| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "Weißer Bildschirm"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.09.2012, 15:45
| #1 |
| |  "Weißer Bildschirm" Hallo Leute, ich habe mir diesen "Weißer Bildschirm" Plagegeist eingefangen. Ich war auf Google und habe mir Bilder über Japanische Tätowierungen angeschaut. Ein Bilder Link muss mich dann zu einer infizierten Seite geschickt haben. Die Yakuza lässt sich auch immer was neues einfallen  Nun Ja. Jedenfalls startete der Rechner von selbst neu und es war nach der Anmeldung nur noch dieser weiße Bildschirm zu sehen. Ich hab dann die Internetverbindung gekappt und mich mit meinem MACBOOK auf Lösungssuche begeben.Nun bin ich hier. Ich hab den Rechner im Abgesicherten Modus mit Eingabeaufforderung starten können und habe das OTL Programm laufen lassen. Das sind die Ergebnisse. OTL.txt: Code:
ATTFilter OTL logfile created on: 01.09.2012 16:18:03 - Run 1 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Daniel\Desktop 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,16 Gb Available Physical Memory | 79,00% Memory free 8,00 Gb Paging File | 7,34 Gb Available in Paging File | 91,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 78,12 Gb Total Space | 2,68 Gb Free Space | 3,43% Space Free | Partition Type: NTFS Drive D: | 1863,01 Gb Total Space | 1133,77 Gb Free Space | 60,86% Space Free | Partition Type: NTFS Drive E: | 298,09 Gb Total Space | 126,99 Gb Free Space | 42,60% Space Free | Partition Type: NTFS Drive F: | 118,21 Gb Total Space | 2,37 Gb Free Space | 2,01% Space Free | Partition Type: NTFS Drive G: | 214,74 Gb Total Space | 64,36 Gb Free Space | 29,97% Space Free | Partition Type: FAT32 Drive H: | 4,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: BEATRICE | User Name: Daniel | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.01 15:57:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.01.03 16:06:39 | 000,582,144 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\atwtusb.exe -- (WTService) SRV:64bit: - [2009.08.10 17:01:06 | 000,206,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV:64bit: - [2009.08.10 17:01:04 | 000,626,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.06.29 15:43:12 | 000,545,792 | ---- | M] (Sphinx Software) [Auto | Stopped] -- C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe -- (Windows7FirewallService) SRV:64bit: - [2008.11.06 13:37:22 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Testversion) 2012\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2012.09.01 12:44:29 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.25 08:37:23 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.08.22 09:49:50 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.26 16:08:56 | 003,665,752 | ---- | M] () [Auto | Stopped] -- E:\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx) SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.08.12 18:13:26 | 000,087,040 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.04.28 20:54:03 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.12.16 19:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.08.28 00:00:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.03.20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.20 10:03:41 | 000,716,800 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.03.11 11:51:06 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr) DRV:64bit: - [2010.03.11 11:50:40 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini) DRV:64bit: - [2009.11.11 16:47:18 | 000,348,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009.08.20 19:00:10 | 000,664,576 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite (Testversion) 2012\WNt500x64\Sandra.sys -- (SANDRA) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.28 18:00:32 | 000,025,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2009.05.28 17:47:38 | 000,033,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64) DRV:64bit: - [2007.12.12 14:11:06 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3) DRV:64bit: - [2006.12.08 08:06:34 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT) DRV:64bit: - [2005.08.03 18:37:58 | 000,676,864 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV:64bit: - [2005.08.03 18:37:56 | 000,695,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV:64bit: - [2005.08.03 18:37:56 | 000,208,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV:64bit: - [2005.08.03 18:37:54 | 000,356,864 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV:64bit: - [2005.08.03 18:37:54 | 000,151,552 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL) DRV:64bit: - [2005.08.03 18:37:52 | 000,316,928 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV:64bit: - [2005.08.03 18:37:52 | 000,169,472 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV - [2010.10.22 11:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys -- (NTIOLib_1_0_4) DRV - [2010.05.10 11:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys -- (MSI_MSIBIOS_010507) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2004.12.30 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=16596&l=dis&gct=hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 97 DC 93 23 2C CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FF-DL&o=16596&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=1A&apn_dtid=YYYYYYYYDE&apn_uid=673C7292-BB48-4FC1-8DEE-BEA571691BD1&apn_sauid=AEEB6F18-577A-4C4F-9553-8C845C04C4C5& IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9 FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0 FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1 FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0 FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5 FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1 FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 12:44:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.29 10:04:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2011.09.13 21:39:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.16 17:19:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.08.29 10:04:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.01 12:44:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.29 10:04:45 | 000,000,000 | ---D | M] [2010.08.15 22:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2010.02.08 22:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.08.15 22:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28} [2010.01.02 23:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\celtx@celtx.com [2012.07.15 20:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\ewbqbfy5.default\extensions [2011.08.23 16:42:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\ewbqbfy5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.07.15 20:02:52 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\ewbqbfy5.default\extensions\ich@maltegoetz.de [2012.05.30 17:55:37 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\ewbqbfy5.default\extensions\toolbar@ask.com [2011.06.15 11:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Sunbird\Profiles\hjc8mnyt.default\extensions [2010.08.15 22:26:51 | 000,000,000 | ---D | M] ("Automatic Export") -- C:\Users\Daniel\AppData\Roaming\mozilla\Sunbird\Profiles\hjc8mnyt.default\extensions\{A79E82DD-9CE6-87C7-0006-87D0FD2FCD42} [2012.06.24 14:36:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.04.18 17:46:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG [2010.10.10 12:32:16 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG [2012.09.01 12:44:30 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.22 15:39:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.07.07 19:08:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.01 12:44:29 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.07 19:08:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.10.12 22:08:08 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src [2012.07.07 19:08:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.07 19:08:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.07 19:08:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Daniel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (NXIECatcher Class) - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll (Xi) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKLM\..\Toolbar: (NetXfer) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll (Xi) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Daniel\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Daniel\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [AsioReg] C:\Windows\SysNative\CTASIO.DLL (Creative Technology Ltd) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe () O4:64bit: - HKLM..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Windows7FirewallControl] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe (Sphinx Software) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\CTASIO.DLL (Creative Technology Ltd) O4 - HKLM..\Run: [F5D7050v3] C:\Program Files (x86)\Belkin\F5D7050v3\Belkinwcui.exe File not found O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\LU5.exe (Micro-Star International) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 File not found O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [rfxsrvtray] E:\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk = C:\Users\Daniel\AppData\Roaming\1.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data] O8:64bit: - Extra context menu item: Alles mit NetXfer herunterladen - C:\Program Files\Xi\NetXfer\NXAddList.html () O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Herunterladen mit NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Alles mit NetXfer herunterladen - C:\Program Files\Xi\NetXfer\NXAddList.html () O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Herunterladen mit NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wecker-Alarm - {7B499570-29C5-4a80-9F57-94A420D140CE} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Nach Wecker für Windows exportieren - {7B499570-29C5-4a80-9F57-94A420D140CE} - Reg Error: Key error. File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D8EF790-B444-4F03-AE9A-C356ECBF2A7F}: DhcpNameServer = 192.168.12.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48A9FCF8-A0B6-4BF1-91B0-4134040BFA28}: DhcpNameServer = 192.168.57.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C39342A-D344-40FF-9B53-9C261C2E1AAC}: DhcpNameServer = 192.168.57.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E20B210-D2AD-41B6-88FD-AF64FFBADE5D}: DhcpNameServer = 192.168.57.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D2440B8-D8B3-4AB4-AE09-F446635AA74C}: DhcpNameServer = 192.168.57.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2AC4E94-1C0E-4041-AB1C-ADA7C589C4BD}: DhcpNameServer = 192.168.57.