| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Polizei Virus Jippieh! :(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.09.2012, 15:59
| #1 |
| |  Polizei Virus Jippieh! :( Grüß euch und gleich mal vielen Dank für die Hilfe hier, echt großartig! also hab jetzt wie die hilfe besagt Malware Bytes laufen lassen, mit folgendem Log : Code:
ATTFilter Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.09.07.09 Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 *** :: ***-PC [administrator] Protection: Disabled 07.09.2012 16:51:02 mbam-log-2012-09-07 (16-51-02).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 230901 Time elapsed: 1 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Users\***\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> Quarantined and deleted successfully. C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Quarantined and deleted successfully. (end)  nur zur info, hab mir vorher schon selbst helfen wollen mit Kaspersky Rescue Disk und Windows unlocker, hat beides nichts geholfen. Liebe Grüße, |
|
08.09.2012, 19:59
| #2 |
| /// Helfer-Team  | Polizei Virus Jippieh! :( Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung)
__________________ |
|
09.09.2012, 13:17
| #3 |
| | Polizei Virus Jippieh! :( vielen dank für die Antwort!
__________________Malware bytes hab ich eh schon laufen lassen (siehe oben) hier die Logs von OTL : OTL.txt : Code:
ATTFilter OTL logfile created on: 09.09.2012 14:07:00 - Run 2
OTL by OldTimer - Version 3.2.61.1 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,99 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 72,17% Memory free
15,98 Gb Paging File | 13,62 Gb Available in Paging File | 85,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 4,53 Gb Free Space | 7,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 20,45 Gb Free Space | 2,20% Space Free | Partition Type: NTFS
Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: BLUMEISON-PC | User Name: blumeison | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
PRC - C:\Users\blumeison\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\blumeison\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\blumeison\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
MOD - C:\Users\blumeison\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\blumeison\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtCore4.dll ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtGui4.dll ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtXml4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (emaudsv) -- C:\Windows\SysNative\emaudsv.exe (E-MU Systems)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirService) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ezGOSvc) -- C:\Windows\SysWOW64\ezGOSvc.dll ()
SRV - (AntiVirSchedulerService) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (nlsvc) -- D:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (vmm) -- C:\Windows\SysNative\drivers\VMM.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (ffusb2audio) -- C:\Windows\SysNative\drivers\ffusb2audio.sys (Focusrite Audio Engineering Limited.)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (urvpndrv) -- C:\Windows\SysNative\drivers\covpnv64.sys (F5 Networks, Inc.)
DRV:64bit: - (f5ipfw) -- C:\Windows\SysNative\drivers\urfltv64.sys (F5 Networks, Inc.)
DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
DRV:64bit: - (RDID1058) -- C:\Windows\SysNative\drivers\Rdwm1058.sys (Roland Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV:64bit: - (emusba10) -- C:\Windows\SysNative\drivers\emusba10.sys (E-MU Systems)
DRV - (nltdi) -- D:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 BF 9A 57 65 8C CD 01 [binary data]
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@hanbiton.com/HbsMozillaLauncher: D:\Spiele\Mythos\nphlauncher.dll (hanbitsoft)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\blumeison\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\blumeison\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\blumeison\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.01 00:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.01 00:04:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.04.12 22:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\blumeison\AppData\Roaming\Mozilla\Extensions
[2012.08.26 20:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\blumeison\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions
[2011.05.19 17:27:08 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\blumeison\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.26 20:38:00 | 000,270,021 | ---- | M] () (No name found) -- C:\Users\blumeison\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.03.18 13:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.02 18:11:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.08.01 00:04:27 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.13 08:36:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 08:36:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.13 08:36:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 08:36:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.13 08:36:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 08:36:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\blumeison\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\blumeison\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\blumeison\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\blumeison\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\blumeison\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\blumeison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\blumeison\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\blumeison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012.05.02 18:24:00 | 000,001,322 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 195.72.134.217 sip.bwin.org #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.217 sip #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.26 ab.itsfogo.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.26 ab #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.132.251 ace.itsfogo.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.132.251 ace #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 127.0.0.1 launcher01.kalypsomedia.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FILSHtray] C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [E-MU USB Audio Control Panel] C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [NetLimiter] D:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [RGSC] D:\Spiele\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [Spotify] C:\Users\blumeison\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [Spotify Web Helper] C:\Users\blumeison\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\blumeison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\blumeison\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\blumeison\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\blumeison\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..Trusted Domains: itsfogo.com ([ace] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5certchk.cab (F5 Networks Certificate Checker)
O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT AntiViruses Class)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT FireWalls Class)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\BLUMEI~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1 (F5 Networks Auto Update)
O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT ProcessesScanner Class)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5InspectionHost.cab (F5 Networks Policy Agent Host Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxhost.cab (F5 Networks Host Control)
O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (F5 Networks OPSWAT Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CF7541D-30C1-45D6-83EC-60D8C60A970F}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FF35E88-D782-419D-98D3-9564D5F2276B}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 11:02:01 | 000,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32176409-ef93-11e1-b423-001cc0937a72}\Shell - "" = AutoRun
O33 - MountPoints2\{32176409-ef93-11e1-b423-001cc0937a72}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{341306b6-683b-11e0-8af6-001cc0937a72}\Shell - "" = AutoRun
O33 - MountPoints2\{341306b6-683b-11e0-8af6-001cc0937a72}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{5ce2d588-6543-11e0-9c90-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5ce2d588-6543-11e0-9c90-806e6f6e6963}\Shell\AutoRun\command - "" = E:\BlueBirds.exe -- [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics)
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.07 16:50:24 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Roaming\Malwarebytes
[2012.09.07 16:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.07 16:50:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.07 16:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.07 16:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.02 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\blumeison\.towns
[2012.08.31 09:13:07 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Local\{00CABA61-483B-D03E-ECE1-D47DCB7A9EA4}
[2012.08.30 11:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012.08.30 11:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012.08.27 14:38:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Jagged Alliance - Crossfire
[2012.08.26 19:00:33 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WLAN Software
[2012.08.26 19:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WLAN_Software
[2012.08.26 19:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoInstall
[2012.08.20 23:26:56 | 000,000,000 | ---D | C] -- C:\Users\blumeison\Documents\Stronghold 3
[2012.08.20 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012.08.16 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion
[2012.08.16 22:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion
[2012.08.16 22:00:31 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion-2.4
[2012.08.16 22:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion-2.4
[2012.08.16 21:24:42 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Roaming\UFOAI
