| Slava105 | 05.11.2012 19:27 |
OTL: Code:
OTL logfile created on: 05.11.2012 18:51:11 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slava\Desktop\Security
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,93 Gb Total Physical Memory | 5,38 Gb Available Physical Memory | 67,88% Memory free
15,85 Gb Paging File | 12,71 Gb Available in Paging File | 80,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 31,60 Gb Free Space | 26,52% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 71,61 Mb Free Space | 71,61% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 187,74 Gb Free Space | 40,31% Space Free | Partition Type: NTFS
Computer Name: SLAVA-LAPTOP | User Name: Slava | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Slava\Desktop\Security\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (lxec_device) -- C:\Windows\SysNative\lxeccoms.exe ( )
SRV:64bit: - (lxecCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (ABBYY.Licensing.FineReader.Professional.11.0) -- C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (BITCOMET_HELPER_SERVICE) -- C:\Programme\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV - (PSI_SVC_2_x64) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc)
SRV - (lxecCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe ()
SRV - (lxec_device) -- C:\Windows\SysWOW64\lxeccoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (vidsflt53) -- C:\Windows\SysNative\drivers\vsflt53.sys (Acronis)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD12) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (Cyberlink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.searchonme.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://search.searchonme.com/?l=1&q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.searchonme.com/
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 14 87 BF C0 8A CC 01 [binary data]
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\..\SearchScopes\{9E6DB2CB-496F-4EB9-9EAB-3804730EEF11}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://search.searchonme.com/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "SearchOnMe"
FF - prefs.js..browser.search.defaultenginename,S: S", "SearchOnMe"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.searchonme.com/?l=1&q="
FF - prefs.js..browser.search.order.1: "SearchOnMe"
FF - prefs.js..browser.search.order.1,S: S", "SearchOnMe"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", "SearchOnMe"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: firefox-extension@shareaholic.com:3.0.1
FF - prefs.js..extensions.enabledAddons: tabscope@xuldev.org:1.1.7
FF - prefs.js..extensions.enabledAddons: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: wotstats@mywot.com:2.11.7
FF - prefs.js..extensions.enabledAddons: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledAddons: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledAddons: {76C80A11-FAD4-406c-8246-F5ED4F9367B5}:0.1.7
FF - prefs.js..extensions.enabledAddons: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledAddons: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68
FF - prefs.js..extensions.enabledAddons: {bb6bc1bb-f824-4702-90cd-35e2fb24f25d}:1.5.1.1
FF - prefs.js..extensions.enabledAddons: smarterwiki@wikiatic.com:5.0.2
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledAddons: stealthyextension@gmail.com:2.4
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.11
FF - prefs.js..keyword.URL: "hxxp://search.searchonme.com/?l=1&q="
FF - prefs.js..network.proxy.http: "proxyuk1.stealthy.co"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Slava\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Slava\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru [2012.06.09 09:41:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\linkfilter@kaspersky.ru [2012.06.09 09:41:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\KavAntiBanner@Kaspersky.ru [2012.06.09 09:41:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.10.10 15:58:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 22:20:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.27 22:20:24 | 000,000,000 | ---D | M]
[2011.10.14 23:32:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\Extensions
[2012.11.01 14:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions
[2012.10.09 18:50:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.05.22 18:25:32 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012.11.01 14:39:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.01 18:56:45 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012.10.20 16:36:53 | 000,000,000 | ---D | M] (Download and Sa) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\5082c6626cb82@5082c6626cbbd.com
[2012.09.15 21:47:23 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\ich@maltegoetz.de
[2012.01.16 02:23:31 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Slava\AppData\Roaming\mozilla\Firefox\Profiles\bz8joakp.default\extensions\wotstats@mywot.com
[2012.10.18 11:30:34 | 000,005,413 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\507fdc0921b2e@507fdc0921b67.com.xpi
[2011.10.15 01:27:23 | 000,161,864 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\firefox-extension@shareaholic.com.xpi
[2012.09.08 18:54:12 | 000,371,729 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\smarterwiki@wikiatic.com.xpi
[2012.10.27 20:47:18 | 000,183,174 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\stealthyextension@gmail.com.xpi
[2012.07.27 11:01:09 | 000,057,698 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\tabscope@xuldev.org.xpi
[2011.10.15 01:27:24 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\tineye@ideeinc.com.xpi
[2011.10.15 01:27:24 | 000,079,135 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2012.08.12 01:02:20 | 000,379,698 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{1BFCBDFC-41DB-11E1-9FC4-D3C94824019B}.xpi
[2011.10.15 01:27:24 | 000,164,858 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