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (C:\Users\Daniel\AppData\Roaming\1.exe) - C:\Users\Daniel\AppData\Roaming\1.exe () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.12.31 15:58:42 | 000,000,044 | R--- | M] () - H:\autorun.inf -- [ UDF ] O33 - MountPoints2\{f13b223d-933a-11de-af63-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f13b223d-933a-11de-af63-806e6f6e6963}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010.05.11 15:49:56 | 000,345,896 | R--- | M] (Valve Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.01 15:58:09 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2012.08.29 10:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 64-bit fixes [2012.08.29 10:23:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Reader 64-bit fixes [2012.08.29 10:04:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.08.21 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Artisteer Templates [2012.08.21 19:33:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Artisteer [2012.08.21 19:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 3 [2012.08.20 15:38:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Sniper - Ghost Warrior [2012.08.20 15:00:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012.08.20 14:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012.08.20 14:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.08.15 15:22:10 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.08.15 15:22:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.08.15 15:22:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.08.15 15:22:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.08.15 15:22:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.08.15 15:22:07 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.08.15 15:22:07 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.08.15 15:22:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.08.15 15:22:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.08.15 15:22:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.08.15 15:22:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.08.15 15:22:06 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.08.15 15:22:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.08.15 11:14:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.08.15 11:14:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.08.15 11:14:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.08.15 11:14:17 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.01 16:19:48 | 006,553,600 | -HS- | M] () -- C:\Users\Daniel\NTUSER.DAT [2012.09.01 15:58:58 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.01 15:58:58 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.01 15:58:58 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.01 15:58:58 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.01 15:58:58 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.01 15:57:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2012.09.01 15:47:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.01 15:47:33 | 3220,774,912 | -HS- | M] () -- C:\hiberfil.sys [2012.09.01 15:34:26 | 000,000,258 | ---- | M] () -- C:\Windows\win.ini [2012.09.01 15:34:05 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.01 15:34:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012.09.01 15:30:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.01 14:56:23 | 000,009,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.01 14:56:23 | 000,009,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.01 14:44:54 | 005,986,642 | -H-- | M] () -- C:\Users\Daniel\AppData\Local\IconCache.db [2012.09.01 14:44:47 | 000,000,650 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk [2012.09.01 14:44:42 | 000,391,533 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\1.exe [2012.09.01 14:37:21 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.01 14:36:20 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753493768-2596447732-2270907031-1000UA.job [2012.08.31 20:23:21 | 001,343,148 | ---- | M] () -- C:\Users\Daniel\Desktop\IOGraphica - 1.2 hours (from 19-05 to 20-23).png [2012.08.30 18:39:04 | 000,000,218 | ---- | M] () -- C:\Users\Daniel\.recently-used.xbel [2012.08.25 23:36:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753493768-2596447732-2270907031-1000Core.job [2012.08.22 09:49:50 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.22 09:49:50 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.21 12:08:37 | 000,005,619 | ---- | M] () -- C:\Windows\SysWow64\Utility.xml [2012.08.19 14:43:22 | 005,085,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.01 14:44:47 | 000,000,650 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk [2012.09.01 14:44:42 | 000,391,533 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\1.exe [2012.08.31 20:23:18 | 001,343,148 | ---- | C] () -- C:\Users\Daniel\Desktop\IOGraphica - 1.2 hours (from 19-05 to 20-23).png [2012.08.30 18:39:04 | 000,000,218 | ---- | C] () -- C:\Users\Daniel\.recently-used.xbel [2012.08.29 10:04:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.02.18 17:39:11 | 000,000,165 | ---- | C] () -- C:\Windows\wiso.ini [2012.01.14 13:11:41 | 000,001,657 | ---- | C] () -- C:\Users\Daniel\Giarre Kopi.2012_01_14_12_11_41.0 [2012.01.11 20:36:24 | 000,844,288 | ---- | C] () -- C:\Windows\RmTablet.exe [2011.11.25 11:32:39 | 011,272,192 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\Sandra.mdb [2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.10.03 12:58:47 | 000,000,337 | ---- | C] () -- C:\Windows\ATB_Prec.Ini [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.23 15:19:21 | 000,000,040 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\cdr.ini [2011.09.09 14:22:06 | 000,026,946 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\OFMissionEditorConfig.xml [2011.07.28 23:15:45 | 000,003,072 | -H-- | C] () -- C:\Users\Daniel\photothumb.db [2011.07.02 10:13:07 | 000,554,496 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll [2011.03.20 10:04:21 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\UpdateDriver.exe [2011.03.20 10:04:21 | 000,005,224 | ---- | C] () -- C:\Windows\SysWow64\ucuiinfo.ini [2010.12.24 13:26:01 | 000,003,741 | ---- | C] () -- C:\Users\Daniel\Neues Dokument 