[2012.08.16 03:03:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 03:03:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 03:03:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 03:03:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 03:03:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 03:03:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 03:03:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 03:03:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 03:03:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 03:03:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 03:03:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 03:03:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 03:03:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 02:08:02 | 000,000,000 | ---D | C] -- C:\Users\blumeison\AppData\Local\FLT
[2012.08.16 02:08:00 | 000,000,000 | ---D | C] -- C:\Users\blumeison\Documents\Shiner
[2012.08.15 13:42:48 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 13:42:44 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 13:42:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 13:42:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 13:42:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 13:42:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 13:42:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 13:42:30 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.09 14:09:19 | 000,789,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.09 14:09:19 | 000,657,818 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.09 14:09:19 | 000,126,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.09 14:03:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.09 14:03:52 | 2138,464,255 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.08 20:55:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1897697440-3972685969-3085652971-1001UA.job
[2012.09.08 20:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.08 17:55:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1897697440-3972685969-3085652971-1001Core.job
[2012.09.08 11:30:37 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.08 11:30:37 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 16:50:22 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 16:31:16 | 000,001,108 | ---- | M] () -- C:\Users\blumeison\Desktop\taskmgr.exe - Shortcut.lnk
[2012.09.06 21:37:37 | 004,503,728 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.02 18:56:37 | 000,002,477 | ---- | M] () -- C:\Users\blumeison\Desktop\Google Chrome.lnk
[2012.08.27 13:54:37 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\Jagged Alliance - Crossfire.lnk
[2012.08.20 23:26:05 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold 3.lnk
[2012.08.16 22:21:30 | 000,000,633 | ---- | M] () -- C:\Users\blumeison\Desktop\UFOAlien Invasion-2.4.lnk
[2012.08.16 21:54:37 | 000,007,601 | ---- | M] () -- C:\Users\blumeison\AppData\Local\Resmon.ResmonCfg
[2012.08.16 12:00:33 | 002,392,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 17:46:09 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 17:46:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.07 16:50:22 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 16:30:39 | 000,001,108 | ---- | C] () -- C:\Users\blumeison\Desktop\taskmgr.exe - Shortcut.lnk
[2012.09.06 21:25:14 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.08.27 13:54:37 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\Jagged Alliance - Crossfire.lnk
[2012.08.26 19:00:26 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL
[2012.08.26 19:00:26 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\InsDrvZD64.dll
[2012.08.20 23:26:05 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold 3.lnk
[2012.08.20 23:26:05 | 000,000,898 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold 3.lnk
[2012.08.16 22:00:31 | 000,000,633 | ---- | C] () -- C:\Users\blumeison\Desktop\UFOAlien Invasion-2.4.lnk
[2012.03.03 23:17:02 | 000,007,601 | ---- | C] () -- C:\Users\blumeison\AppData\Local\Resmon.ResmonCfg
[2012.02.28 12:45:18 | 000,776,326 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.18 23:44:56 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\PDF2TXT.DAT
[2011.12.17 13:43:40 | 000,406,336 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.12.06 20:56:37 | 000,000,551 | ---- | C] () -- C:\Users\blumeison\AppData\Roaming\AutoGK.ini
[2011.11.27 22:46:56 | 000,003,135 | ---- | C] () -- C:\Users\blumeison\AppData\Local\Perfmon.PerfmonCfg
[2011.06.23 14:58:22 | 000,139,816 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.05.29 15:59:09 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.04.26 09:02:51 | 000,000,000 | ---- | C] () -- C:\Windows\f5unistall.INI
[2011.04.13 21:26:12 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.13 21:25:45 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.13 08:16:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
< End of report >
Extras.txt : OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.09.2012 14:07:00 - Run 2
