| |
| |||||||
Log-Analyse und Auswertung: Verschlüsselungs-Trojaner: Report Auswertung etc.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.07.2012, 01:05
| #1 |
| |  Verschlüsselungs-Trojaner: Report Auswertung etc. Hier der Report der Malwarebytes Anti-Malware Analyse: Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.21.12 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Jonas :: JONAS-PC7 [Administrator] 22.07.2012 01:53:20 mbam-log-2012-07-22 (01-53-20).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 197484 Laufzeit: 3 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Und hier die Auswertung der OTL.exe: Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.07.2012 14:20:38 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Jonas\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 76,73% Memory free
15,99 Gb Paging File | 14,33 Gb Available in Paging File | 89,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,00 Gb Total Space | 6,10 Gb Free Space | 12,20% Space Free | Partition Type: NTFS
Drive D: | 182,88 Gb Total Space | 17,69 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive I: | 7,68 Gb Total Space | 5,90 Gb Free Space | 76,74% Space Free | Partition Type: FAT32
Computer Name: JONAS-PC7 | User Name: Jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0778A220-9267-42E3-81A6-BF285D832278}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{07929429-FD1B-4292-94D3-2831614B8171}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{083DE1E0-651F-481C-903B-6A6B7D6D83D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0FB61409-DAB3-40A9-8763-DE0404DCEB08}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12262501-28FC-43E8-9EFA-8CCD9EFFC54F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{198AC764-B1A1-479A-8230-7D307C65D57B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{26F5703C-24BF-4928-8127-4012BB11493E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{342715FA-AD69-4B5A-8179-DEFDD56A76EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34AB3D99-CC85-4C79-B88E-E4375CC36C3F}" = lport=139 | protocol=6 | dir=in | app=system |
"{34FDDD8E-CD5D-40CE-83AF-AA81F4C85C3F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{35770CD4-09E4-4EE5-AD9B-4759A261A9A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C8B9C06-21B2-45FC-8A2C-82F3BF53719E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42AD4DEE-A18D-4258-B35B-591B30130558}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E47E1AD-676B-49B8-8D2C-09E8B06E496C}" = rport=138 | protocol=17 | dir=out | app=system |
"{53168397-910E-40F9-9FEB-AA86477B3206}" = lport=138 | protocol=17 | dir=in | app=system |
"{5457DBE7-1270-41FD-ADBD-219D183ABADF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{602B1386-64F3-464E-8AC4-BA061086F871}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\outlook.exe |
"{61E4E717-F5A6-4DF4-8CB6-BAB8F447A266}" = rport=445 | protocol=6 | dir=out | app=system |
"{6AAD43C4-5630-4D96-91F6-B73445E38E75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A97D647-7D54-4FE2-8EC2-DC40CF65357C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{905EAE81-96F2-4743-B531-4BDA4F361D2F}" = lport=445 | protocol=6 | dir=in | app=system |
"{9060696D-9D77-415D-A3B1-C65DE2CBB162}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{923BEF2F-F122-4D5F-A79D-0CA9B602F57F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{944B691D-626D-472B-8922-EF1FEEF9531E}" = lport=58102 | protocol=6 | dir=in | name=pando media booster |
"{944BA482-E939-4C3F-8199-6F85C5315140}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{A35F73E0-463C-4848-9B3F-53F309AD0940}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A617C1C9-1C77-4B52-9901-A523FECC30C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B08F91A8-7A0A-4F4F-AF69-345AB090AFEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B76429D1-E6C8-4F34-92B6-1670014F55A0}" = lport=58102 | protocol=17 | dir=in | name=pando media booster |
"{D17B5B32-83FE-4661-8B22-A9B01E519AB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2423DA4-F7AD-4E3B-9A31-FBD128C660E4}" = rport=137 | protocol=17 | dir=out | app=system |
"{D6BA7554-3EB0-4588-BBD0-86A7209926ED}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB0985FD-38A3-4D88-A80B-D05133ECBB0C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE39D4E5-D8A9-4FBE-A64C-2E61D99E7AC1}" = lport=58102 | protocol=17 | dir=in | name=pando media booster |
"{E216F405-5AD8-4EFE-8833-9CE22F3FEB01}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5FB77B6-0A16-4223-981D-73A8E3B05A2C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E91E014E-3C29-495D-AE0E-07711647CB62}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{ED7A9A59-56CB-49C0-AAF8-C040A7C10648}" = lport=137 | protocol=17 | dir=in | app=system |
"{F02B0934-F894-424F-B2BA-E23A818320C4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F5B2117F-039A-47CA-8536-D6F53C4855D7}" = lport=58102 | protocol=6 | dir=in | name=pando media booster |