2.2010_12_24_12_26_01.0 [2010.08.23 19:59:38 | 000,000,355 | ---- | C] () -- C:\Users\Daniel\Computer - Verknüpfung.lnk [2010.06.27 21:59:32 | 000,047,374 | ---- | C] () -- C:\Users\Daniel\Finnland_liniie.png [2010.06.27 21:59:19 | 000,047,374 | ---- | C] () -- C:\Users\Daniel\Finnland.png [2010.06.27 21:39:24 | 000,358,593 | ---- | C] () -- C:\Users\Daniel\patheuropa.png [2010.02.22 21:37:55 | 000,000,088 | RHS- | C] () -- C:\ProgramData\EF6753E0D4.sys [2010.02.22 21:37:54 | 000,003,140 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.02.19 17:09:20 | 000,007,602 | ---- | C] () -- C:\Users\Daniel\AppData\Local\resmon.resmoncfg [2009.10.03 18:42:55 | 000,011,264 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.14 20:16:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.09.12 18:14:59 | 005,986,642 | -H-- | C] () -- C:\Users\Daniel\AppData\Local\IconCache.db [2009.09.12 18:12:15 | 000,415,592 | ---- | C] () -- C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT [2009.09.12 17:59:37 | 000,000,020 | -HS- | C] () -- C:\Users\Daniel\ntuser.ini [2009.09.12 17:19:06 | 006,553,600 | -HS- | C] () -- C:\Users\Daniel\NTUSER.DAT [2009.09.12 17:19:06 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2009.09.12 17:19:06 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2009.09.12 17:19:06 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ========== LOP Check ========== [2011.10.14 23:42:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.kde [2011.08.28 13:47:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Amazon [2012.08.21 19:33:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Artisteer [2011.08.11 03:39:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Azureus [2012.03.14 21:12:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Bioshock [2012.07.10 19:56:07 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Bioshock2 [2012.04.15 18:22:14 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Buhl Data Service [2010.12.27 13:42:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canneverbe Limited [2011.07.19 22:14:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\de.txptr.googleplus [2009.09.12 17:39:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DeepBurner Pro [2012.09.01 13:55:30 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dropbox [2012.02.12 21:24:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoft [2011.08.07 09:25:36 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers [2011.10.02 11:11:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\EAC [2010.11.28 15:39:46 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FileZilla [2010.01.02 23:05:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Greyfirst [2012.08.30 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gtk-2.0 [2010.10.12 22:08:08 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Gutscheinmieze [2011.12.19 21:48:20 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HTC [2011.03.16 21:36:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2009.09.12 17:39:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ [2009.09.12 17:39:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Inkscape [2011.10.27 22:55:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LibreOffice [2011.10.15 18:32:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenCandy [2009.09.12 17:39:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org [2009.09.12 17:40:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Opera [2011.02.13 20:05:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Participatory Culture Foundation [2011.10.12 14:26:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PCF-VLC [2011.10.12 17:07:49 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\pdfforge [2011.04.27 16:38:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\phonostar GmbH [2011.07.28 23:22:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PhotoScape [2009.09.17 14:18:04 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Publish Providers [2010.06.30 12:45:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Scribus [2009.09.12 17:40:04 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sony [2010.02.05 19:23:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Stereoscopic Player [2010.02.08 22:00:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Thunderbird [2011.07.02 10:13:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Tobit [2009.09.17 12:28:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Trillian [2012.08.12 22:13:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TV-Browser [2010.01.30 14:49:04 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Wargaming.Net [2010.07.18 12:36:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Wireshark [2011.08.11 00:46:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Xi [2012.05.09 18:42:00 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 01.09.2012 16:18:03 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Daniel\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,16 Gb Available Physical Memory | 79,00% Memory free
8,00 Gb Paging File | 7,34 Gb Available in Paging File | 91,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 2,68 Gb Free Space | 3,43% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1133,77 Gb Free Space | 60,86% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 126,99 Gb Free Space | 42,60% Space Free | Partition Type: NTFS
Drive F: | 118,21 Gb Total Space | 2,37 Gb Free Space | 2,01% Space Free | Partition Type: NTFS
Drive G: | 214,74 Gb Total Space | 64,36 Gb Free Space | 29,97% Space Free | Partition Type: FAT32