OTL by OldTimer - Version 3.2.61.1 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,99 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 72,17% Memory free
15,98 Gb Paging File | 13,62 Gb Available in Paging File | 85,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 4,53 Gb Free Space | 7,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 20,45 Gb Free Space | 2,20% Space Free | Partition Type: NTFS
Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: BLUMEISON-PC | User Name: blumeison | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024BA725-E382-48A7-804A-B2622695A0BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{04061A29-66E0-4FA3-88F5-DE35E4A391B5}" = lport=6889 | protocol=6 | dir=in | name=league of legends launcher |
"{04D86F39-EBEE-4BE1-A475-0367FC86398E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E35BEE6-69EE-4AE0-BCFE-D313F773D1AE}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
"{11830C35-2290-4433-99C7-7EE45545B18B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A54B550-F0E4-4E98-B061-07EF1E0F60F4}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{1B11174D-9894-448B-AB69-C0F4C7F790B0}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{1CF6961B-F2CF-4862-A0E5-07E6DE80FFF6}" = lport=6920 | protocol=6 | dir=in | name=league of legends launcher |
"{21FD0B41-0F87-4767-B121-B6A132809059}" = lport=6889 | protocol=17 | dir=in | name=league of legends launcher |
"{25EB578C-4275-4D62-A6EE-A0CF29B063FA}" = rport=138 | protocol=17 | dir=out | app=system |
"{27AA5862-C7A2-463E-ABAA-A3E2409AB1E1}" = rport=139 | protocol=6 | dir=out | app=system |
"{2812F867-61D6-480C-B8D7-B675E8EF8A9F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2DDE748A-A74F-4662-9F7E-4C0C3B8B6E48}" = lport=137 | protocol=17 | dir=in | app=system |
"{380BBBD2-EC78-4F02-9303-0B0672213063}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{3C834553-BF92-492E-BFE0-0F48907D8A18}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3EC671E0-C965-4129-82A9-DC1FA2AC8791}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{472F61BB-1AAA-4383-8847-BAE09BFB9468}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47492A03-1BFE-4C86-8517-FA6902CD3842}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{4F27A6E5-6987-4685-8201-BAAE93A2B218}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{528AC362-9C64-4EAA-AAE6-717BF0AF8E2B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5ED9F819-826B-4229-A377-8CCF32E8B3A3}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{795C822E-FAFB-46C9-ADC5-C3E9548B9930}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CC7C82F-40E8-4AB6-A9AA-4F44174321C5}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher |
"{8E9B9A7A-6124-4FAD-9C86-2D1EE4092479}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{90BCF9D4-E29B-4034-8942-9AD44FCC38C2}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{954D0078-206B-43CC-BA4D-19206FD461DC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{96CE10C3-38D4-4BB9-BD25-AB02A9F57035}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
"{9A841E0F-3471-45C0-AFA9-BD01E2CFF86B}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C356D98-6BFA-42DF-ACB6-2D944CE2EBA8}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{9FB7E1E4-7647-43A2-9E5D-FBDF6D230C0D}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{B74405FC-B1F7-4AE8-BC23-AA6C1D92D728}" = lport=6920 | protocol=17 | dir=in | name=league of legends launcher |
"{B77757BF-AE6B-4409-BB8B-BB331BB81809}" = lport=139 | protocol=6 | dir=in | app=system |
"{BD88EBFE-109C-4660-BDCC-F379830E0671}" = lport=6941 | protocol=17 | dir=in | name=league of legends launcher |
"{BDB1E434-4711-49C7-B656-DD3D112876E0}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{BF26D0E2-1CE4-479E-BED0-8B7705BFADFD}" = lport=6941 | protocol=6 | dir=in | name=league of legends launcher |
"{BF631503-6982-4BAC-A0AB-F0CFC174B0CC}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher |
"{C04C90B9-201F-4E35-ABD4-4239781084C0}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{C8CB3B6A-9BF0-4499-B82E-18F3AA2FC158}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CC86917A-07ED-44DA-8350-D55752BEA473}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{CC9EDD03-FF61-443A-9A8A-E25423B0EBAD}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{CDCDEAFE-8266-438A-BC9F-17FB5D1984CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{D105D38E-F67E-4926-96EE-3460A2463E45}" = lport=6918 | protocol=17 | dir=in | name=league of legends launcher |
"{D1736638-211C-445C-BF63-88B08129D6BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D2850DD9-B9D2-4671-BCF2-2B8CAA766E58}" = lport=8382 | protocol=6 | dir=in | name=league of legends launcher |
"{D923B745-9F13-46C7-81D4-80FEF4D04276}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8543D04-1233-47BF-8416-831A41D255BD}" = lport=6918 | protocol=6 | dir=in | name=league of legends launcher |
"{E948002B-75D6-45D7-866F-A5495CE1F5F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EF50FFE4-2B23-46F1-8BB1-EC55463A59B6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F370A96E-8DD0-4FF7-9720-95BAC2CAC165}" = lport=8382 | protocol=17 | dir=in | name=league of legends launcher |
