| |
| |||||||
Log-Analyse und Auswertung: Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.09.2012, 17:17
| #1 |
| |  Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" Hallo! Ich hab mir, bzw. mein Laptop hat sich heute beim surfen etwas eingefangen. Ich bin neu hier, kenne mich zwar etwas besser als andere mit dem PC aus aber heute bin auch ich überfragt. Habe Windows 7 (64-bit) Folgendes: Hab im Netz gesurft, Plötzlich wurde der Bildschirm Weiss und es steht folgende meldung in einem Vollfenster: Keinen Zugriff auf Desktop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen" Wenn ich die Internetverbindung trenne ist der Bildschirm komplett Weiss. Wenn ich den Laptop neu starte kommt kurz der Desktop wo alles zu sehen ist (Hintergrund, Ordner, Programme etc.), ESET NOD 32 Startet noch (das Fenster kommt zumindest) und dann wird wieder alles Weiss bzw. es kommt die Meldung. Würde mich freuen wenn mir jemand dabei helfen könnte: mfg Daniel Hab den PC mit dem Abgesicherten Modus zum laufen gebracht und beim Eset Nod Online Scanner folgendes gefunden; Malwarebytes hab ich auch Durchlaufen lassen. Eset: Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fe22398b04d62c44965189c080bb8d8b
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-06 03:55:00
# local_time=2012-09-06 05:55:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 632 98576699 0 0
# compatibility_mode=8204 39157246 100 74 5450 55031229 0 0
# scanned=7162
# found=0
# cleaned=0
# scan_time=51
# nod_component=V3 Build:0x30000000
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fe22398b04d62c44965189c080bb8d8b
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-06 05:31:05
# local_time=2012-09-06 07:31:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 765 98576832 0 0
# compatibility_mode=8204 39157246 100 74 5583 55031362 0 0
# scanned=324811
# found=2
# cleaned=0
# scan_time=5682
# nod_component=V3 Build:0x30000000
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YKW9X14L\firstload_com[1].htm HTML/ScrInject.B.Gen Virus (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Users\Daniel\AppData\Local\Temp\is1988980107\MyBabylonTB.exe Win32/Toolbar.Babylon Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.06.08 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Daniel :: NOTEBOOK_DANIEL [Administrator] 06.09.2012 17:56:40 mbam-log-2012-09-06 (19-43-02).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 510498 Laufzeit: 1 Stunde(n), 34 Minute(n), 3 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Daniel\AppData\Roaming\msconfig.dat (Trojan.Zbot) -> Keine Aktion durchgeführt. (Ende) OTL.exe Code:
ATTFilter OTL logfile created on: 06.09.2012 19:45:08 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Daniel\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,91 Gb Available Physical Memory | 72,76% Memory free 7,99 Gb Paging File | 7,14 Gb Available in Paging File | 89,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298,09 Gb Total Space | 118,24 Gb Free Space | 39,67% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK_DANIEL | User Name: Daniel | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.06 18:17:57 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Downloads\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.09.22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.06.04 17:48:20 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2012.08.28 10:41:46 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010.09.18 21:05:47 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.05.29 19:29:21 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService) SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.27 20:48:15 | 000,530,488 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2012.01.12 21:05:18 | 000,126,864 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011.08.09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2011.08.04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2011.08.04 10:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.07.12 13:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2010.06.22 00:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.06.16 17:01:30 | 000,070,984 | ---- | M] (Ross-Tech LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RT-USB64.SYS -- (RT-USB) DRV:64bit: - [2010.03.13 15:36:40 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:64bit: - [2010.02.02 01:17:15 | 000,019,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.02.02 01:17:13 | 000,131,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.02.02 01:17:13 | 000,097,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.02.02 01:17:13 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.01.01 19:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009.12.19 20:22:10 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD) DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) DRV:64bit: - [2009.09.15 20:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.08.23 06:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2008.01.16 11:28:22 | 000,369,024 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15) DRV:64bit: - [2007.10.03 08:42:00 | 000,078,952 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sxuptp.sys -- (sxuptp) DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:64bit: - [2006.08.29 16:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\prodigy.sys -- (PRODIGY) DRV - [2009.12.19 20:22:10 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.03.05 10:25:30 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes,DefaultScope = {C0F4741A-82C4-4B2F-A049-95939EC7409B} IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes\{C0F4741A-82C4-4B2F-A049-95939EC7409B}: "URL" = hxxp://www.google.at/#hl=de&source=hp&biw=1916&bih=905&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=215267f46cc805a5 IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.11.21 10:35:11 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found O3 - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: [] File not found O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: [Nokia Link] C:\Users\Daniel\AppData\Local\Nokia\Nokia Link\NokiaLink.exe (Nokia Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk = C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-472853540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.3.96.67 195.3.96.68 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15B180ED-A444-4A9D-946A-3FD809AD660D}: DhcpNameServer = 212.33.55.5 212.33.32.160 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9748FC95-9B52-4147-B727-7161317C9BE2}: DhcpNameServer = 7.254.254.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFED75EE-AA28-4B52-9BF3-F1416FD01408}: DhcpNameServer = 195.3.96.67 195.3.96.68 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{06d0d8cb-fd43-11e0-8951-00a0d1abcd7f}\Shell - "" = AutoRun O33 - MountPoints2\{06d0d8cb-fd43-11e0-8951-00a0d1abcd7f}\Shell\AutoRun\command - "" = L:\NokiaPCIA_Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.06 17:55:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2012.09.06 17:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.06 17:55:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.06 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.06 17:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.06 17:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.09.04 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{E79EF347-C6FD-4AD3-98DC-1520DDCFD35F} [2012.09.03 17:01:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A20CDDC5-F7B0-42B0-A117-B67070803A4F} [2012.09.02 11:00:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{97F8405F-2E43-484C-8C40-0F2B13EF364A} [2012.08.31 11:38:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BA64D99B-A99D-4D95-90B2-D25B5256E742} [2012.08.30 20:50:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{66758100-FA13-4B7E-BDFE-5EB645D9C92B} [2012.08.30 00:35:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{41D844A5-A13E-4054-A8E4-D3B58755F694} [2012.08.30 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{470DF818-D52A-4DFB-A8F2-A1B156290982} [2012.08.29 11:29:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{23605B08-D2BF-408C-B2B4-C09A16C9DDDA} [2012.08.28 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BFA2D0E5-6AF8-4271-898C-E8889D568ADA} [2012.08.27 20:49:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5D97737D-ED0E-4068-BAEE-AF5C6621E104} [2012.08.27 10:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shape Collage [2012.08.27 10:49:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shape Collage [2012.08.27 06:58:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{59DB5D6E-B196-4169-9AD6-DA905A53F23C} [2012.08.26 08:44:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{45A4635B-1AE7-4F6A-85B5-65409667C0EF} [2012.08.25 21:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.08.25 16:10:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A366B87A-44FC-49DE-B605-1841147A33C3} [2012.08.23 16:33:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{368A540B-FCD4-4280-A8D2-B1C6FECFD235} [2012.08.22 16:54:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{29C7D805-551A-48F7-8297-5EE912C2FB47} [2012.08.21 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{06A1D81A-98E8-401B-A219-A522B8A0F619} [2012.08.20 15:50:13 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{67431476-EDC5-4FB8-9A00-06375EC4A487} [2012.08.19 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{6847E6FB-BD5D-4DF7-81B8-77D9F40A5093} [2012.08.16 17:48:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{0859B0B8-D2D9-4F1E-846A-0AFFA6264149} [2012.08.16 17:48:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{17229D6C-3F88-4866-B50D-4F674FA46476} [2012.08.15 16:21:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{95012DA5-1E5B-4796-9EAA-56C40D7DFA6A} [2012.08.15 16:21:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3D33198F-A273-420D-A1E7-641EDFEEB62F} [2012.08.15 15:33:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{D7E3A3DC-C5C1-42E1-9D55-2C2A04E329CE} [2012.08.14 23:25:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A33D95ED-F7D3-41DE-A7EB-B8EE1C9821ED} [2012.08.14 23:25:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{C75A10FC-CAEF-4EAB-B2AA-590B63A9B333} [2012.08.14 18:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IDMComp [2012.08.14 18:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraCompare [2012.08.14 18:04:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\polo [2012.08.13 16:41:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5C1F329F-46A1-48A9-9744-D81EB1E9EBD5} [2012.08.13 16:41:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{57B5EADD-86F7-472D-8170-7E93C0119F40} [2012.08.12 15:31:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{35181823-B786-4E73-9C93-E4C3AE0E527E} [2012.08.12 15:31:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BA69E19F-9B0F-4D3D-9D9C-68B1C17485A3} [2012.08.11 10:44:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{881C9D5B-6E62-4A20-9FA7-A6B18F1BE6D6} [2012.08.11 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{98F5F76B-B2B4-4FBC-8D61-34B7528AF30E} [2012.08.10 15:18:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Davilex [2012.08.10 15:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Davilex [2012.08.10 15:18:31 | 000,200,192 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\httpct.ocx [2012.08.10 15:18:31 | 000,066,560 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMORENU.DLL [2012.08.10 15:18:31 | 000,048,128 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMSCKN.DLL [2012.08.10 15:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Davilex [2012.08.10 09:24:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{FFA9489F-A2F7-4591-A110-D534CE002DF1} [2012.08.10 09:23:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{E1EF8E82-24C3-4330-AA42-80826D1BE77B} [2012.08.09 09:41:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ABE24425-89CD-4AA4-808B-0345F7B989B1} [2012.08.09 09:41:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5CAA585B-EDC7-483F-A5E3-3AA52FB795DD} [2012.08.08 09:29:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{60AB49CB-A6B4-4274-9DCC-76A54CC9E3B4} [2012.08.08 09:29:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{72D5C51D-22DA-499D-A6BE-C8C2CA961FB3} [2012.01.11 17:22:30 | 000,084,480 | ---- | C] (grasshopper) -- C:\Users\Daniel\AppData\Roaming\msconfig.dat [2010.03.13 15:36:40 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Daniel\AppData\Roaming\pcouffin.sys [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.06 17:55:30 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.06 17:41:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.06 17:41:07 | 3218,837,504 | -HS- | M] () -- C:\hiberfil.sys [2012.08.31 10:56:24 | 000,016,304 | ---- | M] () -- C:\Users\Daniel\.recently-used.xbel [2012.08.31 10:06:49 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.08.31 10:05:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.08.31 00:26:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2012.08.30 23:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.30 23:31:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.08.30 20:54:51 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 20:54:51 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.30 00:00:20 | 002,017,046 | ---- | M] () -- C:\Users\Daniel\Desktop\IMGP5639_edit_ohne_Kennzeichen.JPG [2012.08.29 23:54:36 | 003,023,295 | ---- | M] () -- C:\Users\Daniel\Desktop\IMGP5640_edit_ohne_Kennzeichen.JPG [2012.08.29 23:48:34 | 001,522,792 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.29 23:48:34 | 000,664,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.29 23:48:34 | 000,625,126 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.29 23:48:34 | 000,134,284 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.29 23:48:34 | 000,110,570 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.27 10:49:40 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Shape Collage.lnk [2012.08.15 22:54:12 | 000,445,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.08.15 19:53:03 | 009,043,583 | ---- | M] () -- C:\Users\Daniel\Documents\steyr-manual.pdf [2012.08.15 11:52:25 | 000,000,043 | -HS- | M] () -- C:\ProgramData\.zreglib [2012.08.14 18:20:52 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\UltraCompare.lnk [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.06 17:55:30 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.31 10:56:24 | 000,016,304 | ---- | C] () -- C:\Users\Daniel\.recently-used.xbel [2012.08.30 00:00:19 | 002,017,046 | ---- | C] () -- C:\Users\Daniel\Desktop\IMGP5639_edit_ohne_Kennzeichen.JPG [2012.08.29 23:54:35 | 003,023,295 | ---- | C] () -- C:\Users\Daniel\Desktop\IMGP5640_edit_ohne_Kennzeichen.JPG [2012.08.27 10:49:40 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Shape Collage.lnk [2012.08.15 19:53:03 | 009,043,583 | ---- | C] () -- C:\Users\Daniel\Documents\steyr-manual.pdf [2012.08.15 11:52:25 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.08.14 18:20:52 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\UltraCompare.lnk [2012.08.10 15:18:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\NMOCOD.DLL [2012.08.10 15:18:31 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL [2011.11.21 22:46:55 | 000,007,692 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\.freeciv-client-rc-2.3 [2011.09.27 21:49:25 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.07.29 20:14:50 | 000,003,078 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\PData.MMM [2011.07.29 20:14:50 | 000,003,078 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\PData.MM1 [2011.07.01 21:18:07 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\{DB7972D0-3EBB-4EF0-8C7E-236199161199} [2011.06.13 