"{FAA150DB-3598-4761-BBE1-02FFA807F65D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE05CAA0-6DB6-4109-AD2D-6F9705008C6A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0204991B-6823-45F9-8FE9-7361093F79D0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{024215B9-3C08-4287-AD89-20CD6ED168AD}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{0452842B-DAC7-47E7-BE30-3ED697D76BD1}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{061AEC4B-DB7B-4569-8CB5-DB05A8F63BDC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{0802D464-BA0A-4A9D-AB5C-314D51CFF102}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0AF3D588-CFB4-4E71-9C0C-B7708D73A4FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{0E060B63-C585-4FA5-82FE-0B9F4AF327CE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0FD3CA1D-86B1-419E-B0ED-9D2C91092F2E}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{12235048-605C-4F97-9EB8-27BA5C8960C4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{12C5373D-5EC1-4085-A53A-442C542CD0DB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{14EF0901-036E-4C7E-B58A-5FA43AB48D41}" = protocol=6 | dir=in | app=d:\cod4\iw3mp.exe |
"{17682E90-F94D-42EE-AAB7-C4F724EFB0E5}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\blur(tm)\blur.exe |
"{1F972B48-72ED-4E65-B524-A6A457831B40}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{22367B86-B444-473A-96F3-0AF4341807D3}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{2340ECE6-C79A-4C78-A1B1-11FB0D870F96}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{23EA000A-1315-4037-8584-E408FD98E606}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{25F3944A-8B3C-467E-BB30-5E94B5CE6A28}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2687543B-5998-4968-B42D-96B47472BF62}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{268AB856-1D95-4A96-9576-B5357A38A7A1}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3-beta\bf3.exe |
"{269F3503-E35D-460F-B895-EC1E530171F2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{26B8058C-05D9-4373-AA04-E4E15BD6B3F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{273D81C1-B29B-4784-B310-2AB3AAE04EF6}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{28E945AD-5E05-4508-97F7-94A7DA1BFF6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{29A1CD87-2646-4F03-B411-BC185AE8FB88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A959D68-5A0C-4D19-8FA8-88008C9D05DF}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{2DF4C5F4-9ABA-4F7D-B2F8-34C2A2DAA068}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\blur(tm)\blur.exe |
"{321882F8-6B21-4B96-95F2-1AF7A6B5C5F4}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{325D0F7B-67DC-4ED7-B34D-16E262AC2A52}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{3464AA93-EC62-4766-A591-A9EA24DFF89D}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{34E2E57F-655B-4C5B-B585-F0B6C64C1251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{35B84C6F-14E6-417B-87F2-1061F7B38162}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{39918824-65A7-46C8-8962-AA061C475FA6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{3A2DF4E2-4FB3-4CA9-BFB6-5895914ACABD}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{3AFF8CD3-3041-47EC-B0D1-3467C345EA31}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{3B4DC582-4DDF-4480-8B42-88D5AC2A34CB}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{3C13CCB8-B627-444E-8851-B6E8BEC34199}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3C5C4770-59DE-45E2-BED4-91A4DA022C04}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{40BF81C5-B6D3-46F9-8D77-DE852FFFA547}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{44215274-0C30-4FA7-AC9C-DDCB5C3CC69D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{45E0D4BC-1560-4D20-A87D-C36AD52CCADA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{466D72B5-BC2C-454C-81EA-3BEB84EF9B76}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4B0A6053-3FA3-4BB9-A82D-3CC1757D696E}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{4E767EEE-9BD3-48D4-8B18-56444190FA63}" = protocol=17 | dir=in | app=d:\cod4\iw3mp.exe |
"{53755BCD-8159-4FE5-BB8E-483853422E41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{56440F19-7F10-433A-88D4-21909FEFDD19}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{56695A94-2C4E-4D74-AC77-2631703A38C6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{5B29C503-8104-4ACD-8F4E-CBA2CCE03988}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{5CD15E35-1147-4E61-8D84-C10A924897CB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{5CED53D1-3742-4244-BE14-6A79043C9EF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5FC1D3F7-81D1-4C82-90FE-CDA38A6FBF61}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{659FC6E0-E61C-466F-B628-0BCA227A387B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{677B866E-49DD-447C-BD80-FA9FA74E2D82}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\jonas_cod\counter-strike source\hl2.exe |
"{67BF22ED-BB64-4709-86C4-3F64F916C017}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{694D5D13-A6CD-4F62-8096-03B3F81B4C9A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6954049C-D60B-42D4-83ED-1561BF7FDF15}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{6B411C10-3516-45EF-96B2-93713FE65443}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6B91BF47-8BC7-4761-9DC1-6AE05D72C046}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6C925A8C-F9BB-4DC8-8F8B-BC9AE134525A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6CA44643-ACD6-433E-8A49-9F79EDC6E381}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{6CD690F8-C4B4-4D8C-97E4-703CA1497E37}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6EC514AD-0507-4841-8C66-9778B09312BB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{6F4F3E0D-AA44-43BE-9C1E-E558C2D6EC30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{700F8B34-2357-4FB7-8B8C-463505F5471C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7092DB9A-B988-457B-9328-ECC13D72B39A}" = protocol=6 | dir=out | app=system |
