifiP - ok
17:18:08.0357 4824  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
17:18:08.0404 4824  NDIS - ok
17:18:08.0466 4824  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
17:18:08.0513 4824  NdisCap - ok
17:18:08.0544 4824  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
17:18:08.0560 4824  NdisTapi - ok
17:18:08.0591 4824  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
17:18:08.0638 4824  Ndisuio - ok
17:18:08.0654 4824  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
17:18:08.0685 4824  NdisWan - ok
17:18:08.0700 4824  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
17:18:08.0732 4824  NDProxy - ok
17:18:08.0825 4824  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:18:08.0841 4824  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:18:08.0841 4824  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:18:08.0872 4824  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
17:18:08.0950 4824  NetBIOS - ok
17:18:08.0966 4824  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
17:18:09.0012 4824  NetBT - ok
17:18:09.0059 4824  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
17:18:09.0090 4824  Netlogon - ok
17:18:09.0122 4824  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
17:18:09.0200 4824  Netman - ok
17:18:09.0231 4824  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
17:18:09.0262 4824  netprofm - ok
17:18:09.0293 4824  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:18:09.0293 4824  NetTcpPortSharing - ok
17:18:09.0527 4824  [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
17:18:09.0746 4824  NETwNs64 - ok
17:18:09.0777 4824  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
17:18:09.0777 4824  nfrd960 - ok
17:18:09.0808 4824  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\windows\System32\nlasvc.dll
17:18:09.0886 4824  NlaSvc - ok
17:18:09.0917 4824  [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd           C:\windows\system32\drivers\ccdcmbx64.sys
17:18:09.0980 4824  nmwcd - ok
17:18:10.0026 4824  [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc          C:\windows\system32\drivers\ccdcmbox64.sys
17:18:10.0120 4824  nmwcdc - ok
17:18:10.0120 4824  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
17:18:10.0151 4824  Npfs - ok
17:18:10.0198 4824  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
17:18:10.0292 4824  nsi - ok
17:18:10.0307 4824  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
17:18:10.0401 4824  nsiproxy - ok
17:18:10.0479 4824  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
17:18:10.0526 4824  Ntfs - ok
17:18:10.0557 4824  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
17:18:10.0588 4824  Null - ok
17:18:10.0916 4824  [ FBE6AC1C3591CB67543FAD15ABD26BCB ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
17:18:11.0072 4824  nvlddmkm - ok
17:18:11.0103 4824  [ 680C5BAF7D0190B1485068FC4BA75F1C ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
17:18:11.0103 4824  nvpciflt - ok
17:18:11.0150 4824  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
17:18:11.0181 4824  nvraid - ok
17:18:11.0196 4824  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
17:18:11.0212 4824  nvstor - ok
17:18:11.0259 4824  [ 147B0D17255FD796F990CC6F745605C5 ] NVSvc           C:\windows\system32\nvvsvc.exe
17:18:11.0306 4824  NVSvc - ok
17:18:11.0415 4824  [ 812BF9531C827E1D8029843CDDB2B5D6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:18:11.0477 4824  nvUpdatusService - ok
17:18:11.0508 4824  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
17:18:11.0540 4824  nv_agp - ok
17:18:11.0555 4824  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
17:18:11.0571 4824  ohci1394 - ok
17:18:11.0649 4824  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:18:11.0664 4824  ose - ok
17:18:11.0820 4824  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:18:11.0976 4824  osppsvc - ok
17:18:12.0023 4824  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
17:18:12.0070 4824  p2pimsvc - ok
17:18:12.0101 4824  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
17:18:12.0148 4824  p2psvc - ok
17:18:12.0179 4824  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
17:18:12.0210 4824  Parport - ok
17:18:12.0226 4824  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
17:18:12.0257 4824  partmgr - ok
17:18:12.0288 4824  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
17:18:12.0335 4824  PcaSvc - ok
17:18:12.0398 4824  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\windows\system32\DRIVERS\pccsmcfdx64.sys
17:18:12.0444 4824  pccsmcfd - ok
17:18:12.0476 4824  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
17:18:12.0507 4824  pci - ok
17:18:12.0538 4824  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
17:18:12.0554 4824  pciide - ok
17:18:12.0585 4824  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
17:18:12.0600 4824  pcmcia - ok
17:18:12.0616 4824  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
17:18:12.0632 4824  pcw - ok
17:18:12.0647 4824  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
17:18:12.0710 4824  PEAUTH - ok
17:18:12.0819 4824  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
17:18:12.0866 4824  PerfHost - ok
17:18:12.0928 4824  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
17:18:12.0990 4824  pla - ok
17:18:13.0084 4824  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
17:18:13.0146 4824  PlugPlay - ok
17:18:13.0287 4824  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:18:13.0302 4824  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:18:13.0302 4824  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:18:13.0334 4824  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
17:18:13.0365 4824  PNRPAutoReg - ok
17:18:13.0380 4824  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
17:18:13.0396 4824  PNRPsvc - ok
17:18:13.0490 4824  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
17:18:13.0568 4824  PolicyAgent - ok
17:18:13.0614 4824  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
17:18:13.0677 4824  Power - ok
17:18:13.0724 4824  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
17:18:13.0770 4824  PptpMiniport - ok
17:18:13.0786 4824  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
17:18:13.0864 4824  Processor - ok
17:18:13.0911 4824  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
17:18:13.0973 4824  ProfSvc - ok
17:18:13.0973 4824  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:18:13.0989 4824  ProtectedStorage - ok
17:18:14.0020 4824  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
17:18:14.0082 4824  Psched - ok
17:18:14.0145 4824  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
17:18:14.0176 4824  ql2300 - ok
17:18:14.0192 4824  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
17:18:14.0207 4824  ql40xx - ok
17:18:14.0223 4824  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
17:18:14.0238 4824  QWAVE - ok
17:18:14.0301 4824  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
17:18:14.0348 4824  QWAVEdrv - ok
17:18:14.0363 4824  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
17:18:14.0394 4824  RasAcd - ok
17:18:14.0441 4824  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
17:18:14.0488 4824  RasAgileVpn - ok
17:18:14.0628 4824  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
17:18:14.0691 4824  RasAuto - ok
17:18:14.0769 4824  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
17:18:14.0831 4824  Rasl2tp - ok
17:18:14.0862 4824  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
17:18:14.0894 4824  RasMan - ok
17:18:14.0940 4824  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
17:18:15.0018 4824  RasPppoe - ok
17:18:15.0050 4824  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
17:18:15.0143 4824  RasSstp - ok
17:18:15.0190 4824  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
17:18:15.0268 4824  rdbss - ok
17:18:15.0284 4824  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
17:18:15.0299 4824  rdpbus - ok
17:18:15.0315 4824  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
17:18:15.0346 4824  RDPCDD - ok
17:18:15.0377 4824  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
17:18:15.0393 4824  RDPENCDD - ok
17:18:15.0408 4824  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
17:18:15.0455 4824  RDPREFMP - ok
17:18:15.0471 4824  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
17:18:15.0564 4824  RDPWD - ok
17:18:15.0580 4824  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
17:18:15.0596 4824  rdyboost - ok
17:18:15.0627 4824  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
17:18:15.0720 4824  RemoteAccess - ok
17:18:15.0736 4824  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
17:18:15.0783 4824  RemoteRegistry - ok
17:18:15.0830 4824  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
17:18:15.0861 4824  RFCOMM - ok
17:18:15.0970 4824  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:18:16.0001 4824  RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:18:16.0001 4824  RichVideo - detected UnsignedFile.Multi.Generic (1)
17:18:16.0048 4824  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
17:18:16.0126 4824  RpcEptMapper - ok
17:18:16.0142 4824  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
17:18:16.0157 4824  RpcLocator - ok
17:18:16.0204 4824  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
17:18:16.0266 4824  RpcSs - ok