10:30:39 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\{0FE14754-F5DC-4889-ACF5-C361F5D1CD1D} [2011.01.23 22:00:01 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.01.23 21:27:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2010.12.04 16:58:44 | 000,006,900 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\.freeciv-client-rc-2.2 [2010.09.12 22:27:34 | 000,007,598 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2010.03.13 15:36:40 | 000,099,384 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\inst.exe [2010.03.13 15:36:40 | 000,007,859 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.cat [2010.03.13 15:36:40 | 000,001,167 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.inf [2010.02.27 00:02:49 | 000,060,928 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2011.11.21 22:45:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.freeciv [2011.10.11 17:58:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Audacity [2011.07.29 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\AUTOSICH [2011.09.26 09:59:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\avidemux [2012.08.20 16:06:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\BOM [2012.08.03 23:54:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canneverbe Limited [2010.08.03 18:43:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DeepBurner [2012.09.06 17:05:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DesktopPlatform [2011.02.01 17:00:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dropbox [2012.07.11 21:22:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoft [2012.07.11 21:17:36 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.20 23:39:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\EasyPCGate [2010.07.23 23:28:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Edison [2012.09.06 18:39:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gtk-2.0 [2010.07.23 23:28:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Hardcore [2010.02.14 19:28:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ID3-TagIT 3 [2010.07.20 23:39:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ImagesWords [2011.02.13 15:39:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ImgBurn [2010.02.02 17:54:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\InfraRecorder [2010.06.19 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech [2011.09.27 21:57:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MAGIX [2012.04.23 11:22:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro [2012.09.06 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\NetSpeedMonitor [2012.06.06 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia [2010.05.19 00:37:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Ovi Suite [2011.11.09 18:05:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Suite [2010.08.14 01:59:07 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nvu [2010.08.13 22:10:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org [2012.03.04 11:36:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PC Suite [2012.03.23 19:37:27 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\pdfforge [2012.04.11 11:13:52 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\pokerth [2011.08.18 13:14:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sinvise Systems [2010.07.23 23:27:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Slicex [2010.07.19 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Smart PDF Converter [2010.07.23 23:14:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SynthMaker [2011.01.24 01:53:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Tunngle [2010.06.29 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Video DVD Maker FREE [2010.03.14 11:04:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Vso [2011.10.12 18:25:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Windows Live Writer [2012.08.31 10:06:49 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job [2012.07.06 10:19:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 06.09.2012 19:45:08 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Daniel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,91 Gb Available Physical Memory | 72,76% Memory free
7,99 Gb Paging File | 7,14 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 118,24 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK_DANIEL | User Name: Daniel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AB42184-B108-4245-9E0E-0A3859B0AAAF}" = rport=138 | protocol=17 | dir=out | app=system |
"{28724ECF-342D-431E-BA89-8536A1FBC483}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31FFE070-2309-45C6-A95C-C94C76E5138C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4055D1EF-490D-4366-A387-C3E49AC9F5E3}" = lport=137 | protocol=17 | dir=in | app=system |
"{40B45B89-3836-4B7B-9BDF-E49177AD1DCD}" = rport=445 | protocol=6 | dir=out | app=system |
"{419CF2E5-139F-4957-878E-86A72F327AF4}" = lport=139 | protocol=6 | dir=in | app=system |
"{56BDF46A-B92D-40FC-B341-A6614DFD6093}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{58F12F61-CC97-44FD-BC6F-E292FBB138D6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60BE20EC-08A3-4872-9369-EE1271D48C9C}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{6D3C3FEE-67A8-41FA-AC59-816D6AEDBA2E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FBFEA42-B431-4B91-901A-731E0815D498}" = rport=137 | protocol=17 | dir=out | app=system |