"{70E85C94-F963-4263-AB12-173543C8CCAA}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{7A2134E1-F129-4B35-9506-627BBD0C51D9}" = protocol=6 | dir=in | app=d:\program files\smartftp client\smartftp.exe |
"{7E223413-7021-46DD-982E-341EBC7ED286}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{7ECB5B0F-E29B-4662-B4EF-EB31A5FC45CC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{80A1F3AC-940E-4CBB-A046-3EB4001935BB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{83F49138-A25C-47F1-822E-407A0B48C440}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"{8467CE41-4FE2-4D02-9837-249C5B0878F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84FD337F-0054-42A0-A783-E38865F5CE12}" = dir=in | app=f:\setup\hpznui40.exe |
"{886053E1-F098-4ACB-886A-C54B66F4E9AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A727FF3-99F6-4793-AEC7-62C15011CBAF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{8EC01DFB-0952-4A37-BDAE-A585E20E5846}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{920FF4C0-EDAD-4D1E-B96B-5030B208AD72}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{92BC1CE6-5EAA-44D6-BB1E-D721E38E5875}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{93C6A68C-1405-4B28-8AAC-0F35E4FA89B8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{94DD123B-7A27-4CCC-8621-C31D36CB251D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95AAB3E1-8D04-4B21-BBB5-40DA7EDBC70D}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3-beta\bf3.exe |
"{99F889E9-12D8-4858-BD9D-44AF8A7F14EA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B699ACD-B1A4-4B73-A90D-C9DBED516FFF}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{9D1EAFC3-DE8D-4EB1-ABD5-8767E11E93DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E5DC2C8-440F-42BD-BEC9-B12C19DE9DFD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{A0BDC224-A292-4C51-B5CE-BBA5113D1D18}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A3C909B3-9E7B-4BB6-AD72-356E5695108F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A8456AC1-A4B7-4802-84B3-A5DA1DAC8C67}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{A8C33CE5-E334-46C7-8833-3AA39A384F4F}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{AA788815-1B5E-48F4-BFE1-C2193DD376DD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AD19D6CE-943A-4896-A2AA-96CD1B3E31D3}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B361934E-03A5-42C0-8D47-440D211CF90E}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{B921AF7B-E54E-4A8F-B1C9-A542300C0F85}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BA25A374-A709-4627-BA34-6A5CF53CDC7D}" = protocol=17 | dir=in | app=g:\games\cod4\iw3mp.exe |
"{BF7D7CC0-122E-4204-8F80-975CC3916191}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{C300B19D-8507-48DB-8E8C-2A806C804063}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{C6696229-A6F4-4C78-952B-406F5412A8C4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C7863B20-3D43-4E47-AD0C-EDBB7D2405F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB9199DF-741B-4EE2-AE34-528924F046FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CDE63146-C174-44AE-9C42-780407D45D32}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{CF5981D7-E87C-4E41-A99F-4050456891D7}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{CF812408-1918-4FDE-957C-3B8AB9F7CDD1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\jonas_cod\counter-strike source\hl2.exe |
"{D2D4ACB3-BB3A-4320-9A50-B924416485FA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D35084D8-B45E-4DAB-A60B-35C446D43D74}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{D39C9601-C2C6-4047-8C42-FB85D7510DB7}" = dir=out | app=%programfiles% (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D73A5401-3E56-488D-8794-E4D0522478E6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D7ACC4CC-09F7-480B-AC9E-17FE01BA85AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{D901F746-201B-4452-AAFE-8E421BA10472}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DACF1FF3-21B6-40B5-8187-63F7BDA27058}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DB7FF14C-4DAA-4C62-B03F-A91E675EDBFF}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{DC485A1D-354A-4185-8A97-87F2980D6082}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DE984262-CECC-4660-84AD-730EC8DFB179}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E0AE24F1-7B63-4DD4-BB24-3FC2C93D0B9C}" = protocol=6 | dir=in | app=g:\games\cod4\iw3mp.exe |