[2012.06.22 15:13:04 | 000,009,664 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi
[2011.10.15 01:27:24 | 000,022,573 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi
[2012.08.13 21:38:30 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.01.22 22:54:36 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.09.13 18:10:49 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.10.20 16:34:58 | 000,000,543 | ---- | M] () -- C:\Users\Slava\AppData\Roaming\mozilla\firefox\profiles\bz8joakp.default\searchplugins\SearchOnMe.xml
[2012.10.27 22:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.27 22:20:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.27 22:20:23 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2012.10.27 22:20:23 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012.10.27 22:20:25 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.15 13:20:18 | 001,034,544 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2012.06.23 08:38:10 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.29 13:11:06 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.23 08:38:10 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.23 08:38:10 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.23 08:38:10 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.23 08:38:10 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://search.searchonme.com/
CHR - Extension: No name found = C:\Users\Slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.486_0\
CHR - Extension: No name found = C:\Users\Slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.486_0\
CHR - Extension: No name found = C:\Users\Slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphjeokkkbngjpiofnfpnafjeofjomfb\2.11.7_0\
O1 HOSTS File: ([2012.10.10 21:52:56 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-526365458-2449696219-1328568343-1001\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avp] C:\Program Files (x86)\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-526365458-2449696219-1328568343-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-526365458-2449696219-1328568343-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\ie_banner_deny.htm ()
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0530377B-4FF1-48E5-AF07-6FF7DC8F38D8}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0cb2f596-142d-11e1-88cf-74f06da847bd}\Shell - "" = AutoRun
O33 - MountPoints2\{0cb2f596-142d-11e1-88cf-74f06da847bd}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{e3f74625-f6bd-11e0-933f-74f06da847bd}\Shell - "" = AutoRun
O33 - MountPoints2\{e3f74625-f6bd-11e0-933f-74f06da847bd}\Shell\AutoRun\command - "" = G:\setup_alan_wake_american_nightmare_1.0.0.13.exe
O33 - MountPoints2\{f33c3d28-0178-11e1-8ccd-74f06da847bd}\Shell - "" = AutoRun
O33 - MountPoints2\{f33c3d28-0178-11e1-8ccd-74f06da847bd}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.05 09:17:44 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{69693132-8228-453A-9A19-CEFA0315BEA4}
[2012.11.04 15:13:37 | 000,396,584 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2012.11.04 15:13:37 | 000,316,464 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2012.11.04 15:13:37 | 000,264,488 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2012.11.04 15:13:37 | 000,214,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2012.11.04 15:13:37 | 000,210,216 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2012.11.04 15:13:37 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2012.11.04 15:13:37 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2012.11.04 15:13:37 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2012.11.04 15:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.11.04 15:01:46 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2012.11.04 12:48:42 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{D701BA94-3F61-4279-9E89-A643AA21DA19}
[2012.11.03 19:12:16 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{A1CFDB3B-5EFC-4417-BF18-23FF0E674FE8}
[2012.11.03 01:10:29 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{56A56AE9-9D6D-4DA7-B22B-919869564790}
[2012.11.02 15:37:50 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Roaming\Seagate
[2012.11.02 14:31:35 | 000,971,360 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012.11.02 14:31:28 | 000,210,016 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys
[2012.11.02 14:31:27 | 000,141,920 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vsflt53.sys
[2012.11.02 14:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hulumuluch
[2012.11.02 13:09:43 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{4239B70F-040B-41E1-A077-4D9C7BBCAEF5}
[2012.11.01 21:08:27 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{EEA00A7C-7D56-4239-A88A-F91B4BA19265}
[2012.11.01 18:38:32 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\PunkBuster
[2012.11.01 18:38:26 | 000,000,000 | ---D | C] -- C:\Users\Slava\Documents\MOHW_DayOnePatch_PC
[2012.11.01 18:20:04 | 000,000,000 | ---D | C] -- C:\Users\Slava\Documents\Criterion Games
[2012.11.01 09:05:51 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{AA61DA1B-AFF6-4234-9D72-27835994D8DD}
[2012.10.31 08:42:58 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{289B6CA2-6C1D-4E64-A4B6-2475CDEC9FC5}
[2012.10.30 11:29:21 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{6E23C38C-3953-4462-8FE6-CE8FE7D7D19B}
[2012.10.29 14:06:43 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{5C428D0E-7981-41BA-98E9-EEC3724C4AC6}
[2012.10.27 22:20:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.27 20:47:33 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{F029A3A8-0415-4E35-AF41-508C55365B40}
[2012.10.22 07:03:32 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{40D4189F-3006-49FA-B60F-18918022939E}
[2012.10.21 22:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dishonored
[2012.10.21 15:59:47 | 000,000,000 | ---D | C] -- C:\Users\Slava\Documents\Lucius