"{857A2BF5-E960-41F1-8AB4-0EA7FD9D1FFF}" = lport=445 | protocol=6 | dir=in | app=system |
"{95C4EE10-D576-4312-A44C-842D167F4234}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A40C155C-D5EA-4587-8F0B-30F92859D3B6}" = lport=138 | protocol=17 | dir=in | app=system |
"{A5141D9C-E22D-48DA-B506-BE4C723264CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A583BC12-FFB6-4CED-9DA1-D4AC7E9E512B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AC9BDAB1-C32F-43D5-8EDF-9E16A90C61E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADBB226B-2535-4193-8274-76D4FC49BC43}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BC96F933-5540-4694-A204-099E487E3708}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF2BF9E6-B6E3-4BB4-9B12-F0A01135CDFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D393746A-99E0-483F-9075-4014900A9232}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6F12935-AB31-47EC-BFFA-DA17328DCC70}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E06CBD28-6358-484C-A122-41F8CFAD9E52}" = rport=139 | protocol=6 | dir=out | app=system |
"{E20ECD99-4A02-49E2-BE16-CD16648F5EAC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E8FE2BC3-7A85-40F9-84D1-92BB51E26BEA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FC5C58B9-ABF3-4F0C-AC6E-525F3DC53C3E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D2BF8F-B4F5-4A47-8BF4-C9E0233BB74D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{032A080F-2A85-4E56-977D-BF27E2B632E5}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{12F6B6E1-48CC-43EB-8A1A-D3F512DDB5FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{1C75FEA7-798C-4DDC-A818-D5758C2E4CD6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{1CA7517C-4781-4B96-A44F-BFE83F685685}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{203C2C36-28C6-4E57-BAAE-39DD52A70FCC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20C71B83-DB2C-490A-A1E7-D4919A242821}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{20D069B9-5EDE-43C8-BF41-F5DCA1ABC07F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{21732663-2626-4074-BBC0-B15E762D2E2A}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{23C566D2-7405-493B-B55B-DD327A6040FB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe |
"{2836A2FB-720A-4304-BA51-760A3EDC2350}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{288717A4-3C3B-4C29-B2FF-3F24811B71D5}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{28CF3BA2-1E40-43E3-821E-4E91309A08C9}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2CDC5986-E2D4-45A1-9E25-26FEDF4AFB8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35C85FB9-80F1-4E53-80E3-E3684F3BC7EC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3EB758CA-444B-4D66-8AFA-5682E37D58B3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44A8E349-EB14-4BAC-B456-BD6D044BE02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{46B760FB-9F50-4ADA-BE5E-DA3FE5C29491}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{49715EF4-A3A9-450A-94E1-B841C9C3DA6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FE0E4DF-2EB1-4755-B652-8386D7FD395A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{51CDCF00-CC12-4CEA-B7F2-10E739C9E80E}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{544CC357-6A5B-479F-A0AE-E9288A38D8C0}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{587E44EC-CAE0-47F9-92AA-CEFE4A26538C}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{58939B61-BABE-4A33-9432-4B7046181F2D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{58A76E8F-8D2C-4D4B-97B3-923614C72868}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{592DBB16-F556-4CF9-B199-A22930F965F6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5B09CD87-8E87-4A90-A5B1-C4813E34C48F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60665E19-956A-4D94-878D-C8887F86C6FA}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{615B136A-D14B-432A-9830-65FC9610C5BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{643F004E-B9DC-4893-B8B9-605B0814A292}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64EEAAC4-4187-4752-8F65-449E4E9732A3}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{6AA30E70-E135-414E-AE1E-EBEEFE938459}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{709DC737-74E4-4B6C-99F0-01C3E8BAEA35}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"{74B5783D-ED30-461E-8990-E4AD87FA769F}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{757E12E4-4AFB-4A38-A007-F2AE1A250DB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{792362C6-D07F-4938-A518-358D6D406A3F}" = protocol=6 | dir=out | app=system |
"{7D3B3C07-1DD7-4558-A403-7319D938DAA3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7ED3D9B1-D553-4C8A-9AD3-96E7E7469A23}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{81796BC7-B48A-4F8E-AA10-4B86ADB28F66}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx.exe |
"{836949EB-77F3-43C4-BD0D-A199C58C2147}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{865A4CFD-3296-4B1E-9FED-FAABDCA64EEC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe |
"{888D05C1-2651-4C39-ACFD-B8A3AC5894B4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8CCCBDC6-07F4-4D19-9620-42D84742FC5D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{933D2837-D3DF-421F-9720-471E6AF90F72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{93BDE9C1-C324-415B-86E5-7FC01ACDF7C6}" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"{974F755E-4070-45CC-B6B6-4B44227F4965}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{98B07635-870A-47DC-8403-D792F6273CBE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9C9BE693-73F7-49F6-8D11-178C46549E2F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{9DB8F5C5-BB68-4FE3-B8B3-F5500738A3FA}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{9FAB5B25-7603-454D-B357-0307E2BFF005}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{A0BE70AA-B995-4ED7-9BB0-8ADD82A44C6A}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe |
"{A8E11BB2-03ED-45CA-8840-4392C9F44182}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{A9B080DA-6C7C-432B-899C-C7C7F5691B5F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AA4783B6-7D8A-4A11-AA96-1B290CE1B290}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{B074833A-F771-459F-A14C-4AEA7869FFCB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{B1E46E15-54F4-4A7F-A87F-FBEEBD15B940}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD4E4186-A581-485F-AAF9-B87899134CB8}" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"{BFDBA822-34F1-4BB2-A62B-E84FEBEFDBE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C18C7DB6-03D3-4B9E-B474-01AE64E5EB11}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C3E9A65E-56AA-4BC6-9CBA-5192D77C2A31}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C5088E45-CD0F-47A7-B07E-C97415593C89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C69769CE-FFBE-405B-A764-E6C31C9FF43C}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{CBF0912D-4685-43D2-BD1A-D2EAF33D135D}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{CC6A8B95-C092-4444-B89E-E9C5EB0244C6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D04A6400-1AEB-4A78-B698-1AB5815125DA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D2516638-45B1-4048-B277-F4C9E60A035A}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{DC297C08-EF4C-4CC8-926A-766048B50C3F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DFFDF45F-C5B6-4D5B-B6A3-006EDD306B53}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{E03E75CA-665B-4472-A414-A90FA783E090}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{E4312C58-89DD-4197-8A24-728E8CE4B4EF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx.exe |
"{F05B28BC-F0F9-4C02-9A8F-4C7CFDD9F70C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F4C44930-B24F-4036-AD69-1CFE57AC13FD}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{FAB0C711-45EB-4AE1-9150-D5B2814C0EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe |
"{FB0E1C56-3D93-4B51-B7E9-4B197D8CB53F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe |
"{FC5AAEE0-E70F-4082-AAF4-CDCF4D832BF1}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"TCP Query User{0D86BA1C-7BBB-4BBB-BCE9-A34475388CFB}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{13135777-F745-46F2-A8E4-99ACFDA81C84}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{19217AF3-7673-4C4E-987A-B98740CE1A31}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3A37C4C1-A0D6-45B5-AA52-C384DC2DD65E}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"TCP Query User{3B7A0E98-3718-402F-9965-A46BA47D2464}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{510DE359-22C1-437C-9A9D-AA1F2F4420EF}C:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe |
"TCP Query User{58ECF1A9-4162-4C59-BAFB-2C471777949B}C:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe |
"TCP Query User{902E9428-E3EA-44D6-AB2C-732A6C571449}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{9B4D8419-0D9B-4ABE-A532-77367FB6C0AD}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{AD13A503-73BC-4FF9-8500-DABB95C7A2E6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{BFD69A71-FC4E-49AE-A02B-4BE6D9E3A6C0}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{C249274F-879B-4CB1-93E9-E50D9F2BA77C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{CC519232-2501-4706-B9AF-BEB35022DBAF}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"TCP Query User{EEBC437D-13F8-4815-B5BD-313022F63EBF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{EFC73328-36F1-4571-9B28-D465556D6D65}C:\program files (x86)\ubisoft\r.u.s.e\ruse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\r.u.s.e\ruse.exe |
"TCP Query User{F09EF473-1500-47F9-A5BC-11CA06A12DA4}C:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe |
"TCP Query User{F11F2691-DA24-49F5-8789-A1B76D4CF20F}C:\program files (x86)\infogrames\grand prix 4\gp4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\infogrames\grand prix 4\gp4.exe |
"TCP Query User{F91F5309-9CC7-4C0E-82C1-9E4D1BB753D5}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{0A7AFAF2-D6D9-463A-8DDB-2F5C5360DA71}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0AFBC1E3-36BB-425C-93C4-886A3B2E3DD4}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{0C931DEB-B50F-4750-AFDC-536C520878CA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2B605564-242B-48C3-A2CD-77E267DFC433}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{393DD855-1FD2-4CFA-BA90-FD19FB884CC1}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{41776DA8-17E8-4597-86E9-9735B78323EB}C:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe |
"UDP Query User{5F9F099F-45B1-4FF8-AFD7-FA0581F4F900}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6743CD74-512F-49E0-8FC0-0C8679ABA08A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{7B03C031-E777-4E29-AF90-E157DA29051B}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe |
"UDP Query User{7F9D7BCE-959E-4D68-B95F-03BD36812593}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{8E6BD12D-3AFB-4EFC-9062-CDD9AAF2918C}C:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe |
"UDP Query User{915562C5-DE3F-4E0D-AAFE-B01DC8E53F50}C:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe |
"UDP Query User{966C2236-54ED-4E39-A48F-A4A0EABA30C2}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{9A77AE57-9760-4FAB-B17B-5A2CBED36946}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{AE1C3736-CF7E-4902-A892-9B2690C30C3E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{B30D122F-E9D1-408B-984F-1109C9DE58F7}C:\program files (x86)\infogrames\grand prix 4\gp4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\infogrames\grand prix 4\gp4.exe |
"UDP Query User{BBD5B3CD-23FB-44E2-886F-210DCEA8A86A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{CE77279D-639F-4D57-AE2C-C2BD1419C67C}C:\program files (x86)\ubisoft\r.u.s.e\ruse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\r.u.s.e\ruse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{07E674CF-C77E-4915-A110-A7556F4AB118}" = ESET NOD32 Antivirus
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{2C22EA92-CB30-4932-0052-000001000000}" = InfraRecorder 0.52 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61FFBE12-E3AD-442A-B261-A086041DB37A}" = Validity WinBio DDK
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8947EEAC-D5EE-4BA1-AF88-08E4E30CF7A9}" = WIN7TS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC38EE55-86A7-4688-BC8E-202D82FB8B7B}" = NetSpeedMonitor 2.4.2.0 x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC6B4110-394D-45B9-A677-BA495D84CA63}" = Shutdown Timer
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Belkin Network USB Hub Control Center" = Belkin Netzwerk USB-Hub Kontrollzentrum
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443" = Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1" = Cities In Motion
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{558FD9A4-EA4C-48FA-95C4-B663A289ADB1}" = Authentec WBDI Driver Package
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1" = Mouse Recorder Pro 2.0.7.0
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EE1EB497-5F0B-4DEF-910B-165707AB09FA}" = UltraEdit 16.30
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFE4AB7D-4E94-441B-9A86-98E69E37567B}" = Nero Burning ROM 11
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVerMedia A309 (MiniCard, DVB-T)" = AVerMedia A309 (MiniCard, DVB-T) 1.0.64.40
"Biet-O-Matic v2.12.6" = Biet-O-Matic v2.12.6
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Setup.divx.com" = DivX-Setup
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ESET Online Scanner" = ESET Online Scanner v3
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"ID3-TagIT 3_is1" = ID3-TagIT 3
"ImgBurn" = ImgBurn
"InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{8947EEAC-D5EE-4BA1-AF88-08E4E30CF7A9}" = WIN7TS
"JDownloader" = JDownloader
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Nokia Suite" = Nokia Suite
"Nvu_is1" = Nvu 1.0
"OpenAL" = OpenAL
"PokerTH 0.9.4" = PokerTH
"PunkBusterSvc" = PunkBuster Services
"Rigs of Rods" = Rigs of Rods
"ShapeCollage" = Shape Collage
"Speccy" = Speccy
"SystemRequirementsLab" = System Requirements Lab
"Tunngle beta_is1" = Tunngle beta
"VCDS PCI" = VCDS PCI 11.11
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 2.0.0
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Nokia Link" = Nokia Link
"Nokia Maps 3D browser plugin for Internet Explorer" = Nokia Maps 3D browser plugin for Internet Explorer (5.10.3.0)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.08.2012 01:05:20 | Computer Name = Notebook_Daniel | Source = Windows Backup | ID = 4103
Description =
Error - 27.08.2012 15:41:40 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 9.0.8112.16448 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 998 Startzeit: 01cd8485dbe7c09d Endzeit: 191 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Berichts-ID:
Error - 28.08.2012 16:18:01 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16448 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 8e8 Startzeit: 01cd8555182813fb Endzeit: 86 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 28.08.2012 17:24:11 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.270.7 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10c4 Startzeit:
01cd85601b19a163 Endzeit: 96 Anwendungspfad: C:\Program Files\Java\jre6\bin\javaw.exe
Berichts-ID:
a9b76813-f156-11e1-87b8-00a0d1abcd7f
Error - 30.08.2012 03:05:52 | Computer Name = Notebook_Daniel | Source = Microsoft Fax | ID = 32092
Description = Fehler beim Empfangen eines Faxes durch den Faxdienst. Von: . Anrufer-ID:
. An: Fax. Seiten: 0. Gerätename: Agere Systems HDA Modem.