Drive H: | 4,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: BEATRICE | User Name: Daniel | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Users\Daniel\AppData\Local\Aptana Studio 2.0\AptanaStudio.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.js [@ = JSFile] -- C:\Users\Daniel\AppData\Local\Aptana Studio 2.0\AptanaStudio.exe ()
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Users\Daniel\AppData\Local\Aptana Studio 2.0\AptanaStudio.exe" "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Users\Daniel\AppData\Local\Aptana Studio 2.0\AptanaStudio.exe" "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{074AD529-098D-4B7B-8A9A-6E3D0FD3AE91}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1259A347-0EE6-4883-B1DB-26239166B59F}" = lport=5375 | protocol=6 | dir=in | name=jaxer |
"{172D3076-BB54-435C-859A-44BC6514F6A6}" = lport=8081 | protocol=6 | dir=in | name=apache |
"{175D2F83-29AC-487E-B495-6EA8BD4E801D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite (testversion) 2012\rpcagentsrv.exe |
"{1C7B05B0-5E92-4ABC-BF00-3239C4EDA172}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2749F954-E5AD-48AC-B824-2606C25C591C}" = lport=5377 | protocol=6 | dir=in | name=jaxer |
"{2A52BDB6-D376-4BFE-8446-B312C908DFD3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2A7D63CC-5A53-4DA4-A88F-F9454A68A7BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3AE6EF3F-0E5B-418C-8C35-59C6CF3D5633}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3BF3FB88-5A5F-4DB7-9BA2-4E49130C662F}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{43B00DD1-484E-436E-9D30-E5F1A1E3C9D6}" = lport=5370 | protocol=6 | dir=in | name=jaxer |
"{481494AB-FB84-42EE-A042-B2E245C7C90F}" = lport=5379 | protocol=6 | dir=in | name=jaxer |
"{48AE86A5-658E-4C3D-A2C5-6436339B57AF}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite (testversion) 2012\wnt500x64\rpcsandrasrv.exe |
"{49255277-D033-4B09-956A-AD5AB86CA478}" = lport=5371 | protocol=6 | dir=in | name=jaxer |
"{4D1F8253-E1E2-4256-B158-1168849E30A2}" = lport=5374 | protocol=6 | dir=in | name=jaxer |
"{6D4AA323-AEE2-4385-B5C5-59677FC3445B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{74E54009-08EE-40D9-A1C6-C5E32A390B96}" = lport=5381 | protocol=6 | dir=in | name=jaxer |
"{81D1B60B-1201-473E-9660-531AD60BA291}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D0F6BDC-3E39-4674-98FD-76999E45B7DC}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BEB521F4-B41F-42DB-B191-BE1336BD0F14}" = lport=5380 | protocol=6 | dir=in | name=jaxer |
"{CBE2A8FF-15C7-4DEA-B279-C9C1ABF94A05}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{CE9B2C61-8F39-4811-8243-A9F272A4C8BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3FEE82D-A91F-4E4F-8ACD-B2DBC2D03F29}" = lport=5383 | protocol=6 | dir=in | name=jaxer |
"{E376F83D-8328-4E50-A11F-430C2D754655}" = lport=5376 | protocol=6 | dir=in | name=jaxer |
"{E86344A4-98B9-4B30-8005-E984B1C18430}" = lport=5378 | protocol=6 | dir=in | name=jaxer |
"{EDDC939A-6336-401E-A34F-5D243C93E845}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{F2C8F956-5182-4713-9BD1-B600487F9AF3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F93C842F-7101-4D14-B1EB-8E1855753830}" = lport=5382 | protocol=6 | dir=in | name=jaxer |
"{FDA98629-610C-4994-8319-84730CA569DB}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B9295F-0C7E-4DE0-B0C1-2C55027DC4CC}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{0C15D042-754D-4A4A-BFE4-31CCDBBDE252}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{0FD08CEC-70E0-474D-9223-01BDB84E5B37}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma\arma.exe |
"{11D237C4-C879-4F9D-92A2-3EC8C30DF314}" = protocol=6 | dir=in | app=e:\tobit radio.fx\server\rfx-server.exe |
"{130DCB55-A00A-4613-9599-0A91DC8C1C71}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{164A42C3-A8D7-4EC6-89FF-061304DF2E54}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{1870A4B8-C955-4F76-8C6A-BBDE92A32E62}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{1CBCBC06-8456-402D-8DD1-7535CDC61916}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{227F8FE1-96BA-461A-8D50-FC357DB568C2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{237B7D65-5B67-435A-B7FA-61FDF8B65B8C}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{275DCBAE-479B-465A-8B3F-E928D4287E44}" = protocol=6 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser.exe |
"{28641EA3-8DE6-4515-9892-D93CDC0A74C8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2B2E7ADD-8C16-450B-B9D7-BCA26E8249F0}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{2C177A96-6383-4222-94B1-DE911078FA1A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2DD2E5F6-8549-4EA6-89AE-48688A4A7091}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{31082E56-BF78-4E74-AB46-B3F11549FDB4}" = protocol=6 | dir=in | app=e:\tobit radio.fx\client\rfx-client.exe |
"{32C03411-D723-485C-AE3C-1652E9C55579}" = protocol=6 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe |
"{331D401F-4F88-49D6-B464-50BB9D8AA7CE}" = protocol=6 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{44E86163-6E06-4928-9D17-FF705FFA60D9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{49854442-A8BE-4CED-8700-E7B16DE80B62}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{4AB84589-0112-447F-B3EF-039DB132632D}" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{4D772118-BEDA-4C4B-9A1D-29EF1CFD0F33}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{50F3FD40-8112-4B69-A1BB-4EA19B8BE7E2}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{560EAE4C-A8F0-4EBA-BDE8-153D2DEA9680}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5D62FB89-0225-47CB-A0D5-4E9810F70724}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{5EDEB806-58F9-48EC-9CB0-00452B3F31C6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5F979056-37DC-4FB5-9634-164C298DFEE9}" = protocol=17 | dir=in | app=e:\tobit radio.fx\client\rfx-client.exe |