[2012.10.21 15:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.10.21 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{94A66C92-90D5-4A34-9572-CA4D353913D9}
[2012.10.20 16:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SProtector
[2012.10.20 16:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Download and Sa
[2012.10.20 16:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012.10.20 15:58:21 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{610FB8CC-3F9C-4152-BCB3-00B7A834A627}
[2012.10.19 13:45:35 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\MediaShow
[2012.10.19 13:33:09 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{A3037869-4A93-4C3D-B5F1-493D0B0D33AD}
[2012.10.18 22:14:38 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.10.18 21:05:49 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{6A404EF0-802A-4B8A-9EC7-5F14C7CB053D}
[2012.10.18 21:00:18 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.10.18 13:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\thlbrefixwmbmvy
[2012.10.18 10:12:28 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{08CF7B2D-9DE1-4D2B-B72B-B1C49A036798}
[2012.10.17 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{1C04DBC3-2528-4C2E-AB00-3FDC96A524F5}
[2012.10.17 10:10:58 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{77F1743E-7A47-46CF-9110-68D05A8DE7BD}
[2012.10.16 13:05:30 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{5AFBFCA7-77A0-46A8-8143-16D37B72DC4F}
[2012.10.15 13:33:22 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{DC5C5F92-B1AF-4910-8047-2F26BFB17819}
[2012.10.15 07:43:23 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{FCFD6560-0450-4042-8496-7E4E37BE7AFC}
[2012.10.14 19:11:55 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{5D040916-23A5-46B6-A440-E94C9B061993}
[2012.10.13 12:33:26 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{C2CCD009-8780-4F51-A91D-C30C3AE51C98}
[2012.10.12 22:20:21 | 000,000,000 | R--D | C] -- C:\Users\Slava\Desktop\Spiele
[2012.10.12 13:42:55 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{4ADA3074-95D5-4CD1-8350-4206E2F7F03D}
[2012.10.11 16:04:32 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Roaming\Corel
[2012.10.11 16:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis64
[2012.10.11 16:02:38 | 000,000,000 | ---D | C] -- C:\Users\Slava\Documents\Corel
[2012.10.11 16:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012.10.11 16:00:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2012.10.11 16:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2012.10.11 15:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2012.10.11 15:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012.10.11 15:58:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel
[2012.10.11 15:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)
[2012.10.11 15:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012.10.11 15:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2012.10.11 12:46:43 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{BF1794A5-6A92-402F-935C-E86A8D0B8C46}
[2012.10.10 18:03:15 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{D1023244-A572-401B-B951-920921E58C7F}
[2012.10.10 17:53:05 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Roaming\ABBYY
[2012.10.10 17:18:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 11
[2012.10.10 17:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 11
[2012.10.10 17:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2012.10.10 15:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012.10.10 15:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2012.10.10 15:51:41 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\FLT
[2012.10.10 12:12:32 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.10 12:12:29 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.10 12:12:28 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.10 12:12:27 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.10 12:12:17 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.10 12:12:16 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.10 12:12:07 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.10 12:12:07 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.10 12:12:07 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.10 12:12:07 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.10 12:12:06 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.10 12:12:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.10 12:12:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.10 12:12:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.10 12:12:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.10 12:12:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.10 12:12:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.10 12:12:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 12:12:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 12:12:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 12:12:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.10 12:12:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 12:12:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 12:12:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 12:12:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 12:12:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 12:12:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 12:12:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 12:12:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 12:12:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 12:12:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 12:12:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 12:12:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.10 06:02:53 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{D3CB2BD7-33D4-4085-B834-C5450DF80915}
[2012.10.09 17:32:16 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\Razer