"{E6D3ED23-0FE8-4F5B-81DE-05EDAD0621A4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E8B0F193-DE16-4495-8C4E-5C9D343A5CE3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EB84C7F4-BE01-4982-B444-D52115A9DD4F}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{EE2AABAE-9825-40A1-8FB3-C500D18EE31C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{F0962045-AAC5-434F-9FAF-7D1A41A4EADF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F417A656-430D-4438-80F4-3F8FC027E9E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F69D993C-E5C4-4D8A-9646-001D2C7289EE}" = protocol=17 | dir=in | app=d:\program files\smartftp client\smartftp.exe |
"{F70ADE99-7078-4A6D-8AFA-21F5F6B4210A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FB1D64A8-B5D6-4DED-86A4-AEB4E7690183}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{FB331DBB-FDA7-4219-86E9-32A9E951B367}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{FDFFE8FD-4AC1-4F02-8698-071ED3C652EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FE4B1B74-0E8A-4B3C-A81E-E7E16E748135}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"TCP Query User{10EAA8B0-E7D7-4F8C-B2C3-3334C3EB36EC}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{118A3D8F-2AD0-4F5B-BCAC-B1F435DB4A48}D:\jbuilder2008r2\jbuilder.exe" = protocol=6 | dir=in | app=d:\jbuilder2008r2\jbuilder.exe |
"TCP Query User{124B4187-AC36-4AAF-BA4A-F909103F45CB}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"TCP Query User{15C5D7C9-3BCA-4860-97CA-17AF5D88B467}D:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe" = protocol=6 | dir=in | app=d:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe |
"TCP Query User{1FEAB102-ED5E-4E48-85F6-8C0CBA91AAD1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{297B5BAD-08D7-411D-95C0-74F8FA9C202D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{418139F1-217A-4EB6-9111-A592809F15C7}D:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\_uplauncher.exe |
"TCP Query User{4A4562A2-29E1-487A-8A69-E19C8A5565AB}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{60CF8904-6C5C-41B6-9668-7172FC94EFAA}D:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{61696414-076C-424B-B52A-5ED7C62097B3}D:\cod4\iw3mp.exe" = protocol=6 | dir=in | app=d:\cod4\iw3mp.exe |
"TCP Query User{7BD60ACA-1BD8-4589-A99B-C89DBF767D75}D:\company of heroes\bugreport\bugreport.exe" = protocol=6 | dir=in | app=d:\company of heroes\bugreport\bugreport.exe |
"TCP Query User{924BAB5C-0E9C-4BC7-84B0-F0B8AF4A5939}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{9C12EEF4-7208-4C31-9CB6-896DE1325235}D:\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=d:\company of heroes\reliccoh.exe |
"TCP Query User{B4189CC9-5C6D-46D4-A504-64C0522500D6}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{B47B029E-E0A8-44E8-9DC4-00A3B7B87284}D:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\uplauncher.exe |
"TCP Query User{BD45E18C-21C9-4E7E-B57D-AA914A234811}D:\css\hl2.exe" = protocol=6 | dir=in | app=d:\css\hl2.exe |
"TCP Query User{BFC9CDDA-E872-42F3-AE4A-16527DA87CD3}I:\games\cod4\iw3mp.exe" = protocol=6 | dir=in | app=i:\games\cod4\iw3mp.exe |
"TCP Query User{C25CCB40-1226-46EF-9ADE-64A272D7BBE7}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{C4229285-C3E9-41EA-8CDB-828953E9B4E5}D:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=d:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{CBD41494-84D6-4953-8326-69CE8D76CEFB}D:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"TCP Query User{E8AD816F-D6FC-46C3-8692-02490F62457A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{E9F185BE-1C5D-4D4E-8E7F-E4FB4D0FE250}D:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{EBB85E7B-4663-4A09-872D-0FF073D69FC4}D:\program files (x86)\bethesda softworks\brink\brink.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bethesda softworks\brink\brink.exe |
"TCP Query User{FD6AC6E8-319E-4ADA-8297-8B38A9F284EE}D:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\testdrive2.exe |
"UDP Query User{01AAAFAD-C9B6-489C-9FC1-2940D382275A}D:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"UDP Query User{02066D05-076E-4CC2-BD24-35947715F210}D:\jbuilder2008r2\jbuilder.exe" = protocol=17 | dir=in | app=d:\jbuilder2008r2\jbuilder.exe |
"UDP Query User{03452B34-B2F5-4D0F-B5E7-968F01F19553}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1077684F-F858-4413-831F-51269FAFFB1B}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{24EFAAEA-3D05-4412-9569-563B8A535DFA}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{265EF917-6B0B-478B-A701-CB32077DAC09}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{3BC5829A-6E11-4813-A14C-83709DFCECD6}I:\games\cod4\iw3mp.exe" = protocol=17 | dir=in | app=i:\games\cod4\iw3mp.exe |
"UDP Query User{3DF04ADA-F6CB-4300-B76E-F8F7F0EDAA2D}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{5615DFDA-E93F-4EFC-AB7B-46CD2D408916}D:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{58E72E8E-7576-4862-A2E8-0AA97582C84E}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{775D877E-DE7B-4D35-BF93-1E90F9652EA4}D:\cod4\iw3mp.exe" = protocol=17 | dir=in | app=d:\cod4\iw3mp.exe |
"UDP Query User{830F3C12-7A1D-43E4-A6FE-BCD6BEA15D36}D:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\_uplauncher.exe |
"UDP Query User{883CC426-4A4F-429C-8FA4-1C9753F8C9D7}D:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{8C178BF4-6D8F-41BE-9438-0570AF2F5B42}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8FA35AFF-EBAE-41E2-B5D5-53AD744F8685}D:\program files (x86)\bethesda softworks\brink\brink.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bethesda softworks\brink\brink.exe |