"{F527C647-3CCB-4479-A4DA-CDEBBBF070C4}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{F70997FF-5B1A-441E-91CF-22DA87E3C3F9}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{F8E4735D-1D61-43DC-ACCF-AADA654DA8AE}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{FAE4398E-7352-49E9-AB3A-AD1E039C22E7}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{FDDA000E-3735-43DA-B607-2ABF832C94E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003A542C-7919-416A-A825-0AB438221DB0}" = dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{0543252C-2B66-459C-A83F-8FAAA21CD249}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{06E443FA-0A7C-4A29-9CD1-E826FD1A6205}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{079F349A-2402-4323-A59A-3FF780E192BB}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{08C23CD2-4BE0-4097-9F13-A95E92E0918A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\the settlers 7 paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{08FE6815-E972-473B-9E6D-F0C40CDB798B}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{091E9A87-B154-41B4-BB01-536EDEF1991C}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0A6BF2BA-1AFC-456F-B851-C314FF50E3D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0C4392B4-2DC9-4F07-BE69-B41EDDE038E9}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0EDE9561-CC6A-4C88-A804-4879AF291015}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\napoleon total war\napoleon.exe |
"{10036914-5370-4C12-8D84-3708A6FF9658}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1007D901-BDCA-49CB-9971-29EB3BA41759}" = protocol=6 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{10D1A4DF-F974-43FD-8559-B8409860450F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{10D3AD66-1501-42B6-903A-93BB049AB0FE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{11F4D69F-DC4B-4658-AD28-0BA0F0C689CE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{135C0B9C-3A32-4826-9086-6B212A8C48DD}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\hoard\win32\reuben.exe |
"{14C7A9BB-F66C-42B9-A7AD-6AE4CDDBD199}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{16696091-467A-4158-B5CF-EA17A9F31C38}" = dir=in | app=d:\spiele\port royale 3\portroyale3.exe |
"{18E7346A-A287-4CF3-8743-129ED79BEA13}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\eve online\eve.exe |
"{1A055906-73AD-418C-A806-97C4267652F0}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{1A9E2E43-7A25-4B45-8162-B22C48DB61A5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl\runme.exe |
"{1B570BA3-36C8-4C8E-858D-8E84442B06AC}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{1D426911-3FAC-402F-9D34-4F929CA93297}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1DCB18B9-AD51-4289-A5BE-9A3AFD9710D0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\armada 2526\bin\armada2526.exe |
"{1E79B3A8-5DAE-4BC6-866A-36D090E1504B}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{1EB2FCC0-547D-4026-ACE0-ECCAEEC80911}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{1FCFDE4A-81D6-4C7C-9AB3-2C31D0727E07}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{1FFB3559-B5FA-4C19-8410-0DD22880AB88}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{21D3CB6E-D065-4DA7-9C49-1A69DC475C92}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\evochron mercenary\evochronmercenary.exe |
"{21DF89E8-A61F-4A57-95AE-CAB67767C74A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\dota 2 beta\dota.exe |
"{22EC6CDC-51B7-4D2D-B0B5-7075C7E4900D}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\evochron mercenary\evochronmercenary.exe |
"{23048318-D95C-4C54-B1D1-3DA5A4BDDE77}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{24D55F22-119C-4D48-9663-DCE516F92369}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's railroads\railroads.exe |
"{2680D842-BE31-495C-B3E8-73386F5797E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26FD749F-292E-49A3-A9C7-086F7E061393}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\eve online\eve.exe |
"{28896BA4-6894-4471-8CB7-E1967AB99FB0}" = dir=in | app=d:\programme\itunes\itunes.exe |
"{29219EB8-F0DA-4634-8CC4-636E718649C5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{292D0C0F-75BC-4D0C-855E-F678F42CB5D1}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{2C609787-7399-4C79-9BDC-4D7420958658}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{2E6A0F4A-C3D9-422F-ADDF-1B85E6E37552}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2EE40CCB-2124-4C53-956A-03DD03FFDFD4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\armada 2526\bin\armada2526.exe |
"{302A0C47-40B2-4435-A871-D4EDBD58F0A4}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\uplaybrowser.exe |
"{304B834A-FC62-43D0-900A-0F5FCC9BE99A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{36C948B6-D770-4495-886C-61C4E2579520}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{377B809C-05FA-402E-BF76-4B68BF234C03}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{37B17285-6E57-4004-AF1C-324C8F73233D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3980901E-43BE-40AF-8D33-3B94F34E330F}" = protocol=6 | dir=in | app=d:\spiele\origin\battlefield 3\bf3.exe |