17:18:16.0313 4824  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
17:18:16.0391 4824  rspndr - ok
17:18:16.0469 4824  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
17:18:16.0500 4824  RTL8167 - ok
17:18:16.0578 4824  [ 4CA0DBA9E224473D664C25E411F5A3BD ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
17:18:16.0610 4824  rtport - ok
17:18:16.0641 4824  [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI            C:\windows\system32\Drivers\SABI.sys
17:18:16.0672 4824  SABI - ok
17:18:16.0703 4824  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
17:18:16.0734 4824  SamSs - ok
17:18:16.0766 4824  [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe
17:18:16.0797 4824  Samsung UPD Service - ok
17:18:16.0828 4824  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
17:18:16.0844 4824  sbp2port - ok
17:18:16.0875 4824  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
17:18:16.0968 4824  SCardSvr - ok
17:18:17.0000 4824  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
17:18:17.0093 4824  scfilter - ok
17:18:17.0124 4824  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
17:18:17.0171 4824  Schedule - ok
17:18:17.0187 4824  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
17:18:17.0218 4824  SCPolicySvc - ok
17:18:17.0265 4824  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
17:18:17.0312 4824  SDRSVC - ok
17:18:17.0405 4824  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:18:17.0436 4824  SeaPort - ok
17:18:17.0468 4824  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
17:18:17.0514 4824  secdrv - ok
17:18:17.0514 4824  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
17:18:17.0561 4824  seclogon - ok
17:18:17.0577 4824  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
17:18:17.0717 4824  SENS - ok
17:18:17.0748 4824  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
17:18:17.0795 4824  SensrSvc - ok
17:18:17.0826 4824  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
17:18:17.0842 4824  Serenum - ok
17:18:17.0873 4824  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
17:18:17.0920 4824  Serial - ok
17:18:17.0951 4824  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
17:18:17.0967 4824  sermouse - ok
17:18:18.0076 4824  [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer    C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
17:18:18.0123 4824  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
17:18:18.0123 4824  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
17:18:18.0154 4824  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
17:18:18.0201 4824  SessionEnv - ok
17:18:18.0216 4824  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
17:18:18.0232 4824  sffdisk - ok
17:18:18.0248 4824  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
17:18:18.0341 4824  sffp_mmc - ok
17:18:18.0341 4824  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
17:18:18.0388 4824  sffp_sd - ok
17:18:18.0388 4824  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
17:18:18.0404 4824  sfloppy - ok
17:18:18.0435 4824  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
17:18:18.0482 4824  SharedAccess - ok
17:18:18.0497 4824  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:18:18.0544 4824  ShellHWDetection - ok
17:18:18.0560 4824  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
17:18:18.0575 4824  SiSRaid2 - ok
17:18:18.0591 4824  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
17:18:18.0591 4824  SiSRaid4 - ok
17:18:18.0684 4824  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:18:18.0700 4824  SkypeUpdate - ok
17:18:18.0762 4824  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
17:18:18.0809 4824  Smb - ok
17:18:18.0856 4824  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
17:18:18.0887 4824  SNMPTRAP - ok
17:18:18.0918 4824  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
17:18:18.0934 4824  spldr - ok
17:18:18.0965 4824  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
17:18:18.0996 4824  Spooler - ok
17:18:19.0090 4824  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
17:18:19.0184 4824  sppsvc - ok
17:18:19.0199 4824  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
17:18:19.0230 4824  sppuinotify - ok
17:18:19.0277 4824  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
17:18:19.0308 4824  srv - ok
17:18:19.0340 4824  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
17:18:19.0371 4824  srv2 - ok
17:18:19.0402 4824  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
17:18:19.0449 4824  srvnet - ok
17:18:19.0480 4824  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
17:18:19.0542 4824  SSDPSRV - ok
17:18:19.0558 4824  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
17:18:19.0574 4824  SstpSvc - ok
17:18:19.0605 4824  Steam Client Service - ok
17:18:19.0620 4824  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
17:18:19.0636 4824  stexstor - ok
17:18:19.0652 4824  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
17:18:19.0667 4824  StillCam - ok
17:18:19.0698 4824  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
17:18:19.0745 4824  stisvc - ok
17:18:19.0761 4824  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
17:18:19.0761 4824  swenum - ok
17:18:19.0792 4824  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
17:18:19.0839 4824  swprv - ok
17:18:19.0886 4824  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
17:18:19.0932 4824  SysMain - ok
17:18:19.0964 4824  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:18:20.0010 4824  TabletInputService - ok
17:18:20.0026 4824  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
17:18:20.0073 4824  TapiSrv - ok
17:18:20.0088 4824  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
17:18:20.0120 4824  TBS - ok
17:18:20.0213 4824  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\windows\system32\drivers\tcpip.sys
17:18:20.0260 4824  Tcpip - ok
17:18:20.0276 4824  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
17:18:20.0307 4824  TCPIP6 - ok
17:18:20.0338 4824  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
17:18:20.0416 4824  tcpipreg - ok
17:18:20.0416 4824  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
17:18:20.0447 4824  TDPIPE - ok
17:18:20.0463 4824  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
17:18:20.0478 4824  TDTCP - ok
17:18:20.0494 4824  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
17:18:20.0541 4824  tdx - ok
17:18:20.0556 4824  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
17:18:20.0556 4824  TermDD - ok
17:18:20.0603 4824  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
17:18:20.0634 4824  TermService - ok
17:18:20.0650 4824  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
17:18:20.0681 4824  Themes - ok
17:18:20.0697 4824  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
17:18:20.0744 4824  THREADORDER - ok
17:18:20.0775 4824  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
17:18:20.0790 4824  TrkWks - ok
17:18:20.0837 4824  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:18:20.0884 4824  TrustedInstaller - ok
17:18:20.0900 4824  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
17:18:20.0931 4824  tssecsrv - ok
17:18:20.0946 4824  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
17:18:20.0993 4824  TsUsbFlt - ok
17:18:21.0009 4824  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
17:18:21.0056 4824  TsUsbGD - ok
17:18:21.0087 4824  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
17:18:21.0149 4824  tunnel - ok
17:18:21.0180 4824  [ 48743B69EA47C020A792D8649F753F44 ] TurboB          C:\windows\system32\DRIVERS\TurboB.sys
17:18:21.0212 4824  TurboB - ok
17:18:21.0258 4824  [ 759F59E3EA3802FF23F93DCDB6FE9171 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:18:21.0274 4824  TurboBoost - ok
17:18:21.0305 4824  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
17:18:21.0336 4824  uagp35 - ok
17:18:21.0352 4824  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
17:18:21.0430 4824  udfs - ok
17:18:21.0461 4824  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
17:18:21.0461 4824  UI0Detect - ok
17:18:21.0492 4824  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
17:18:21.0492 4824  uliagpkx - ok
17:18:21.0524 4824  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
17:18:21.0555 4824  umbus - ok
17:18:21.0586 4824  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
17:18:21.0617 4824  UmPass - ok
17:18:21.0758 4824  [ DB641944F7E4B14C13C3FEFC89843F69 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:18:21.0804 4824  UNS - ok
17:18:21.0820 4824  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
17:18:21.0867 4824  upnphost - ok
17:18:21.0898 4824  [ 4E93C8496359E97830C75AC36393654D ] upperdev        C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:18:21.0945 4824  upperdev - ok
17:18:21.0992 4824  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
17:18:22.0038 4824  usbccgp - ok
17:18:22.0085 4824  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
17:18:22.0132 4824  usbcir - ok
17:18:22.0179 4824  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\drivers\usbehci.sys
17:18:22.0210 4824  usbehci - ok
17:18:22.0241 4824  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
17:18:22.0272 4824  usbhub - ok
17:18:22.0304 4824  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
17:18:22.0335 4824  usbohci - ok
17:18:22.0366 4824  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