"UDP Query User{902C5AEB-D5DB-466B-9D5C-C1D5746593A0}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{B24D0B67-AE7E-47F2-91E9-72233DEFABC2}D:\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=d:\company of heroes\reliccoh.exe |
"UDP Query User{B8683E76-981C-417A-9BE7-2BCE0D6CE2B2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{CADD0472-E153-413C-A303-986E8797334F}D:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe" = protocol=17 | dir=in | app=d:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe |
"UDP Query User{CF88CDB2-F63D-4CB8-9ED4-D3C9EB3141FE}D:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\testdrive2.exe |
"UDP Query User{DE66230F-CA15-4732-AA76-000A8FE7F91D}D:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=d:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{EC634C64-508D-4839-B04F-E0B2F5F397C9}D:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\uplauncher.exe |
"UDP Query User{F9EDD04C-59CE-4C2D-9028-EB79D3A41DEA}D:\css\hl2.exe" = protocol=17 | dir=in | app=d:\css\hl2.exe |
"UDP Query User{FF73B8F3-09D1-4AC4-9BA2-94F7F9598C12}D:\company of heroes\bugreport\bugreport.exe" = protocol=17 | dir=in | app=d:\company of heroes\bugreport\bugreport.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13815D81-44B6-7ADA-2A41-FFFC64DD6FAB}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{49B6223C-8206-407A-B64F-CCFF83435ECF}" = SmartFTP Client
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7B8F9BF0-A1D5-11E0-B4E5-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{7C5CAFD6-F51C-0011-410B-001EF3E342A7}" = AMD Media Foundation Decoders
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{7F801000-A1D5-11E0-9092-0013D3D69929}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9005CF63-F082-65AD-7431-7EBF31642279}" = AMD Fuel
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.03
"{90CB2C55-426D-0752-968D-9B0F1110202A}" = AMD Catalyst Install Manager
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"sp6" = Logitech SetPoint 6.20
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{77033683-0816-4D7D-8BF1-3949B4E9823D}" = Battlefield 3™
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC2BAF9A-926F-791D-772C-F582CD8A47B0}" = Catalyst Control Center InstallProxy
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = AMD VISION Engine Control Center
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye" = BattlEye Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.12.804
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.21.504
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Opera 12.00.1467" = Opera 12.00
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12900" = Audiosurf
"Steam App 240" = Counter-Strike: Source
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TIPP10_is1" = TIPP10 Version 2.1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.1
"WinGimp-2.0_is1" = GIMP 2.6.10
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.07.2012 14:17:51 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2034 Startzeit:
01cd61231a3f332c Endzeit: 97 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 13.07.2012 14:26:23 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 20a0 Startzeit:
01cd6124c4d350cb Endzeit: 61 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 14.07.2012 13:38:37 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x950 Startzeit der fehlerhaften Anwendung: 0x01cd61e70028e69e Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
bda8c7fd-cdda-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 13:41:54 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x27a8 Startzeit der fehlerhaften Anwendung: 0x01cd61e783efb5a7 Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
3314c217-cddb-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:42:10 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: bc4 Startzeit:
01cd61f89ee89a4d Endzeit: 3 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID: fe29e3b8-cdeb-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:42:41 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12cc Startzeit:
01cd61f85151dd48 Endzeit: 85 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 14.07.2012 15:56:14 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x2644 Startzeit der fehlerhaften Anwendung: 0x01cd61fa34242d2b Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
f72ee670-cded-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:56:33 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1de8 Startzeit:
01cd61fab97ddf06 Endzeit: 3 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID: 00b9aab6-cdee-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 16:00:08 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0xbd8 Startzeit der fehlerhaften Anwendung: 0x01cd61fabb51464e Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
82b1ae53-cdee-11e1-98cf-1c6f65878b7b
Error - 21.07.2012 20:06:34 | Computer Name = Jonas-PC7 | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
nicht initialisiert werden. Details: Could not query the status of the EventSystem
service. System Error: Der Computer wird heruntergefahren. .