"{3AACA11F-9883-4521-86F0-279F771ADC37}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\napoleon total war\napoleon.exe |
"{3AD54E28-9BB4-4C48-9AEE-7037ADA446BC}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{3B3517FB-E695-4060-8253-D5E448034318}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl\runme.exe |
"{3D790D22-F43B-45E9-81D4-52D8FB9BCB27}" = protocol=6 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{3F16AC9F-D511-4787-B805-1E0AC836C6A8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4267E12E-227B-4954-AC16-BC0E8C45BFCB}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{442978F7-1DC9-4977-8DD8-6D2F79943B5E}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{44A93FDC-CAFB-4734-A661-E36C67ED1FAB}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{44F0003C-26D4-4766-BBAE-53BF854EB206}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{49494EFB-51CD-40EF-A0B3-AE9EAC19BEFF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4A8664D6-A6E2-4CE5-8F2B-DB2F1D9BA269}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbsp.exe |
"{4C104C82-7FBA-41C9-A521-ADB4B1B52D51}" = protocol=6 | dir=in | app=d:\spiele\blood bowl\bb_le.exe |
"{4C2BC78F-43DB-427E-BB06-505EAD98E80B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4F4868E9-7946-451B-8B5A-E4E02CF141A4}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{51F90881-5A8A-47BE-BF70-0489DEFDDA68}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\the settlers 7 paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{52DCCBAE-0B71-4D66-84E3-A1F4CB498EBC}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{533172EE-49F8-4BBC-931D-BE3AB7920C34}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{56BF47C1-F429-4F70-A181-51882291C02D}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbmp.exe |
"{5BECDEF3-C364-4745-AF1F-74426B75DB3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D93CBD3-9784-4D28-92C8-439D036306A5}" = protocol=6 | dir=out | app=system |
"{5EF888AD-FE1A-46E3-88B1-A1F3E22F330C}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{600F0BDA-C8B2-4BCF-8B8C-4CDD15705502}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{617E334E-72C9-45D4-96C0-162416EF0727}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{62C6D5A2-8857-47D8-9C96-87318BB6DDCB}" = protocol=17 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{62EC6EF1-3564-4AF1-A9B5-4D101D6301A0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{63FBD749-49A4-457F-8F49-EE93FBE2AE46}" = dir=in | app=d:\spiele\max payne 3\maxpayne3.exe |
"{67BFB9FD-F6DD-4180-8977-0446359C3354}" = protocol=17 | dir=in | app=c:\users\blumeison\appdata\roaming\dropbox\bin\dropbox.exe |
"{68295DB5-3D02-4260-979D-458857802236}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6A78A085-B6DF-4EA6-AF0B-352BB5C2024C}" = protocol=6 | dir=in | app=d:\spiele\fable iii\fable3.exe |
"{6B5644C6-1909-4DAE-B4FB-6A39FCBF5891}" = protocol=6 | dir=in | app=d:\spiele\blood bowl\autorun\exe\autorun.exe |
"{6BE6CCAC-79D6-4263-BD30-B84509453D88}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{6D13182B-626F-4120-8467-7742858276BB}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\anno 2070\anno5.exe |
"{6F73197F-7835-48B8-AB5B-B06CE874E6E9}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{70414979-0F2D-444E-A920-7ADC8A44F9C4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{70420342-EF03-48AD-8DA2-97A08329BC8F}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\blumeison\counter-strike\hl.exe |
"{73244208-9C1D-4E2E-8555-BC246FEB92B6}" = protocol=17 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{7413E50A-ED4E-438C-9809-3FF5EDB9FBA1}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{7417C606-91C2-46A1-8CFC-4345D51B1CF9}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\spectromancer\spectromancer.exe |
"{756DB66B-38D7-4DB1-903E-4BB85A1FD479}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbsp.exe |
"{7AC5B7A3-5972-413F-B2D0-CFE6D6F1EF66}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbmp.exe |
"{7BFE8A45-96E6-4433-9E88-F692F9D95529}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82E1B9D7-D33E-44BD-94D9-1057E77B91E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{874E4C76-3204-418E-9033-31E9ACD91F13}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{8CB462AF-12BA-4669-A5B8-441764CE2501}" = dir=out | app=d:\spiele\tropico 4\tropico4.exe |
"{8E39725E-CDF3-4639-811E-9C4120F16D6A}" = protocol=17 | dir=in | app=d:\spiele\blood bowl\autorun\exe\autorun.exe |
"{8F56A15B-3DDA-4EEA-98F2-7DAFA1D511F4}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{8FCA9BA5-FD81-417A-A502-4F5B41A7FEDC}" = dir=out | app=d:\spiele\orcs must die 2\build\release\orcsmustdie2.exe |
"{92C371C9-129F-496A-8E11-2DA584520095}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{92F29086-E015-45A2-A094-C1583DCB3117}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94030CD8-E7A9-4AEA-A935-AD1083C00F79}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{98207016-F7B8-482D-93B2-D4DB5FAC19FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{984B75B9-73CE-4163-BB8C-909DC00EFAFC}" = dir=out | app=d:\spiele\port royale 3\portroyale3.exe |