17:18:22.0397 4824  usbprint - ok
17:18:22.0428 4824  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
17:18:22.0444 4824  usbscan - ok
17:18:22.0475 4824  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\windows\system32\DRIVERS\usbser.sys
17:18:22.0491 4824  usbser - ok
17:18:22.0522 4824  [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt      C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:18:22.0538 4824  UsbserFilt - ok
17:18:22.0569 4824  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
17:18:22.0616 4824  USBSTOR - ok
17:18:22.0678 4824  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
17:18:22.0709 4824  usbuhci - ok
17:18:22.0756 4824  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
17:18:22.0803 4824  usbvideo - ok
17:18:22.0818 4824  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
17:18:22.0865 4824  UxSms - ok
17:18:22.0881 4824  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
17:18:22.0896 4824  VaultSvc - ok
17:18:22.0928 4824  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
17:18:22.0928 4824  vdrvroot - ok
17:18:22.0959 4824  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
17:18:22.0990 4824  vds - ok
17:18:23.0021 4824  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
17:18:23.0037 4824  vga - ok
17:18:23.0037 4824  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
17:18:23.0115 4824  VgaSave - ok
17:18:23.0130 4824  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
17:18:23.0130 4824  vhdmp - ok
17:18:23.0162 4824  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
17:18:23.0162 4824  viaide - ok
17:18:23.0193 4824  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
17:18:23.0193 4824  volmgr - ok
17:18:23.0224 4824  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
17:18:23.0224 4824  volmgrx - ok
17:18:23.0240 4824  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
17:18:23.0240 4824  volsnap - ok
17:18:23.0271 4824  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
17:18:23.0286 4824  vsmraid - ok
17:18:23.0318 4824  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
17:18:23.0380 4824  VSS - ok
17:18:23.0396 4824  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
17:18:23.0427 4824  vwifibus - ok
17:18:23.0474 4824  [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
17:18:23.0520 4824  vwififlt - ok
17:18:23.0552 4824  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
17:18:23.0614 4824  W32Time - ok
17:18:23.0630 4824  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
17:18:23.0661 4824  WacomPen - ok
17:18:23.0692 4824  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
17:18:23.0754 4824  WANARP - ok
17:18:23.0770 4824  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
17:18:23.0786 4824  Wanarpv6 - ok
17:18:23.0817 4824  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
17:18:23.0879 4824  wbengine - ok
17:18:23.0895 4824  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
17:18:23.0910 4824  WbioSrvc - ok
17:18:23.0942 4824  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
17:18:23.0988 4824  wcncsvc - ok
17:18:24.0004 4824  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:18:24.0035 4824  WcsPlugInService - ok
17:18:24.0066 4824  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
17:18:24.0082 4824  Wd - ok
17:18:24.0113 4824  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
17:18:24.0129 4824  Wdf01000 - ok
17:18:24.0144 4824  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
17:18:24.0238 4824  WdiServiceHost - ok
17:18:24.0238 4824  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
17:18:24.0269 4824  WdiSystemHost - ok
17:18:24.0332 4824  [ F4A9476AA49B69D28BE439C64F96C714 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
17:18:24.0363 4824  Web Assistant Updater - ok
17:18:24.0378 4824  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
17:18:24.0425 4824  WebClient - ok
17:18:24.0534 4824  [ 688399FF25A4012AF16DA2E5C3DAF050 ] WebOptimizer    C:\windows\system32\dmwu.exe
17:18:24.0581 4824  WebOptimizer - ok
17:18:24.0612 4824  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\windows\system32\wecsvc.dll
17:18:24.0644 4824  Wecsvc - ok
17:18:24.0675 4824  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
17:18:24.0690 4824  wercplsupport - ok
17:18:24.0722 4824  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
17:18:24.0753 4824  WerSvc - ok
17:18:24.0784 4824  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
17:18:24.0800 4824  WfpLwf - ok
17:18:24.0831 4824  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
17:18:24.0831 4824  WIMMount - ok
17:18:24.0862 4824  WinDefend - ok
17:18:24.0862 4824  WinHttpAutoProxySvc - ok
17:18:24.0924 4824  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
17:18:25.0002 4824  Winmgmt - ok
17:18:25.0065 4824  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\windows\system32\WsmSvc.dll
17:18:25.0127 4824  WinRM - ok
17:18:25.0174 4824  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
17:18:25.0205 4824  WinUsb - ok
17:18:25.0236 4824  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
17:18:25.0268 4824  Wlansvc - ok
17:18:25.0330 4824  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:18:25.0346 4824  wlcrasvc - ok
17:18:25.0470 4824  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:18:25.0517 4824  wlidsvc - ok
17:18:25.0533 4824  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
17:18:25.0548 4824  WmiAcpi - ok
17:18:25.0580 4824  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
17:18:25.0595 4824  wmiApSrv - ok
17:18:25.0626 4824  WMPNetworkSvc - ok
17:18:25.0658 4824  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
17:18:25.0689 4824  WPCSvc - ok
17:18:25.0689 4824  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
17:18:25.0720 4824  WPDBusEnum - ok
17:18:25.0736 4824  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
17:18:25.0782 4824  ws2ifsl - ok
17:18:25.0782 4824  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
17:18:25.0798 4824  wscsvc - ok
17:18:25.0798 4824  WSearch - ok
17:18:25.0892 4824  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
17:18:25.0938 4824  wuauserv - ok
17:18:25.0954 4824  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
17:18:25.0985 4824  WudfPf - ok
17:18:26.0001 4824  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
17:18:26.0063 4824  WUDFRd - ok
17:18:26.0094 4824  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
17:18:26.0110 4824  wudfsvc - ok
17:18:26.0126 4824  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\windows\System32\wwansvc.dll
17:18:26.0157 4824  WwanSvc - ok
17:18:26.0172 4824  ================ Scan global ===============================
17:18:26.0188 4824  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:18:26.0219 4824  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:18:26.0235 4824  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:18:26.0250 4824  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:18:26.0282 4824  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:18:26.0282 4824  [Global] - ok
17:18:26.0282 4824  ================ Scan MBR ==================================
17:18:26.0297 4824  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
17:18:26.0562 4824  \Device\Harddisk0\DR0 - ok
17:18:26.0562 4824  ================ Scan VBR ==================================
17:18:26.0578 4824  [ 125A4F5FCCFD66A460EB4C345416EB97 ] \Device\Harddisk0\DR0\Partition1
17:18:26.0578 4824  \Device\Harddisk0\DR0\Partition1 - ok
17:18:26.0609 4824  [ C7238D41D4FD797E3A8FDABBE7A97370 ] \Device\Harddisk0\DR0\Partition2
17:18:26.0609 4824  \Device\Harddisk0\DR0\Partition2 - ok
17:18:26.0625 4824  [ B27BFA40BF415B087AEA7F5F6D4119AD ] \Device\Harddisk0\DR0\Partition3
17:18:26.0640 4824  \Device\Harddisk0\DR0\Partition3 - ok
17:18:26.0640 4824  ============================================================
17:18:26.0640 4824  Scan finished
17:18:26.0640 4824  ============================================================
17:18:26.0656 4708  Detected object count: 7
17:18:26.0656 4708  Actual detected object count: 7
17:20:51.0472 4708  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0472 4708  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0475 4708  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0475 4708  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0477 4708  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0477 4708  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0479 4708  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0479 4708  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0480 4708  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0480 4708  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0482 4708  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0482 4708  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:20:51.0483 4708  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
17:20:51.0483 4708  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 05.11.2012, 09:15   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Sieht ok aus, eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.11.2012, 16:44   #11
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Danke schonmal für die gute Nachricht!
Wir haben nun bei OTL auf Scan geklickt und wieder eine OTL.txt und eine Extras.txt erhalten:

Hier das Logfile von OTL.txt:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11/5/2012 5:07:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7.91 Gb Total Physical Memory | 5.95 Gb Available Physical Memory | 75.16% Memory free
15.83 Gb Paging File | 13.79 Gb Available in Paging File | 87.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 112.72 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 342.41 Gb Total Space | 342.31 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\MDataStore.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\MItems.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\MEvent.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\MThumbnailService.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\MItemPlugins.dll ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
MOD - C:\Program Files (x86)\Common Files\Nokia\MPlatform\sqlite3.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (WebOptimizer) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (Samsung UPD Service) -- C:\Windows\SysNative\SUPDSvc.exe (Samsung Electronics CO., LTD.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/?gl=DE&hl=de
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\SearchScopes\{393B4ACC-A025-477C-8763-5124F6FA3ED6}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=5235F1AB-E8A4-4D70-8A9E-25B4F4EFB666&apn_sauid=70F44CA7-3844-43D4-BD3D-3745FFA10980&
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\SearchScopes\{589E7158-E3EF-4E74-8A4D-169C47BB72A3}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_deDE489
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyFkIm53w&i=26
IE - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb165?a=6OyFkIm53w&i=26"
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.478
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6OyFkIm53w&&i=26&search="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/08/29 15:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/08/29 15:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/03 19:02:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/15 14:29:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/03 19:02:43 | 000,000,000 | ---D | M]
 