"{6886759E-D5D6-47DB-B39C-77F3628589B7}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{6DA88BB7-1917-48D2-A1C1-25CAE447AE57}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma\arma.exe |
"{7BDAD282-5626-43D8-A624-0222F13EC052}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{7D839585-01D4-4214-BAF0-574E20DA108B}" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{7E2B0DE5-1868-4352-AD9B-92997DBEA86F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{837E0F7E-522A-472F-B832-42806FF767BC}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"{8529CCE3-41FA-4516-9875-00F79A47D302}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8596D72F-E9C2-4352-8136-6874A5390B58}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{89961CD1-0D40-423A-8D8E-4D26009D0029}" = protocol=17 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{8AE75A0A-6487-4800-95A1-A7769AE88925}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{8F258A10-2930-4279-97C6-2B27D2ED4D78}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{8F8C52F9-813E-4BA9-91CD-C7FD6571257F}" = protocol=17 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe |
"{989253E8-8F82-4407-A784-266BCC1EF70C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9C6EB5AF-FCBE-4618-84E3-DB8B60B472B3}" = protocol=17 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser_nodd.exe |
"{9D009CE2-1FCB-43F4-813D-79A6AD41A6B6}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{9F7E85A8-AEA2-4917-BAC4-630ED10C8643}" = protocol=6 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault_server.exe |
"{A1AD30D5-5C1A-427B-B61B-72F8C0084DDC}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{A53BEC9E-9584-484B-9C0F-41B936E2BE9B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A9D8958B-23A4-43CD-9956-67D4D6B69F90}" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"{AA629A1E-0AD2-4C47-A611-23159529E636}" = protocol=17 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser.exe |
"{AA776F29-D389-46BE-A94D-203E4FF367E8}" = protocol=17 | dir=in | app=e:\tobit radio.fx\server\rfx-server.exe |
"{AB7897B6-3778-429C-A256-6840CC238D7A}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"{AD09BF0E-6DFD-4D9B-A9E0-FC5F5E1E8C3A}" = protocol=17 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault_server.exe |
"{B1A457EF-A777-48D9-A573-F4D49BB0A31D}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{B1D209D9-572A-4947-A83D-AAC362EBEE99}" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"{B24A3506-3C60-4BFA-8322-CB7FD96C4774}" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{B37F79CB-3E31-4658-9D20-C56DE3B17300}" = protocol=17 | dir=in | app=c:\users\daniel\downloads\sro_l5_full_client_downloader.exe |
"{B42A34E0-AFB3-4CB7-B47B-C763C78CC491}" = protocol=6 | dir=in | app=c:\users\daniel\downloads\sro_l5_full_client_downloader.exe |
"{BA4B27C1-D5D8-459F-8BBF-250949EBC8A8}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{CC8229FD-59D9-4DFB-9110-27A42E077A8F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DD723204-8778-4410-81A1-61219CCA060D}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{DED7B9AF-582F-4855-AE9A-E12F036602FA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E33CD37C-79DB-4A00-98E6-07E469A14C29}" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{E37B22BE-6592-43BF-8D7A-C04740148A43}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{E670EDA9-FD2D-41FF-8180-B314C1536FDE}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{EBF8731B-E842-46C9-A3CB-20D19DDAB165}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{F0C8C397-CE42-42F5-94F0-D21618B519F6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{F4D2A478-22AE-4D6A-A45D-DC22E235A973}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F4F2FF2F-3179-4CCC-9031-D4D5C987D6F1}" = protocol=6 | dir=in | app=c:\program files (x86)\tv-browser\tvbrowser_nodd.exe |
"{FDE775D3-5C54-42D4-A0DF-F25FC00BE297}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"TCP Query User{0BD4CAA0-3CD3-460D-94E5-9A8AEBBF0C2C}C:\program files\xi\netxfer\nettransport.exe" = protocol=6 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"TCP Query User{1062864A-3AD3-4217-8870-FC1BFF74D1C1}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1670E719-DBA3-416E-BF2D-DC2997BEDBBD}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{2EC03884-BA88-49A7-8A97-F415F46CC477}C:\users\daniel\appdata\local\aptana studio 1.5\aptanastudio.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\local\aptana studio 1.5\aptanastudio.exe |
"TCP Query User{37DC6271-37FC-4AAC-BF46-5291CFF6D446}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{3971384D-6484-4CFE-82B2-5C98AD510B2B}C:\program files (x86)\adobe\adobe after effects cs3\support files\afterfx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe after effects cs3\support files\afterfx.exe |
"TCP Query User{3C02FDFE-0925-443B-AF2E-214E939C6DCD}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{3D3AE252-AF89-4F56-912C-0B622FC31283}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe |
"TCP Query User{41664D75-E893-453F-875C-7FD22359FB97}G:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=g:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{51E3C42F-C2E2-4EBA-9204-5EFF64D271B8}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{64031C18-8149-4576-8ADF-DC9A80A3ACF7}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{65F79A2C-FBDF-4EA0-BFF7-32E284A2F57B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{6E7F349F-E80C-460E-9278-5FE1E13CAA5E}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{9020A745-2E26-4C72-BBC7-387EBAF350A3}D:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe |
"TCP Query User{92A0D36E-B06F-4A99-BDEA-016919EAF804}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{A0545716-AE09-4204-B0F5-AEB36E3332F6}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{A8BE6187-FAAF-4BE9-8D21-C4DC59B103F1}C:\users\daniel\downloads\sro_l5_full_client_downloader.exe" = protocol=6 | dir=in | app=c:\users\daniel\downloads\sro_l5_full_client_downloader.exe |
"TCP Query User{B9399F55-A413-474A-838B-032B6AB990F8}D:\program files (x86)\operationflashpoint\flashpointresistance.exe" = protocol=6 | dir=in | app=d:\program files (x86)\operationflashpoint\flashpointresistance.exe |
"TCP Query User{BFCECE35-344B-4894-970E-430FFD249A26}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{CD52F49C-659B-4420-AB7E-CC6EBE0786E8}C:\program files (x86)\realvnc\vnc4\vncviewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realvnc\vnc4\vncviewer.exe |
"TCP Query User{D15A7AAE-0EEB-40F0-B059-232AC80404EE}C:\program files (x86)\square enix\order of war (demo)\oow_final.bin" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\order of war (demo)\oow_final.bin |
"TCP Query User{D9CB78A5-128D-4F77-8B91-1CF2D158C600}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{DB65A469-0171-423F-AA17-58587F1A7F0A}D:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"TCP Query User{F5FCB6D5-A140-41F6-9977-DD8E5B93E073}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{16B75576-4AF8-4B7F-B96A-606B40FEAD48}C:\program files (x86)\square enix\order of war (demo)\oow_final.bin" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\order of war (demo)\oow_final.bin |
"UDP Query User{228B305E-5EAA-41EC-A9E2-EF5BF3ACCD2D}C:\users\daniel\downloads\sro_l5_full_client_downloader.exe" = protocol=17 | dir=in | app=c:\users\daniel\downloads\sro_l5_full_client_downloader.exe |
"UDP Query User{22CAE831-D521-418C-84EA-255C950D7929}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{33623787-0FD6-4EDF-8FBE-74AFCC8B1E9E}C:\program files (x86)\adobe\adobe after effects cs3\support files\afterfx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe after effects cs3\support files\afterfx.exe |
"UDP Query User{3A0B9CE0-3A34-462F-8CA5-A676813368C8}C:\program files (x86)\realvnc\vnc4\vncviewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realvnc\vnc4\vncviewer.exe |
"UDP Query User{4456E71F-865B-4B9F-BC49-2E6BA8140ACB}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{4784F295-FF47-44BA-9854-0FED525976E4}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{540BC255-C012-4178-A8D1-60322397CC2B}D:\program files (x86)\operationflashpoint\flashpointresistance.exe" = protocol=17 | dir=in | app=d:\program files (x86)\operationflashpoint\flashpointresistance.exe |
"UDP Query User{57BCDE5C-47F2-43B0-9264-E47BA3F0ED28}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{5FE050E7-6E2D-4E32-A926-0E8DFE6E80D2}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{65533CD6-78F2-4A68-A587-1775117E5287}G:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=g:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{7B321398-5D2B-48AC-A9AC-BCDF456BB7BB}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{8765BBDB-1FB4-4804-8696-777D1B54F7E9}D:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"UDP Query User{A9910DA8-425B-46D2-B205-9666A57EAB2F}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{AF744906-0BB5-4CCC-B842-F95F08CAB9D4}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{B18E1FF6-AF87-4101-86A5-D358E855D846}D:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bohemia interactive\arma cold war assault\coldwarassault.exe |
"UDP Query User{BB02C8EA-8657-42E3-8148-95B50F542F5E}C:\users\daniel\appdata\local\aptana studio 1.5\aptanastudio.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\local\aptana studio 1.5\aptanastudio.exe |
"UDP Query User{C5CB39A5-431B-46ED-904C-EE4D55E2ABC2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{C5E31424-1799-4740-822E-2352EF3DEA6D}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{CEF918AB-2A8C-4D6E-80AF-890E7AD1FB65}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{D4BBB6F1-65CA-420F-992E-A32DE9EBB520}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{D593EB32-1A49-4CCC-95BC-7F4E030F352A}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe |
"UDP Query User{E69D72B5-2FE8-41F5-8D1D-5C23F5D86DAE}C:\program files\xi\netxfer\nettransport.exe" = protocol=17 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"UDP Query User{F4D3471F-0B26-4559-80FF-8D192C0BD03E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{38B4E24E-4F6E-4A6C-A414-F956FC35F376}" = NVIDIA CUDA Toolkit v4.0 (64 bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 (64-bit)
"{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1" = Adobe Reader 64-bit fixes
"{78D2B9D0-E680-4295-9830-6B23397B474F}_is1" = NetTransport 2.96b.615
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite (Testversion) 2012
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"RmTablet" = Macro Key Manager
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"Windows7FirewallControl_is1" = Windows7FirewallControl (x64) 3.0.3.21
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer 2012
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{37B1F7CD-13E4-47DA-9E84-51AD6972ADC5}" = Stereoscopic Player
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EC8B911-98AB-4819-B5EE-D32E8A0A8AAA}_is1" = DVDx 2
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin N Wireless USB Adapter Setup
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{526B2AE8-73DF-4CE0-B140-9968677A7C93}" = HTC Sync