[2012.10.09 17:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2012.10.09 17:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2012.10.09 13:03:07 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{23EE2857-F1E6-499F-9FEF-F8719ECADB00}
[2012.10.08 14:04:40 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{1DED12CE-1DD9-4D67-B743-0F1779923987}
[2012.10.07 14:52:34 | 000,000,000 | ---D | C] -- C:\Users\Slava\AppData\Local\{FA60350D-3347-4F7C-BB47-0E3BCB8C7CE4}
[1 C:\Users\Slava\Desktop\*.tmp files -> C:\Users\Slava\Desktop\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.05 18:42:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-526365458-2449696219-1328568343-1001UA.job
[2012.11.05 18:42:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-526365458-2449696219-1328568343-1001Core.job
[2012.11.05 18:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.05 18:11:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.05 09:21:23 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.05 09:21:23 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.05 09:21:23 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.05 09:21:23 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.05 09:21:23 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.05 09:20:59 | 000,023,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 09:20:59 | 000,023,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.05 09:15:59 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.11.05 09:15:19 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012.11.05 09:15:11 | 2088,144,895 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.03 19:03:31 | 000,000,058 | ---- | M] () -- C:\Users\Slava\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012.11.02 14:31:35 | 000,971,360 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012.11.02 14:31:28 | 000,210,016 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys
[2012.11.02 14:31:27 | 000,141,920 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vsflt53.sys
[2012.11.02 14:27:32 | 000,000,001 | ---- | M] () -- C:\Users\Slava\AppData\Local\llftool.4.25.agreement
[2012.10.22 06:59:39 | 000,494,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.18 13:17:00 | 000,076,361 | ---- | M] () -- C:\ProgramData\wrhikbxvpflmpwg
[2012.10.13 00:33:42 | 001,591,306 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.10 06:28:24 | 000,005,629 | ---- | M] () -- C:\Users\Slava\Desktop\Lebenslauf.odt
[2012.10.09 17:06:48 | 000,224,244 | ---- | M] () -- C:\Users\Slava\Desktop\Synästhesie.pdf
[2012.10.09 16:22:43 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 16:22:42 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\Slava\Desktop\*.tmp files -> C:\Users\Slava\Desktop\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.02 14:27:32 | 000,000,001 | ---- | C] () -- C:\Users\Slava\AppData\Local\llftool.4.25.agreement
[2012.10.22 06:59:33 | 000,494,664 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.18 13:16:41 | 000,076,361 | ---- | C] () -- C:\ProgramData\wrhikbxvpflmpwg
[2012.10.10 15:52:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012.10.10 15:52:35 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012.10.10 06:28:24 | 000,005,629 | ---- | C] () -- C:\Users\Slava\Desktop\Lebenslauf.odt
[2012.10.09 17:29:48 | 001,591,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.09 17:06:47 | 000,224,244 | ---- | C] () -- C:\Users\Slava\Desktop\Synästhesie.pdf
[2012.07.21 20:07:33 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.07.21 20:07:33 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.06.02 19:18:55 | 000,017,408 | ---- | C] () -- C:\Users\Slava\AppData\Local\WebpageIcons.db
[2012.05.20 18:38:21 | 000,000,890 | ---- | C] () -- C:\Users\Slava\AppData\Local\recently-used.xbel
[2012.05.09 13:15:50 | 000,001,536 | ---- | C] () -- C:\Users\Slava\Spiele.lnk
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.16 16:03:31 | 000,000,663 | ---- | C] () -- C:\Users\Slava\Downloads.lnk
[2012.03.09 13:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.12 22:49:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012.01.12 22:49:23 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012.01.12 22:49:22 | 004,078,592 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012.01.12 22:49:22 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.01.12 22:49:22 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.01.12 22:49:22 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.01.12 04:39:22 | 002,392,064 | ---- | C] () -- C:\Windows\SysWow64\videotrans.dll
[2012.01.12 04:39:22 | 000,215,040 | ---- | C] () -- C:\Windows\SysWow64\videoformat.dll
[2012.01.12 04:39:22 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\imgscaler.dll
[2012.01.12 04:39:22 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\img_utils.dll
[2012.01.12 04:39:22 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\videocore.dll
[2012.01.12 04:39:20 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2012.01.12 04:32:35 | 000,004,608 | ---- | C] () -- C:\Users\Slava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.21 00:01:09 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.11.15 11:40:40 | 000,000,058 | ---- | C] () -- C:\Users\Slava\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.10.18 22:24:39 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll
[2011.10.15 20:17:17 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011.10.15 20:17:17 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll
[2011.10.15 20:17:16 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011.10.15 20:17:16 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011.10.15 20:17:16 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011.10.15 20:17:16 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011.10.15 20:17:16 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011.10.15 20:17:16 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011.10.15 20:17:15 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011.10.15 20:17:15 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011.10.15 20:17:15 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011.10.15 20:17:15 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011.10.15 20:17:15 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011.10.15 20:17:15 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011.10.15 20:17:14 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011.10.15 20:17:14 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011.10.15 20:17:14 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011.10.15 20:17:14 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011.10.15 20:17:14 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[2011.10.15 20:17:13 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011.10.15 20:17:13 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011.10.15 20:16:22 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011.10.15 20:16:22 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011.10.15 19:35:00 | 000,000,271 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.10.15 13:32:38 | 000,001,517 | ---- | C] () -- C:\Users\Slava\Progs.lnk
[2011.10.15 13:32:38 | 000,001,517 | ---- | C] () -- C:\Users\Slava\Dokumente.lnk
[2011.10.15 13:32:38 | 000,001,494 | ---- | C] () -- C:\Users\Slava\Serien.lnk
[2011.10.15 13:32:38 | 000,001,494 | ---- | C] () -- C:\Users\Slava\Bilder.lnk
[2011.10.15 13:32:38 | 000,001,485 | ---- | C] () -- C:\Users\Slava\Musik.lnk
[2011.10.15 13:32:38 | 000,001,485 | ---- | C] () -- C:\Users\Slava\Filme.lnk
[2011.10.15 13:32:38 | 000,000,733 | ---- | C] () -- C:\Users\Slava\Installierte Spiele.lnk
[2011.10.15 13:18:48 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.10.15 00:40:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.14 23:38:26 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.12.29 08:37:16 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\AtomZombieData
[2012.04.23 09:41:18 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Bioshock
[2012.09.14 22:38:22 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\BitComet
[2011.12.25 23:34:59 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Broken Rules
[2011.10.18 23:31:47 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Cool Record Edit Pro
[2012.11.02 14:05:41 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\DAEMON Tools Lite
[2011.11.15 11:40:40 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\DonationCoder
[2012.10.13 20:11:58 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\DVDVideoSoft
[2012.06.24 22:27:24 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\fltk.org
[2011.10.18 23:29:06 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Free Sound Recorder
[2012.09.04 21:43:43 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\MP3SkypeRecorder
[2011.10.31 16:25:25 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Notepad++
[2012.11.02 15:37:50 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Seagate
[2012.01.13 22:26:03 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Software4u
[2012.10.01 19:01:58 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Spotify
[2012.01.30 22:10:01 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\TeamViewer
[2011.10.18 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Ubisoft
[2011.10.25 22:08:52 | 000,000,000 | ---D | M] -- C:\Users\Slava\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
Extras: Code:
OTL Extras logfile created on: 05.11.2012 18:51:11 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Slava\Desktop\Security
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,93 Gb Total Physical Memory | 5,38 Gb Available Physical Memory | 67,88% Memory free
15,85 Gb Paging File | 12,71 Gb Available in Paging File | 80,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 31,60 Gb Free Space | 26,52% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 71,61 Mb Free Space | 71,61% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 187,74 Gb Free Space | 40,31% Space Free | Partition Type: NTFS
Computer Name: SLAVA-LAPTOP | User Name: Slava | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E0D1621-0872-424B-A0B6-1F79865DBF5C}" = rport=138 | protocol=17 | dir=out | app=system |
"{1F01DB23-29BA-499C-AD14-CE46481C42D7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{29897A44-0047-4EF8-B534-FAA34BBBF793}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2AEE4C41-CF1C-404B-8D17-0ADF92370EB8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C0BF9E6-DE1E-4BAC-98AE-7911EF2AA0EA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{330AC187-F55D-446A-AF1B-F6A30BD64ABB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{346ABB31-7179-457C-B914-E3176CCCE71E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{38BD6F69-BCA8-47E4-A26A-13C7FFDCB63A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4F172E83-7D4F-4ECA-8E07-F0D371144A1B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{699FBD15-6BB5-49C8-ACBE-7BA58FC13183}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{865583BE-2FC4-4C81-974B-BBDBFA497BDE}" = lport=139 | protocol=6 | dir=in | app=system |
"{8742ABDC-F810-421E-9512-FA5AD6EFF735}" = lport=445 | protocol=6 | dir=in | app=system |
"{9A1B3F59-2E33-4824-9DC3-8EC0362E968A}" = rport=137 | protocol=17 | dir=out | app=system |
"{A7E34A3E-5D12-406C-8DA2-850E8C56CE63}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{A9310477-8601-49CF-8FFF-5BC0E7810399}" = lport=137 | protocol=17 | dir=in | app=system |
"{B1A1F7E6-11B9-4895-9A69-DA0A53EDB715}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7AF1D85-5C9A-48DB-9946-7B824F54C2DA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D7AA2F5A-0A57-4E1B-907A-C748C5631585}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D973952A-9540-4939-9494-EF06DDE00DAE}" = rport=139 | protocol=6 | dir=out | app=system |
"{E46C3EB8-D172-46D4-AD32-59628F91A5A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E559BDEB-3286-4FCE-87D0-9C25754677E5}" = rport=2869 | protocol=6 | dir=out | app=system |