[2011/12/15 13:53:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012/06/18 16:10:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\bg9lxlqz.default\extensions
[2012/06/18 16:10:15 | 000,002,203 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\bg9lxlqz.default\searchplugins\MyStart Search.xml
[2012/04/14 18:08:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/14 18:08:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/09 20:10:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012/08/29 15:29:19 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2011/11/21 05:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/21 02:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/21 02:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/21 02:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/21 02:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/21 02:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/21 02:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: CTB Dynamic Link Library (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\ctb.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\npbrowserext.dll
CHR - plugin: WordCaptureX (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\npWCX.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Montiera Chrome Toolbar = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\
CHR - Extension: Google-Suche = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: Word CaptureX Extension = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf\1.1_0\
CHR - Extension: Google Mail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/10/29 20:22:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\Toolbar\WebBrowser: (FileConverter 1.3 Toolbar) - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1739335617-45622530-1743251556-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1739335617-45622530-1743251556-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1739335617-45622530-1743251556-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1739335617-45622530-1743251556-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1739335617-45622530-1743251556-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDC0CBAE-8184-44F0-AB01-62CCC661AA3C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E02088E9-47F0-4D18-918A-941C271634D4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/04 17:31:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{ADF52A86-8D51-4795-AA8B-4C8DDE2A83E4}
[2012/11/04 17:14:32 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Trojaner
[2012/11/04 17:13:35 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller (1).exe
[2012/10/29 20:20:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/25 15:08:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/10/21 16:07:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012/10/21 16:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/21 16:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/21 16:07:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/10/21 16:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/19 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5059D127-F6D6-4D9C-A278-1EA2FD867C92}
[2012/10/17 11:49:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\HP
[2012/10/10 16:49:14 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012/10/10 16:49:14 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012/10/10 16:49:14 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012/10/10 16:48:56 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2012/10/10 16:48:56 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2012/10/10 16:48:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2012/10/10 16:48:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2012/10/10 16:48:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2012/10/10 16:48:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2012/10/10 16:48:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2012/10/10 16:48:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2012/10/10 16:48:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2012/10/10 16:48:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2012/10/10 16:48:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2012/10/10 16:48:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/10/10 16:48:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/10/10 16:48:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/10/10 16:48:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/10/10 16:48:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2012/10/10 16:48:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/10/10 16:48:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/10/10 16:48:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/10/10 16:48:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2012/10/10 16:48:51 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012/10/10 16:48:44 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2012/10/10 16:48:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012/11/05 17:02:34 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/05 17:02:34 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/05 17:02:09 | 001,527,504 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/05 17:02:09 | 000,664,634 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/11/05 17:02:09 | 000,624,776 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/05 17:02:09 | 000,134,770 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/11/05 17:02:09 | 000,110,414 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/05 16:54:47 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/05 16:54:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/05 16:54:31 | 4202,893,311 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/05 16:42:31 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/04 19:49:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/11/04 17:12:51 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller (1).exe
[2012/10/29 20:22:11 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2012/10/26 14:30:50 | 000,000,867 | ---- | M] () -- C:\Users\User\AppData\Local\recently-used.xbel
[2012/10/25 15:11:59 | 000,000,000 | ---- | M] () -- C:\Users\User\defogger_reenable
[2012/10/22 20:11:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/10/17 21:29:35 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/10/17 21:29:35 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/13 17:26:35 | 000,006,656 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/13 17:22:54 | 000,000,807 | ---- | M] () -- C:\Users\User\Desktop\Neuer Ordner (2) - Verknüpfung.lnk
[2012/10/13 17:07:09 | 000,548,910 | ---- | M] () -- C:\Users\User\Desktop\leben_mit_diabetes.zip
 