[ System Events ]
Error - 22.07.2012 08:17:52 | Computer Name = Jonas-PC7 | Source = DCOM | ID = 10005
Description =
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.07.2012 14:20:38 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Jonas\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 76,73% Memory free 15,99 Gb Paging File | 14,33 Gb Available in Paging File | 89,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50,00 Gb Total Space | 6,10 Gb Free Space | 12,20% Space Free | Partition Type: NTFS Drive D: | 182,88 Gb Total Space | 17,69 Gb Free Space | 9,67% Space Free | Partition Type: NTFS Drive I: | 7,68 Gb Total Space | 5,90 Gb Free Space | 76,74% Space Free | Partition Type: FAT32 Computer Name: JONAS-PC7 | User Name: Jonas | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.22 14:18:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe PRC - [2012.06.16 12:51:55 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012.06.16 12:51:55 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe ========== Modules (No Company Name) ========== MOD - [2012.07.12 13:00:29 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.03.09 07:10:20 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.03.09 01:10:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.07.12 13:00:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.09 16:33:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.09 16:33:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.02.15 19:51:43 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.09 19:06:13 | 002,983,808 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Users\Jonas\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.08.04 14:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.03.15 19:08:44 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.03 15:21:00 | 000,129,440 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.09 16:33:25 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.09 16:33:25 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.03.09 05:58:02 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.) DRV:64bit: - [2012.02.24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:64bit: - [2012.02.24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:64bit: - [2011.12.05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.10.27 03:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2011.10.27 03:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV:64bit: - [2011.10.27 03:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2011.10.27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011.10.27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:64bit: - [2011.10.27 03:25:42 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) DRV:64bit: - [2011.10.27 03:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011.10.27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.08.05 16:43:04 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.08.05 16:43:03 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.19 04:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.11.19 04:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.08.24 19:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2010.02.25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.11.23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2009.11.23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dayzmap.info/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{283171FA-B633-4320-9A79-DEBF83FD9533}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=FA00FEE5-42A6-4C5D-97AA-05C0EB1ECD70&apn_sauid=5C28E5D0-AEB5-4293-A8E9-044AFA4871F5 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.27 17:04:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.20 13:42:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.27 17:04:59 | 000,000,000 | ---D | M] [2011.02.20 19:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions [2011.01.10 18:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.06.27 16:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions [2011.02.20 19:09:31 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2011.03.25 23:25:36 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.07.29 22:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\j8ylclkc.default\searchplugins\askcom.xml [2010.12.13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [X3DAudio1_6] C:\Users\Jonas\AppData\Local\Microsoft\Windows\2305\X3DAudio1_6.exe () O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [KiesHelper] D:\Program Files (x86)\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesPDLR] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.1 217.0.43.193 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85F4B72D-3340-4299-9861-8B9793C4FD93}: DhcpNameServer = 217.0.43.1 217.0.43.193 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.22 14:18:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe [2012.07.22 01:52:26 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Malwarebytes [2012.07.22 01:52:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.22 01:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.22 01:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.22 01:51:19 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jonas\Desktop\mbam-setup-1.62.0.1300.exe [2012.07.22 00:48:12 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\hellomoto [2012.07.08 20:03:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\Klaypex [2012.07.08 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\Janik [2012.07.08 16:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.07.08 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.07.05 19:26:14 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\SIX_Projects [2012.07.05 19:15:30 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\ArmA 2 [2012.07.05 19:11:24 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\ArmA 2 OA [2012.07.05 19:11:24 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Documents\ArmA 2 [2012.07.05 18:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\six-updater [2012.07.05 18:57:15 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\six-zsync [2012.07.05 18:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects [2012.06.28 09:50:14 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\(Soundtrack) VA - Project X OST - 2012, MP3, 320 kbps [mikkisays.net] [2012.06.26 21:22:51 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\FileZilla [2012.06.26 21:13:57 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\SmartFTP [2012.06.26 21:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client [2012.06.26 19:34:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\fofix [2012.06.26 19:33:57 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\fofix-4.0.0alpha1 [2012.06.25 16:18:15 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\VBT 2011 [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.22 14:18:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe [2012.07.22 14:18:15 | 000,000,000 | ---- | M] () -- C:\Users\Jonas\defogger_reenable [2012.07.22 14:17:53 | 000,050,477 | ---- | M] () -- C:\Users\Jonas\Desktop\Defogger.exe [2012.07.22 12:56:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.22 12:56:24 