"{EFC1A4B2-7D36-4833-B8EC-C08B90489C4B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F1A0EEB3-7736-4B9E-964D-AA645896E5B7}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01682F86-6D8D-4B5E-A2E8-FBE29F6DC7A8}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{0F1795D4-11C2-414B-A752-E3A4F41A942F}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{1063360D-CAFD-43A4-B743-4CAEB96D5B8F}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steam.exe |
"{10ED9AAB-1014-4352-A1EB-E5C0D755BD7C}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\emmerichj\counter-strike source\hl2.exe |
"{13AD0628-EAF7-4BF0-B022-EB1FE0C945E5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{19150F2B-FA7B-48CB-98D5-4BF305DC5428}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\the binding of isaac\isaac.exe |
"{195562A7-8E68-4760-986A-9265EEE1C0D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A26B498-9E93-45F8-A515-C09B4613141B}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{208EE4C9-57E2-4F4B-A767-7B6C150516F4}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\the binding of isaac\isaac.exe |
"{2716B2FB-B312-42F1-A368-6BFA4453950C}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{2DBBA83C-0FE6-4EF6-BA3F-361727A83BBA}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{2EABB7D6-9B59-417A-8163-7486F8E49CC7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{326F11A8-54F5-4EC3-B8C1-F272C8E2DD4C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{340CE527-CEEB-43BD-B076-29803A091938}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{35AF5AD1-9803-4671-BF0E-932D58F1772F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{38A95E7E-5C9D-465B-A3BB-34945574EEF4}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{3AE7A916-E5FB-4035-93DE-D5CB7B51D3D7}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{3CC202A2-0ED4-4E34-97ED-7E44922D8B98}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{44354928-A70A-4A3F-ACC9-792F64080EB0}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\bit.trip runner\runner.exe |
"{51C4840F-4617-426F-8BE6-166EFBBDCC2C}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\emmerichj\counter-strike source\hl2.exe |
"{52A06523-17FE-4820-8608-00F03808EDB3}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{563C6D51-10AF-49D6-863D-DC42CAEEB4F7}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{57179715-B479-4F2F-BCC3-08F15C184AE9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{593F8DE2-1A39-46D2-9236-82AC439D61F2}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{5ABBA52C-365D-4DAC-84F1-FD5B4F1FD5B9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{5C9FA0FF-2CCE-4278-A46A-AE147EB26DD3}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5D130CD9-69C3-42D3-B45B-7AB5184EB4D8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{615CA665-C539-47A8-A488-CB8A3A5583BC}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{67394AA6-930C-41CC-9804-F057B5A9E2BF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{68C7BCB6-97A7-4E99-AC78-A7D5F696DA52}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{692C8CA2-580E-477C-9590-30822477BECB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6BB81BD0-7933-4381-B148-531DD2B507BD}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steam.exe |
"{6D293376-E892-4FC6-B0BC-3AC5855524F8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6D83B6C3-5CC5-4A3A-AA7B-8709EBDC37FC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{714E2844-99E4-4CFF-8152-C3002B372ADD}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\trine\trine_launcher.exe |
"{719025D1-A217-4A99-BE5A-795531387B4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72875258-29B4-4EAA-BC9B-40C8513E3FF2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79499C5E-9A6B-4C81-B552-720E8DA2913F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{7C081F45-0CAD-42D2-8C17-51A6EED21C0F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7E354360-4C7F-41EC-AB40-BAC662CED8C3}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{7E6FC3E1-AE16-496B-9117-DE47D89D499E}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\bit.trip runner\runner.exe |
"{7F14AE24-92FF-4400-8213-864B6986F038}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{806F3B62-0A35-4372-A553-95FC53E408C7}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{810609C2-3C03-4D98-A845-AE0772FB0503}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{837E517A-CEBC-4C58-84C5-F5FD465CFF42}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85F6C4D7-79D0-42F2-910C-1D85D5DD23A6}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8A027BCF-19C4-4A1C-B3E3-B9D9EBD6D8F3}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{9137F65F-43C8-4EC5-B567-CE6F916E1310}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{91454857-3030-449E-95C8-F566B1FBB83D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{919EEC4F-E4AE-4963-8D84-5E198A1F2F9D}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{922EF165-1DB2-48A3-AFCD-8287154A4C9B}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{930D0B22-7A19-4AA0-A0E6-12AAE5A072AB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{993FB316-1ED4-444C-B2D4-7F0A229A01EC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9DAE3FD5-8842-42CF-804B-66683EF417B6}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{A237AFB6-C791-4018-B416-4C371C03CA56}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{AD5197C9-D6A5-4E78-B08D-77F50E7384B4}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{AFF4CAEE-235E-4AAE-8B2C-BCE923D9628B}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\just cause 2\justcause2.exe |
"{B086C292-7155-40C2-96D0-C27AF819AF14}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{B1A64E65-D26C-4E03-9774-03EA8C4EAD09}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\just cause 2\justcause2.exe |
"{B7C5FA91-A4A6-4EB2-BEDD-A9A7D1FEFB89}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{BA2255FF-DD49-4E81-ADED-BCEDDEF5EF7E}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{BD175B1E-0AFF-44FF-92D9-D68BD2EF2EB8}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\emmerichj\the ship\ship.exe |