========== Files Created - No Company Name ==========
 
[2012/10/26 14:30:50 | 000,000,867 | ---- | C] () -- C:\Users\User\AppData\Local\recently-used.xbel
[2012/10/25 15:11:59 | 000,000,000 | ---- | C] () -- C:\Users\User\defogger_reenable
[2012/10/13 17:22:54 | 000,000,807 | ---- | C] () -- C:\Users\User\Desktop\Neuer Ordner (2) - Verknüpfung.lnk
[2012/10/13 17:07:09 | 000,548,910 | ---- | C] () -- C:\Users\User\Desktop\leben_mit_diabetes.zip
[2012/08/03 18:59:42 | 000,245,445 | ---- | C] () -- C:\windows\hpoins19.dat
[2012/08/03 18:59:42 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat
[2012/08/03 14:02:28 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat
[2012/08/03 14:02:02 | 001,554,122 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/08/03 13:36:04 | 000,006,656 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/25 19:27:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/09/19 08:07:46 | 000,015,360 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll
[2011/09/19 08:07:32 | 000,058,368 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll
[2011/09/06 05:52:13 | 000,258,864 | ---- | C] () -- C:\windows\SUPDRun.exe
[2011/09/06 05:48:44 | 000,960,940 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/09/06 05:48:43 | 000,207,376 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011/09/06 05:48:42 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/09/06 02:38:21 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011/09/06 01:55:32 | 000,000,918 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/09/06 01:55:13 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---
--- --- --- [/code]

Geändert von mauft503 (05.11.2012 um 17:00 Uhr)

Alt 05.11.2012, 16:56   #12
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



Hier das Logfile von Extra.txt: (Der Beitrag war zu groß, 13000 Wörter )