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66EDE2D1-F70E-CF05-4D1F-FCA3A9690588}" = Google+ RegHelper
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}" = VR-NetWorld
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A413CBEB-11C1-45B5-91B2-EB7AB8AF5E0C}" = ULTRA Program Files
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A56C2090-F03D-40F5-A4DC-1A75291B2833}" = Operation Flashpoint BAS Addon Pack
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}" = Need for Speed™ SHIFT Demo
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CC452A50-5C87-4A1F-B295-445C3C69BF7D}" = NVIDIA MediaShield
"{CD068533-1A20-47F6-B1A2-196725B1320F}" = LibreOffice 3.3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{ED34DBF1-8C99-40BD-A571-B4002A73EB00}" = A.C.Ryan MovieJukebox
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
"{F6C5F1A1-F459-498F-A50A-EE6C80799D3B}" = Cinescore Studio 1.0
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"ACEMod" = ACEMod
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"AkAbak_is1" = AkAbak 2.1
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AppInventor Extras" = AppInventor Extras
"Aptana Studio 1.5" = Aptana Studio 1.5
"Aptana Studio 2.0" = Aptana Studio 2.0
"ArmA" = ArmA Uninstall
"Arma Cold War Assault" = Arma Cold War Assault Uninstall
"Artisteer 3" = Artisteer 3
"ASIO4ALL" = ASIO4ALL
"ATB_PC_is1" = ATB_PC
"Audacity_is1" = Audacity 1.2.6
"AudibleManager" = AudibleManager
"BattlEye" = BattlEye Uninstall
"Celtx (2.7)" = Celtx (2.7)
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"de.txptr.googleplus" = Google+ RegHelper
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Edraw Mind Map_is1" = Edraw Mind Map V4
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"fc-prints" = fc-prints
"FFUR '85 (2008 Edition)" = FFUR '85 (2008 Edition) 1.0
"FileZilla Client" = FileZilla Client 3.2.4.1
"Flashpoint" = Flashpoint uninstall
"FormatFactory" = FormatFactory 2.80
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free Studio_is1" = Free Studio version 5.1.5
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"Harry's Filters 3" = Harry's Filters 3
"Inkscape" = Inkscape 0.46
"InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"jMax_is1" = jMax 4.1.0_WIN32
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.9.0
"Knoll 3D Flare" = Knoll 3D Flare
"LastFM_is1" = Last.fm 1.5.4.27091
"McAfee Security Scan" = McAfee Security Scan Plus
"Miro" = Miro
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 15.0 (x86 de)" = Mozilla Thunderbird 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"OpenAL" = OpenAL
"Opera 12.02.1578" = Opera 12.02
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"RealVNC_is1" = VNC Free Edition 4.1.2
"RocketDock_is1" = RocketDock 1.3.5
"Ruby-186-27" = Ruby-186-27
"Samsung SCX-4200 Series" = Samsung SCX-4200 Series
"Scribus 1.3.6" = Scribus 1.3.6
"SimpleScreenshot" = SimpleScreenshot 1.30
"SMPlayer" = SMPlayer 0.6.9
"Steam App 34830" = Sniper: Ghost Warrior
"TightVNC_is1" = TightVNC 1.3.10
"TmNationsForever_is1" = TmNationsForever
"Tobit Radio.fx Server" = Radio.fx
"Trapcode Particular v2" = Trapcode Particular v2
"Trillian" = Trillian
"tvbrowser" = TV-Browser 3.0.2
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"WinISD beta" = WinISD beta
"WinISD Pro [alpha]" = WinISD Pro [alpha]
"WinPcapInst" = WinPcap 4.1.1
"Wireshark" = Wireshark 1.2.9
"XMind" = XMind
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.08.2011 04:39:26 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 05:00:48 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 05:39:26 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 06:00:48 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 13:20:34 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 13:33:48 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 15.08.2011 13:39:14 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 16.08.2011 03:50:38 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
Error - 16.08.2011 03:58:02 | Computer Name = Beatrice | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SSMMgr.exe, Version: 2.7.8.0, Zeitstempel:
0x45700e44 Name des fehlerhaften Moduls: SSMMgr.exe, Version: 2.7.8.0, Zeitstempel:
0x45700e44 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e651 ID des fehlerhaften Prozesses:
0xd14 Startzeit der fehlerhaften Anwendung: 0x01cc5be914bef420 Pfad der fehlerhaften
Anwendung: C:\Windows\Samsung\PanelMgr\SSMMgr.exe Pfad des fehlerhaften Moduls:
C:\Windows\Samsung\PanelMgr\SSMMgr.exe Berichtskennung: 76a77e18-c7dd-11e0-8bad-0019dbd1a348
Error - 16.08.2011 03:59:35 | Computer Name = Beatrice | Source = Google Update | ID = 20
Description =
[ OSession Events ]
Error - 20.05.2010 12:05:25 | Computer Name = Beatrice | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5695
seconds with 2340 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 01.09.2012 09:49:54 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:55 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:55 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 09:49:56 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 01.09.2012 10:16:55 | Computer Name = Beatrice | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
Gruß Daniel |
| Themen zu "Weißer Bildschirm" |
| 2.0.7, 7-zip, adobe after effects, audacity, bho, bildschirm, bonjour, browser, converter, cs3/contributeieplugin.dll, error, firefox, flash player, google, google earth, grand theft auto, homepage, iexplore.exe, install.exe, langs, logfile, mozilla, mp3, nvidia update, office 2007, plug-in, programm, realtek, recuva, registry, scan, security, senden, server, software, starten, svchost.exe, third party, windows, wrapper |
Baum-Darstellung