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys [2012.07.22 12:54:33 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.22 01:52:17 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.22 01:51:43 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jonas\Desktop\mbam-setup-1.62.0.1300.exe [2012.07.22 00:25:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.22 00:14:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.21 11:49:14 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.21 11:49:14 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.21 11:49:14 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.21 11:49:14 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.21 11:49:14 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.19 14:32:32 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.19 14:32:32 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.18 14:07:05 | 008,018,065 | ---- | M] () -- C:\Users\Jonas\Desktop\feuer.mp3 [2012.07.15 20:16:29 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.07.15 20:16:29 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.07.15 20:16:02 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.07.12 03:23:14 | 000,422,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.11 19:13:34 | 000,000,973 | ---- | M] () -- C:\Users\Jonas\Desktop\Miike Snow - Discography - 2009-2012 - Verknüpfung.lnk [2012.07.10 20:46:56 | 000,980,719 | ---- | M] () -- C:\Users\Public\Documents\Scannen0001.pdf [2012.07.10 20:01:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\HP_192.168.1.20_CN9BIBK30P05H5 [2012.07.08 15:15:32 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.07.08 15:15:32 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.01 23:21:06 | 000,020,244 | ---- | M] () -- C:\Users\Jonas\.recently-used.xbel [2012.07.01 14:25:34 | 006,149,955 | ---- | M] () -- C:\Users\Jonas\Desktop\Yeah Yeah Yeahs - Heads Will Roll (Dirrrtydisko Remix).mp3 [2012.06.30 14:02:12 | 009,224,217 | ---- | M] () -- C:\Users\Jonas\Desktop\The White Stripes - Seven nation army.mp3 [2012.06.30 13:56:11 | 000,030,348 | ---- | M] () -- C:\Users\Jonas\Desktop\white_stripes_seven_nation_army.gp5 [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.22 14:18:15 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\defogger_reenable [2012.07.22 14:17:53 | 000,050,477 | ---- | C] () -- C:\Users\Jonas\Desktop\Defogger.exe [2012.07.22 01:52:17 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.18 14:06:13 | 008,018,065 | ---- | C] () -- C:\Users\Jonas\Desktop\feuer.mp3 [2012.07.11 19:13:34 | 000,000,973 | ---- | C] () -- C:\Users\Jonas\Desktop\Miike Snow - Discography - 2009-2012 - Verknüpfung.lnk [2012.07.10 20:50:07 | 000,980,719 | ---- | C] () -- C:\Users\Public\Documents\Scannen0001.pdf [2012.07.10 20:01:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\HP_192.168.1.20_CN9BIBK30P05H5 [2012.07.05 18:56:07 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.07.05 18:56:07 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.07.01 23:21:06 | 000,020,244 | ---- | C] () -- C:\Users\Jonas\.recently-used.xbel [2012.07.01 14:25:16 | 006,149,955 | ---- | C] () -- C:\Users\Jonas\Desktop\Yeah Yeah Yeahs - Heads Will Roll (Dirrrtydisko Remix).mp3 [2012.06.30 14:01:37 | 009,224,217 | ---- | C] () -- C:\Users\Jonas\Desktop\The White Stripes - Seven nation army.mp3 [2012.06.30 13:56:11 | 000,030,348 | ---- | C] () -- C:\Users\Jonas\Desktop\white_stripes_seven_nation_army.gp5 [2012.04.01 14:21:39 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.01.28 20:32:12 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.11.29 17:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.11.29 17:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.11.29 17:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.11.29 17:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.06.24 18:42:53 | 000,000,412 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\All CPU Meter_Settings.ini [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.16 17:03:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.02.17 21:14:04 | 000,007,605 | ---- | C] () -- C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg [2011.02.05 18:24:03 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2011.01.27 16:58:47 | 000,225,745 | ---- | C] () -- C:\Windows\hpoins46.dat [2011.01.10 20:14:20 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.01.10 20:14:18 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.01.10 20:14:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.01.10 17:48:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== LOP Check ========== [2011.02.05 18:23:32 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Degener [2012.05.06 18:15:33 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\DVDVideoSoft [2011.05.02 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers [2012.06.26 21:28:57 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\FileZilla [2011.02.20 19:11:53 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\FireShot [2012.06.26 19:54:38 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\fofix [2012.01.26 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\GetRightToGo [2012.07.01 23:21:06 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\gtk-2.0 [2012.05.20 13:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Guitar Pro 6 [2012.07.22 00:48:19 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\hellomoto [2011.12.02 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\ICQ [2011.01.10 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Leadertech [2012.05.22 13:52:32 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\LolClient [2012.06.12 12:46:15 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\LolClient2 [2011.01.14 21:07:21 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Notepad++ [2011.01.10 18:18:16 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Opera [2011.10.30 19:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Origin [2011.10.08 19:09:34 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Publish Providers [2011.12.19 16:33:38 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PunkBuster [2012.01.01 23:04:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Samsung [2012.07.05 19:29:48 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\six-updater [2012.07.05 18:57:15 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\six-zsync [2011.10.07 12:37:02 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Sony [2011.11.13 14:50:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Sony Creative Software Inc [2011.01.27 18:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Subversion [2012.07.10 19:50:50 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\TeamViewer [2012.04.13 18:03:39 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Temp [2011.01.10 18:48:18 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Thunderbird [2012.07.06 22:14:16 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\TS3Client [2011.12.18 17:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Ubisoft [2012.06.04 15:50:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Bitte um hilfe Mfg Jonas |
|
23.07.2012, 07:52
| #2 |
| /// Helfer-Team    | Verschlüsselungs-Trojaner: Report Auswertung etc. Hallo und Herzlich Willkommen!