"{C1E30509-D65D-48BF-B793-47D62770EE14}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{C35F9718-ECEE-444C-A422-16DDECEB6A3C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C62DBD14-6067-4268-8EDA-0A15FA114E86}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C75A6815-BCBD-46FA-ACFC-9F973CAFB360}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\emmerichj\the ship\ship.exe |
"{C818572F-BED8-4389-82D6-516F75D012A5}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{C9ACEBE1-7C7C-457D-B71A-A64854C49D76}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C9F8E0BE-E42D-4E2E-9E5D-1B7F81237028}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{CF861C7C-3C50-4A75-9285-E1ED8B14847D}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{D3D2E828-521B-4B18-B976-FC2F4750A6E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D7263E55-B44B-4C87-955A-65C6DB849F6B}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\trine\trine_launcher.exe |
"{DF371607-AAD2-40BA-A000-11C45865062B}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{E9E91FAB-8AA9-4970-8DB5-CA0361B34669}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{EAC86018-9E30-4095-B368-DC1DEE92949B}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{EBBF0462-BCE2-4EA7-9FEB-C040726DF576}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{EF2FE695-C7D4-446F-8388-B87232CAF940}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F0576261-7FAF-4F55-B949-CA2B5C59C601}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{F2C7645B-A22D-4ADE-8BD6-E98A91FD4252}" = protocol=17 | dir=in | app=f:\installierte spiele\steam\steamapps\common\gotham city impostors f2p\impostors.exe |
"{F866EC00-05F8-4BD1-A8EF-86962874A6FC}" = protocol=6 | dir=in | app=f:\installierte spiele\steam\steamapps\common\trine 2\trine2_launcher.exe |
"TCP Query User{0761B8D5-FCD2-4E21-BAF4-99FAACA335C1}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"TCP Query User{29EC51A4-EFE8-433A-AB88-F48314A22250}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{AF2A78F7-3C95-449B-81DD-5C61624E6E32}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{C30421CC-8140-4C0F-93FD-81D06826F314}F:\installierte spiele\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=f:\installierte spiele\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{44CB89A5-6444-459C-8E60-B3F88632BA9E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{8686ADF6-152A-42DB-ADA3-496C751AB918}F:\installierte spiele\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=f:\installierte spiele\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{9D05C5B4-1377-4BE6-ABF8-C6E00E84E6C7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{9E4DE583-5F74-460D-8432-BAAEBCB4054C}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{389D85F6-D005-095E-3C49-3675754B41F8}" = AMD Drag and Drop Transcoding
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90F60407-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) German
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{AC2AAFF8-6719-A420-AB9F-7E5F5E6CA46A}" = AMD Catalyst Install Manager
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{CDFFDDCC-B74E-4AEE-A97F-12E31BAFF3FF}" = CorelDRAW Graphics Suite X6 - DE (x64)
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{F4F0546E-E0F2-5D87-A502-B0B2FBFDD7CD}" = AMD Accelerated Video Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF0E1F56-A1FE-56EC-C33D-578F3E5C5C15}" = ccc-utility64
"{FFA1864E-ADC4-66F6-CC60-877E06EE47E3}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"ffdshow64_is1" = ffdshow x64 v1.1.4257 [2012-01-15]
"GIMP-2_is1" = GIMP 2.6.12
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{12F4B10F-2B95-0D9B-ED71-296DA3C20F09}" = CCC Help Czech
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A0582C-03C1-BB0A-EC77-22BC17A4A601}" = Catalyst Control Center Graphics Previews Common
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{29157928-F504-238C-47C7-5389C0F3D6BF}" = CCC Help Swedish
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2B512D86-0BEE-1F51-FDB7-D414C0D6A40E}" = CCC Help Portuguese
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A5D79AA-13D7-74FD-1850-E356528DE1A0}" = CCC Help Japanese
"{4082C4D2-9299-AECE-0116-B894D3898F2F}" = Catalyst Control Center
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Security Suite CBE 12
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{63738E95-2626-0C13-B682-DCA526B3B3B8}" = CCC Help French
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{648B59AA-B9BF-CBB9-3123-DCEDF669534B}" = CCC Help Turkish
"{663E92C0-0141-0307-6F04-4465EE0002B2}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6879F7F5-E63B-3DCC-DF23-30C4703547D6}" = CCC Help Finnish
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6EB88C92-7828-A799-7A87-AEAA798055FA}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CFC3EF7-41DB-10A6-C7FC-92AD2778043F}" = CCC Help Chinese Traditional
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90287FB1-220B-C54D-9374-070F6BCEFF7C}" = CCC Help Norwegian
"{907F9C22-CD5B-2864-2FBB-6B1DFCEE0787}" = CCC Help Russian
"{92858613-6C37-1DBB-1DF6-2D2832FD5F2D}" = Catalyst Control Center Localization All
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{942641F2-705E-3E66-5D39-BC3AFB476B3A}" = CCC Help Chinese Standard
"{95B90127-0B66-CE91-BFB7-CBA49AC39C0E}" = CCC Help Korean
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF01926-E64F-EBCB-CAB8-F8C005BE0A8B}" = CCC Help Polish
"{A1974D99-9FF0-9075-CBF4-F579D0717E84}" = CCC Help Thai
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AE683B25-6D74-AE98-F9A9-E07FB9EF5B62}" = CCC Help English
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B51C71F3-FA38-627E-1BDD-57831EB4F259}" = CCC Help German
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF45E5AA-4F5D-1188-CAA6-C2DE5ABBB389}" = Catalyst Control Center InstallProxy