Error - 02.09.2012 07:59:33 | Computer Name = Notebook_Daniel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 2.0.2.0, Zeitstempel:
0x4fec5841 Name des fehlerhaften Moduls: libdvdnav_plugin.dll, Version: 0.0.0.0,
Zeitstempel: 0x4fec5852 Ausnahmecode: 0x40000015 Fehleroffset: 0x0000000000032941
ID
des fehlerhaften Prozesses: 0x79c Startzeit der fehlerhaften Anwendung: 0x01cd8902669776ed
Pfad
der fehlerhaften Anwendung: C:\Program Files\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften
Moduls: C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll Berichtskennung:
a843afb3-f4f5-11e1-8ef8-00a0d1abcd7f
Error - 02.09.2012 13:00:01 | Computer Name = Notebook_Daniel | Source = Windows Backup | ID = 4103
Description =
Error - 02.09.2012 14:01:42 | Computer Name = Notebook_Daniel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: googleearth.exe, Version: 6.2.2.6613,
Zeitstempel: 0x4f8941c7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x71c Startzeit der fehlerhaften Anwendung: 0x01cd8934fc2b1d93 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 3fbdf7c9-f528-11e1-8ef8-00a0d1abcd7f
Error - 03.09.2012 13:20:00 | Computer Name = Notebook_Daniel | Source = ESENT | ID = 484
Description = wlmail (7072) C:\Users\Daniel\AppData\Local\Microsoft\Windows Live
Mail\Calendars\: Versuch, Ordner "C:\Users\Daniel\AppData\Local\Microsoft\Windows
Live Mail\Calendars\DBStore\Backup\old" zu entfernen, ist mit Systemfehler 145
(0x00000091): "Das Verzeichnis ist nicht leer. " fehlgeschlagen. Fehler -1022 (0xfffffc02)
beim Entfernen von Ordnern.
Error - 03.09.2012 13:20:00 | Computer Name = Notebook_Daniel | Source = ESENT | ID = 215
Description = wlmail (7072) C:\Users\Daniel\AppData\Local\Microsoft\Windows Live
Mail\Calendars\: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten
wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
[ Media Center Events ]
Error - 19.04.2011 15:23:44 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 21:23:33 - Fehler beim Herstellen der Internetverbindung. 21:23:33
- Serververbindung konnte nicht hergestellt werden..
Error - 19.04.2011 16:23:49 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 22:23:49 - Fehler beim Herstellen der Internetverbindung. 22:23:49
- Serververbindung konnte nicht hergestellt werden..
Error - 19.04.2011 16:23:57 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 22:23:54 - Fehler beim Herstellen der Internetverbindung. 22:23:54
- Serververbindung konnte nicht hergestellt werden..
Error - 20.04.2011 14:54:33 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:54:25 - Fehler beim Herstellen der Internetverbindung. 20:54:25
- Serververbindung konnte nicht hergestellt werden..
Error - 28.05.2011 14:28:29 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:28:28 - Fehler beim Herstellen der Internetverbindung. 20:28:29
- Serververbindung konnte nicht hergestellt werden..
Error - 28.05.2011 14:28:43 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:28:34 - Fehler beim Herstellen der Internetverbindung. 20:28:34
- Serververbindung konnte nicht hergestellt werden..
Error - 01.06.2011 14:33:33 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:33:33 - Fehler beim Herstellen der Internetverbindung. 20:33:33
- Serververbindung konnte nicht hergestellt werden..
Error - 01.06.2011 14:33:48 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:33:39 - Fehler beim Herstellen der Internetverbindung. 20:33:39
- Serververbindung konnte nicht hergestellt werden..
Error - 13.06.2011 09:25:45 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 15:25:45 - Fehler beim Herstellen der Internetverbindung. 15:25:45
- Serververbindung konnte nicht hergestellt werden..
Error - 13.06.2011 09:26:04 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 15:25:51 - Fehler beim Herstellen der Internetverbindung. 15:25:51
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 06.09.2012 13:37:59 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
|
10.09.2012, 22:47
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
__________________Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. Zitat:
NICHTS voreilig aus der Quarantäne löschen!
__________________ |
|
| Themen zu Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" |
| 7-zip, anzeige, anzeigen, besser, bildschirm, desktop, dieses programm kann die webseite nicht anzeigen, eset, eset nod32, feedback, google earth, heute, hintergrund, install.exe, interne, internetverbindung, jdownloader, komplett, langs, laptop, launch, meldung, neu, nicht möglich, ntdll.dll, ordner, plug-in, plötzlich, programm, programme, recuva, startet, surfen, verbindung, webseite, windows, windows 7, zugriff |
Linear-Darstellung