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11/5/2012 5:07:29 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7.91 Gb Total Physical Memory | 5.95 Gb Available Physical Memory | 75.16% Memory free
15.83 Gb Paging File | 13.79 Gb Available in Paging File | 87.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 230.00 Gb Total Space | 112.72 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 342.41 Gb Total Space | 342.31 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1739335617-45622530-1743251556-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D87D76-28B0-431B-BDA8-E2AF257D5A66}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{28397B5F-5FEB-45D6-84FA-4F1453690B5D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E5A45ABD-5113-431E-8C57-552740BFB33A}" = lport=25565 | protocol=6 | dir=in | name=minecraft server | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01982D6C-C88C-47ED-B6FE-6AA443E4A0FD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{0F960FA6-F77B-4616-88F8-58BCF12590F8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{100BDA2B-A596-4E4B-9ECA-4D0EAD829B70}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe | 
"{14852E8D-7DA3-4BA4-9BAB-DA0E9ADD003F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe | 
"{14B560D2-97DE-4A0B-A8A7-60D58983FDCA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{151B8035-5EB1-46B7-876E-8BC990F6CAE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{1CE340C4-FCF6-4A13-82E7-B71BC5E027D6}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe | 
"{215D042B-85BF-454F-96ED-ACDCE24E2924}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{25AE7993-C844-42D0-BFBF-66D34AD47BCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{2A7B608A-78ED-4059-84DA-E57503162264}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"{37A48405-75E7-49EF-BD11-E18EB171680A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{37ED4353-F539-46E6-A858-84FBEC9B158F}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"{3AAFF387-ED98-43CC-B564-BC6CFE0B52F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons and dragons online\turbineinvoker.exe | 
"{3DAC71E0-451B-4B61-B49B-FE4184A3D3E3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{3DFDEDDF-49BC-490F-9FDA-D1889A10F4FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{3E890D5B-5E92-4A78-A4E0-5D718AC407AA}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{41FA4011-EE4F-489D-8C47-A33B99E36609}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | 
"{42181859-C20A-40EF-871B-6947BD8BD6C3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{45101200-2030-4253-A358-3AF6050B014A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{4B363A06-7047-4C33-8296-E400B5687B0B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{4B80EDAE-3DD8-422C-86BF-86EDA2DB3783}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe | 
"{4E47BA05-D992-4132-924A-42BEFE3B26E6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{4EAD87C3-03F9-4798-9E25-425FF36D6915}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{509BFBEB-C568-4AF4-8E88-F78E83590A6A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{54AC6423-B3AA-4154-B9E5-768235DCFE2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{58023D13-61D3-4301-ABE8-D2A25A1FFEAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{592A3D2B-B011-43CB-B937-82D7781EF258}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{5B4A6DCC-3ED1-421A-B887-4E600C758AA9}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe | 
"{5FAB45DB-0367-4778-852B-389E2C1EFF65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{6ABA91F2-A150-460F-A52D-60EB4E5705AA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{6ACB8BE2-DAEE-44DB-9241-9F461BB945F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{6D916981-5F0D-43DF-B750-4D3AD4BB7813}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{7140D962-BC3C-4E27-B9B8-DE0E3FF8B8E5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{77C44C04-075C-4460-A8D1-1D5D8C58CAD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{7BFDC501-A1ED-480F-B6CD-03E1C4A81A0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{7EE91244-CDE5-4001-BDB4-E78E4DFB5EC8}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{87657EED-BF0A-4E86-A383-9CC035C4325C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{8CD8D871-C537-4BCC-9266-E9CAF734E480}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{94CFE4B4-DFDD-48E4-8C6D-3F31CA93781C}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\iccupdater.exe | 
"{982E7334-233D-41B4-B206-7ADDD17B2AAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{A908D698-1221-4686-AE28-79EF0B329189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{A9F6A2AC-7FB6-456B-8184-4AF48D542365}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{AAD1ED69-A716-489B-9D90-70625AE5760A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe | 
"{AC7C4D1F-7BC8-418F-B3AF-CBD5AF028C51}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe | 
"{B708E468-E30E-4922-A141-E183CAD59A44}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{C1CF5CE4-3B7C-43E3-B363-B7F726D4511B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{C3863ED2-D550-4078-99BC-AD8AC9398F54}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{C38DA49D-7A3C-410F-B519-6AC1C71EC659}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{C44A2BD7-A7CB-4BE5-A934-DF6DDDE0C920}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C5815388-F5CD-4DA3-B3B6-77DA074FF5DC}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"{C8946997-4BF5-4994-8B83-A6F64B312CB6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 
"{C9403DF3-BF0F-4EFF-A9BB-3BB7BC195246}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{D2649D4F-5264-4234-92AF-A8E9F8E7CCD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{D5A8657D-BD22-4AA1-A17F-65481F219DA7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{D5D36A87-FC93-4E3D-ADE5-6E3D7D4D962C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe | 
"{DB26E373-1B45-44BF-A5C3-32FF6DE57495}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{DB8F5918-EF3E-415B-AAA8-307427C278E0}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung universal scan driver\usdagent.exe | 
"{DBB34EA3-D757-4B75-A307-6BADC06EF25D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{DDF7F7B5-642A-4FFD-8C36-4472D1934670}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | 
"{E2ED00B2-C6BE-4FAA-9FDC-F0822B6D0511}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{E34AF834-6313-424F-971C-4C514AD37556}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{E8AEE564-CC11-4BB7-BDFD-35A37920BF6B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe | 
"{EA51B200-BFA0-499F-BA1E-9574ACBB46EE}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe | 
"{ED377CA8-879C-4707-9A50-4E16263F15E2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{ED495545-6FFD-4DD0-8183-D30B44C646C6}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"{ED77D2BD-CF36-4311-8F0B-2E29C1840198}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{EFBE05A6-B250-47A5-84F2-C181380595B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{F1833BF5-D653-4E1E-9854-7EA3F5AB09C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{F57CEF27-0FA6-46AF-B104-E292A4DCB938}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{FB673508-C987-4CC1-BB12-6F86CFFA6599}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{FEBB1BFF-C267-4B50-939B-5980AB17E0A4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"TCP Query User{09680D95-4088-41C1-8AF8-221E07F0D926}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"TCP Query User{4353F165-1107-4295-A86A-F511BFDF4CCF}C:\users\user\appdata\roaming\etuhz\cecie.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\etuhz\cecie.exe | 
"TCP Query User{7BBBC36A-7A73-4843-802D-EF5255A99B51}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{33F4F3CF-7731-476E-A99D-46BDBF5C1D0E}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
"UDP Query User{4E6F08B1-157A-41B3-9F9D-E30401B049D6}C:\users\user\appdata\roaming\etuhz\cecie.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\etuhz\cecie.exe | 
"UDP Query User{FC1AA85D-B28A-4F6F-96B9-0C10C9760709}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.478
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.72
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.72
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Elantech" = ETDWare PS/2-X64 8.0.7.2_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"GIMP-2_is1" = GIMP 2.8.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
"WNLT" = Web Optimizer
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}" = WordCaptureX Pro
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}" = PhoneShare
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4371DBFF-8F97-4A64-A18D-EF8F6EA06A69}" = Nokia Ovi Content Copier
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}" = Windows Live 메일
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5C2909FF-1E30-48B3-8820-6F40D3E4A0C7}" = Nokia Ovi Application Installer
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5C5A944F-096E-4ADD-B8E8-887F18BA6228}" = LEGO® Harry Potter™: Die Jahre 5-7
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{61920449-0393-4707-B7DD-E6C0013C8B2C}" = 원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64958DA4-79D3-43FD-AF06-720DAD044F9E}" = LEGO® Pirates of the Caribbean Das Videospiel
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}" = Fast Start
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}" = Movie Color Enhancer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83D2FFB0-E378-49FE-8A53-580CA7B5761F}" = Windows Live Messenger
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8732818E-CA78-4ACB-B077-22311BF4C0E4}" = Easy Network Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF2565F-894C-4F11-8DCB-FBA97CADE10B}" = Nokia Ovi Suite
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A272197C-D2EE-4DF9-8AB0-B05F4CFFDEA0}" = Nokia Ovi System Utilities
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE977FE5-F014-4F1E-83F7-B4FD143B5EEF}" = Nokia Photos
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}" = Windows Live Writer Resources
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A2793D-EFF2-4069-95BF-A28192E39DEB}" = Windows Live Writer
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA76E65F-6679-495A-A8A6-42AD6602ED4C}" = EasyFileShare
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFD0E594-823B-4E2B-B680-720B3C852588}" = BatteryLifeExtender
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"FileConverter_1.3 Toolbar" = FileConverter 1.3 Toolbar
"Game Console - WildGames" = WildTangent ORB Game Console
"Google Chrome" = Google Chrome
"incredibar" = Incredibar Toolbar  on IE and Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3010
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3010
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3010
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"ProInst" = Intel PROSet Wireless
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"Steam App 206480" = Dungeons & Dragons Online®
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
"Yahoo! Companion" = Yahoo! Toolbar
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1739335617-45622530-1743251556-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/11/2012 12:14:35 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 179c    Startzeit:
 01cda7bbe9a8388f    Endzeit: 74    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
   
 
Error - 10/11/2012 12:49:41 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1f6c    Startzeit:
 01cda7cbabb9c8f2    Endzeit: 70    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 9e69e33d-13c3-11e2-a315-e811329f75bb  
 
Error - 10/12/2012 5:46:11 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/12/2012 6:49:21 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/12/2012 10:15:09 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/12/2012 11:14:44 AM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1ab4    Startzeit:
 01cda888bce28328    Endzeit: 20    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
   
 
Error - 10/12/2012 12:14:18 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1330    Startzeit:
 01cda88e2914666f    Endzeit: 38    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 de2a61c1-1487-11e2-a403-e811329f75bb  
 