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D56B4299-B2B4-4822-ED77-945B0CCF2192}" = CCC Help Greek
"{D6930099-BDDA-A5BA-16E0-291C0A6899C9}" = CCC Help Danish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E09D83E8-40D2-5E4E-2138-77B6022F6049}" = CCC Help Spanish
"{E2F7EB9D-B814-1474-86AB-69BA1872CE1A}" = CCC Help Hungarian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1100000-0011-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0630-0716-3135-7887" = JDownloader 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitComet_x64" = BitComet 1.28 64-bit
"Borderlands 2_is1" = Borderlands 2
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CSS Config .NET 0.6" = CSS Config .NET 0.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dishonored_is1" = Dishonored
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Free Audio CD Burner_is1" = Free Audio CD Burner version 2.0.20.1005
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.3.3.908
"Freez FLV to MP3 Converter v1.5_is1" = Freez FLV to MP3 Converter
"GeoGebra" = GeoGebra
"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Security Suite CBE 12
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.1.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5a
"ScreenshotCaptor_is1" = Screenshot Captor 2.102.01
"SP_d00fc4a8" = SProtector 1.66
"Steam App 218" = Source SDK Base 2007
"Steam App 220" = Half-Life 2
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-bit)
"xp-AntiSpy" = xp-AntiSpy 3.98-2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-526365458-2449696219-1328568343-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.11.2012 11:45:45 | Computer Name = Slava-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006
Error - 01.11.2012 11:45:46 | Computer Name = Slava-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.11.2012 11:45:46 | Computer Name = Slava-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004
Error - 01.11.2012 11:45:46 | Computer Name = Slava-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
Error - 01.11.2012 13:20:41 | Computer Name = Slava-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NFS13.exe, Version: 1.0.0.0, Zeitstempel:
0x506ef77f Name des fehlerhaften Moduls: NFS13.exe, Version: 1.0.0.0, Zeitstempel:
0x506ef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x001787b6 ID des fehlerhaften Prozesses:
0x1d9c Startzeit der fehlerhaften Anwendung: 0x01cdb8551f232742 Pfad der fehlerhaften
Anwendung: F:\Installierte Spiele\NfS Most Wanted\NFS13.exe Pfad des fehlerhaften
Moduls: F:\Installierte Spiele\NfS Most Wanted\NFS13.exe Berichtskennung: 7588bb0f-2448-11e2-a6c1-74f06da847bd
Error - 01.11.2012 13:26:33 | Computer Name = Slava-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NFS13.exe, Version: 1.0.0.0, Zeitstempel:
0x506ef77f Name des fehlerhaften Moduls: NFS13.exe, Version: 1.0.0.0, Zeitstempel:
0x506ef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x001787b6 ID des fehlerhaften Prozesses:
0x6c8 Startzeit der fehlerhaften Anwendung: 0x01cdb855ea0ed56d Pfad der fehlerhaften
Anwendung: F:\Installierte Spiele\NfS Most Wanted\NFS13.exe Pfad des fehlerhaften
Moduls: F:\Installierte Spiele\NfS Most Wanted\NFS13.exe Berichtskennung: 474caa93-2449-11e2-9faa-74f06da847bd
Error - 01.11.2012 13:29:51 | Computer Name = Slava-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PKHDGame-Win32-Shipping.exe, Version:
0.0.0.0, Zeitstempel: 0x508fe948 Name des fehlerhaften Moduls: KERNELBASE.dll, Version:
6.1.7601.17932, Zeitstempel: 0x50327672 Ausnahmecode: 0x00000001 Fehleroffset: 0x0000c41f
ID
des fehlerhaften Prozesses: 0x13c8 Startzeit der fehlerhaften Anwendung: 0x01cdb8567c8f5240
Pfad
der fehlerhaften Anwendung: F:\Downloads\Painkiller Hell & Damnation\Painkiller
Hell & Damnation\Binaries\Win32\PKHDGame-Win32-Shipping.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: bd4febb2-2449-11e2-9faa-74f06da847bd
Error - 01.11.2012 13:37:33 | Computer Name = Slava-Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PKHDGame-Win32-Shipping.exe, Version:
0.0.0.0, Zeitstempel: 0x508fe948 Name des fehlerhaften Moduls: KERNELBASE.dll, Version:
6.1.7601.17932, Zeitstempel: 0x50327672 Ausnahmecode: 0x00000001 Fehleroffset: 0x0000c41f
ID
des fehlerhaften Prozesses: 0x890 Startzeit der fehlerhaften Anwendung: 0x01cdb85790f7b827
Pfad
der fehlerhaften Anwendung: F:\Downloads\Painkiller Hell & Damnation\Painkiller
Hell & Damnation\Binaries\Win32\PKHDGame-Win32-Shipping.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: d12a2cf4-244a-11e2-9faa-74f06da847bd
Error - 03.11.2012 13:19:11 | Computer Name = Slava-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 04.11.2012 09:02:14 | Computer Name = Slava-Laptop | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 04.11.2012 18:20:38 | Computer Name = Slava-Laptop | Source = DCOM | ID = 10016
Description =
Error - 04.11.2012 18:30:38 | Computer Name = Slava-Laptop | Source = DCOM | ID = 10016
Description =
Error - 05.11.2012 04:15:18 | Computer Name = Slava-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.
Error - 05.11.2012 04:15:18 | Computer Name = Slava-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 05.11.2012 04:16:20 | Computer Name = Slava-Laptop | Source = DCOM | ID = 10016
Description =
Error - 05.11.2012 04:23:01 | Computer Name = Slava-Laptop | Source = Service Control Manager | ID = 7034
Description = Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
Error - 05.11.2012 10:03:36 | Computer Name = Slava-Laptop | Source = ipnathlp | ID = 31004
Description =
Error - 05.11.2012 10:03:39 | Computer Name = Slava-Laptop | Source = ipnathlp | ID = 31004
Description =
Error - 05.11.2012 10:35:43 | Computer Name = Slava-Laptop | Source = Service Control Manager | ID = 7034
Description = Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet
beendet. Dies ist bereits 2 Mal passiert.
Error - 05.11.2012 13:11:26 | Computer Name = Slava-Laptop | Source = ipnathlp | ID = 31004
Description =
< End of report >
|