__________________ ► Welche Art und Weise wurden die Daten (Eigene Dateien wie Bilder, Dokumente, Musik etc) bereits verschlüsselt? Kannst Du ein Beispiel nennen? Dateiändung wurden zugefügt (z.B "locked- .wxyz"), oder nach einem Zufallsprinzip besteht ein Dateiname aus Groß und Kleinbuchstaben (wie z.B QsEEUTODXNVqyssQ) andere? Nämlich manche Varianten lassen sich entschlüsseln, andere wieder leider nicht.. gruß kira
__________________ |
|
23.07.2012, 18:47
| #3 |
| | Verschlüsselungs-Trojaner: Report Auswertung etc. Danke für die Hilfe aber ich habe das Problem mit einer Systemneuinstallation gelöst.
__________________Hatte das schon lange vor aber nie richtig die Zeit dazu gefunden. Also war der Trojaner zwar ärgerlich aber auch ein Anstoß  MfG Jonas |
|
24.07.2012, 08:05
| #4 |
| /// Helfer-Team | Verschlüsselungs-Trojaner: Report Auswertung etc. was ist passiert mit die verschlüsselten Dateien (Bilder, Musik etc)?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
24.07.2012, 10:40
| #5 |
| | Verschlüsselungs-Trojaner: Report Auswertung etc. Da es sich "nur" um den BKA-Trojaner oder Bundes-Trojaner (sorry kenn mich da nicht so übermäßig mit aus) handelte, der meinen PC nach dem Hochfahren lahm legte, hat das ganz normle Formatieren bei der Neuinstallation schon gereicht um diesen zu beseitigen. Falls ich mich irre und der Trojaner diesen Vorgang in irgendeiner Weise überstanden hat, sich jetzt aber nicht mehr offensichtlich zu sehen ist sagt mir bitte bescheid, sodass ich weitere Maßnahmen einleiten kann. MfG Jonas |
|
25.07.2012, 06:30
| #6 | ||
| /// Helfer-Team | Verschlüsselungs-Trojaner: Report Auswertung etc. okay, nämlich meine Frage war darauf bezogen: "Verschlüsselungs-Trojaner: Report Auswertung etc. " dann ist gut 1. Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen) z.B. Login-, Mail- oder Website-Passwörter Tipps: Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern) auch noch hier unter: Sicheres Kennwort (Password) 2. ► Schaue bitte nach, ob für Windows neue Update gibt?!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand! Lesestoff Nr.1: Gib Kriminellen Handlungen keine Chance! Zitat:
** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !! Zitat:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:
Wenn Du uns unterstützen möchtest→ Spendekonto gruß kira
__________________ --> Verschlüsselungs-Trojaner: Report Auswertung etc. |
|
25.07.2012, 13:18
| #7 |
| | Verschlüsselungs-Trojaner: Report Auswertung etc. Wow erstmal dickes Danke kira! Sehr nett von dir mir weiterhin Tipps zu geben, obwohl das eigentliche Problem schon gelöst war. Und so umfangreich noch dazu. Echt super Forum hier und nochmals danke. MfG Jonas |
|
| Themen zu Verschlüsselungs-Trojaner: Report Auswertung etc. |
| abgesicherte, administrator, analyse, anti-malware, audacity, auswertung, autostart, bösartige, call of duty, dateien, device driver, explorer, gefunde, gen, google earth, heuristiks/extra, heuristiks/shuriken, install.exe, jdownloader, malwarebytes, malwarebytes anti-malware, microsoft office word, minute, msvcrt, objekte, office 2007, origin, pando media booster, plug-in, registrierung, report, searchscopes, service, service pack 1, soundtrack, speicher, usb 3.0, verschlüsselungs-trojaner, version, verzeichnisse, wrapper |
Linear-Darstellung