Error - 10/12/2012 12:33:23 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1788    Startzeit:
 01cda894a232d09d    Endzeit: 26    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 8871631b-148a-11e2-a403-e811329f75bb  
 
Error - 10/13/2012 7:51:16 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/13/2012 8:28:37 AM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.300.12 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1144    Startzeit:
 01cda93966cabaaa    Endzeit: 24    Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe

Berichts-ID:
 812f3fd9-1531-11e2-ba06-e811329f75bb  
 
Error - 10/13/2012 8:56:19 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 8/2/2012 8:37:14 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 8/2/2012 8:37:19 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 8/2/2012 8:37:24 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 8/2/2012 8:37:29 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 8/2/2012 8:37:35 AM | Computer Name = User-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
 
Error - 8/2/2012 11:20:23 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 8/3/2012 8:31:35 AM | Computer Name = User-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 8/8/2012 10:03:23 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 8/8/2012 12:11:02 PM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 8/10/2012 9:10:03 AM | Computer Name = User-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---



Alt 06.11.2012, 09:34   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.11.2012, 16:53   #14
mauft503
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



So, hier ist der Inhalt der Textdatei, die sich nach dem Ende des Suchdurchlaufes geöffnet hat:

Code:
ATTFilter
 # AdwCleaner v2.007 - Datei am 08/11/2012 um 14:16:46 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Web Assistant Updater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\FileConverter_1.3
Ordner Gefunden : C:\Program Files (x86)\incredibar.com
Ordner Gefunden : C:\Program Files\Web Assistant
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gefunden : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ordner Gefunden : C:\windows\SysWOW64\WNLT

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\FileConverter_1.3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\incredibar.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\I
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3241949
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\FileConverter_1.3
Schlüssel Gefunden : HKLM\Software\incredibar.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48738510-AE30-4676-84F2-9D02F266DC4D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC7E5307-BF7E-44FE-914B-95ED8F217AAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FileConverter_1.3 Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Web Assistant
Schlüssel Gefunden : HKU\S-1-5-21-1739335617-45622530-1743251556-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v8.0.1 (de)

-\\ Google Chrome v [Version kann nicht ermittelt werden]

*************************

AdwCleaner[R1].txt - [15766 octets] - [08/11/2012 14:16:46]

########## EOF - C:\AdwCleaner[R1].txt - [15827 octets] ##########
         

Alt 13.11.2012, 21:00   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Standard

GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren
7-zip, antivirus, avira, bho, bingbar, desktop, diner dash, document, error, firefox, flash player, google, gvu trojaner, helper, home, iexplore.exe, incredibar toolbar, install.exe, logfile, malwarebytes, montiera, nvidia update, nvpciflt.sys, object, officejet, pirates, problem, programm, realtek, rules.ref, scan, security, senden, software, starten, teamspeak, trojaner, trojaner board, trojaner-board, windows, wscript.exe



Ähnliche Themen: GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren


  1. Avira und Spybot lassen sich nicht aktualisieren, Windows-Update geht nicht.
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (27)
  2. Windows7 taskmgr lässt sich nicht starten, Avira Echtzeitscanner lässt sich nicht aktivieren, USB wird nicht angenommen, ohne Meldung,
    Log-Analyse und Auswertung - 01.06.2015 (15)
  3. Windows 8: Bluescreen, Antivirenprogramm lässt sich nicht aktualisieren, verschiedene PUP-Funde
    Log-Analyse und Auswertung - 26.05.2015 (21)
  4. Malwarebytes lässt sich nicht mehr starten - hohe CPU-Auslastung durch Dienste
    Log-Analyse und Auswertung - 28.01.2015 (8)
  5. Malwarebytes lässt sich nicht starten
    Log-Analyse und Auswertung - 04.09.2014 (5)
  6. AdWare (via Traffic Junky) lässt sich trotz Malwarebytes und AdwCleaner nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.08.2014 (13)
  7. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  8. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, Malwarebytes funktioniert nicht
    Log-Analyse und Auswertung - 21.06.2014 (9)
  9. Webssearches lässt sich nicht entfernen - AdwCleaner und Malwarebytes Anti-Malware stürzen ab (Windows 8.1)
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (11)
  10. Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!
    Log-Analyse und Auswertung - 17.05.2014 (12)
  11. Grafikkarte lässt sich nicht aktualisieren
    Alles rund um Windows - 11.02.2014 (0)
  12. Malwarebytes' Anti-Malware : Es lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (1)
  13. Malwarebytes Anti-Malware lässt sich nicht updaten
    Antiviren-, Firewall- und andere Schutzprogramme - 12.11.2011 (2)
  14. Malwarebytes lässt sich nicht öffnen, Fenster minimieren sich nicht auf die Taskleiste...
    Log-Analyse und Auswertung - 14.07.2011 (17)
  15. Probleme mit Google (Weiterleitung), diversen Webseiten und Malwarebytes lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (12)
  16. Trojaner Board - erste Schritte - Malwarebytes lässt sich nicht installieren
    Plagegeister aller Art und deren Bekämpfung - 30.01.2010 (31)
  17. ~DF7690.TMP lässt sich nicht löschen, malwarebytes findet adware.NetPumper
    Plagegeister aller Art und deren Bekämpfung - 06.02.2009 (0)

Zum Thema GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren - Hallo an das Trojaner-Board, erstmal vielen Dank, dass es diese Hilfeseite gibt. Nun zu unserem Problem: Auf dem Laptop unseres Sohnes tauchte der GVU Trojaner, wie im Trojaner Board bereits - GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren...
Archiv
Du betrachtest: GVU Trojaner - Malwarebytes lässt sich nicht aktualisieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.