"{99418C0D-F8FA-4873-980A-A74C6478F3A3}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{9A11158F-2D8E-47F9-BA92-6D343C000F29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A9AB58B-F9BD-4887-9C44-34AA01563DE3}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{9BB0A918-9870-4C63-A57E-C9D6A3534F6F}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{9C107E53-D84B-46B4-B46A-C27419316356}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{9E3B6FED-6C3B-4D43-8EF0-9FD3F0854568}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F766FEB-CDA4-4744-B916-39422BB7C4BE}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A12D4377-982A-4661-A6D1-B83DD8FD2B12}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A29BFFB6-FA70-494A-B4F4-99C42620A8E8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2FA7F24-7619-40E5-AD45-44E39E7804EF}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's railroads\railroads.exe |
"{A36487BF-6622-4C2B-9198-4A485CAAB4B2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{A38D67CC-EB1A-48CA-A669-AC23019D7934}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A53D7D66-D3C6-414D-AAA0-C73BAEC604DE}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\spectromancer\spectromancer.exe |
"{A689A2CE-D7EB-4804-B506-BF0DFDF9E6AC}" = protocol=17 | dir=in | app=d:\spiele\blood bowl\bb_le.exe |
"{A9551302-CEC2-4658-85A9-B49F3D85CD2C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{ABFF5E89-83AB-45C4-9034-B09646439E56}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AF6447FD-22A7-457D-83E4-3F9004228080}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B01BDF24-1030-4F64-885A-3B4B62E222FE}" = protocol=17 | dir=in | app=d:\spiele\origin\battlefield 3\bf3.exe |
"{B0E94820-D2FC-4F46-8768-16787B2172D9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{B50344F7-E5FD-4201-BFAD-E0C52DE2C631}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B505FF6A-8AAA-4A32-B423-B0862B7AFFD4}" = protocol=17 | dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{B5C4219F-8C43-488E-B6DA-54DFC45D7F2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B860695C-AF4F-4027-B788-DF88C72A6EE4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{B95C5D5A-6339-4BC7-9D26-AF35B7932DA0}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{BCC4F9FA-B72D-49AE-9F63-31D422FAF9FB}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\spacechem\spacechem.exe |
"{BDA49362-69B1-4931-8D4C-1733490D69B8}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\flight_control_hd\flightcontrol_win32.exe |
"{BED0D62C-3C95-4047-A665-05F4299F7899}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0966D01-9822-476F-8512-0BE92A275716}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{C134BBC6-4696-49DB-A725-D79D982E1CEA}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{C23D2A8D-6299-41FD-9C7E-C9208ED4D999}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C2AD06E0-DED0-4EA1-8CBB-2DDE0534EA96}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{C515361A-A54F-4B55-955E-4440C7E344C9}" = protocol=17 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{C5EE4282-AB4A-4010-AFD1-79F9CFA6D564}" = dir=in | app=d:\spiele\tropico 4\tropico4.exe |
"{C73B61B1-9F23-44A5-B564-434EF9394351}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\anno 2070\anno5.exe |
"{C844DCBF-9986-48D8-8EAE-B3775B5B54AF}" = protocol=6 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{C96C56FB-3165-4FC1-B216-4B5E2C7EDDE2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{C996546C-B54A-4E44-9344-7E2644E1187F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{CAC77BC6-32A6-4503-8572-12889D24C9A2}" = protocol=6 | dir=in | app=c:\users\blumeison\appdata\roaming\dropbox\bin\dropbox.exe |
"{CCB5E39A-3BD8-46B8-BBB7-4A83A9C01229}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\jabiademo\jaggedalliancebiademo.exe |
"{CDE2592A-D5EB-4449-A775-03C3F9582CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CF9AD19E-5AEE-442B-8998-7064CE604392}" = dir=out | app=d:\spiele\max payne 3\maxpayne3.exe |
"{D160F75E-EC13-4BCB-84DA-675EF170E0E4}" = protocol=17 | dir=in | app=d:\spiele\fable iii\fable3.exe |
"{D3F748F6-0DA3-4403-A979-AB50135ED2FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8000AE3-545E-4440-BC1D-0EEA986CADF5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D9993B73-C780-4663-91F1-B2757B25C6EA}" = dir=in | app=d:\spiele\port royale 3\portroyale3.exe |
"{DBA836FC-AA34-4F06-80DC-A32C8415E5C4}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\spacechem\spacechem.exe |
"{DC85F4D1-F846-40A0-B58A-792A866B9E78}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF17CA0B-E330-40C7-A72F-4652020E3600}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{E02B4532-34F3-48C9-BB36-6F8F0F4752A9}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{E1BBE8AB-B737-423E-87B1-8E196B996DA7}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\uplaybrowser.exe |
"{E24E7E1B-3C02-4B71-829D-2221B091CD44}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{E3BA63FF-D669-46A8-A138-D671CB427623}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{E5CB8FCA-14B1-4011-8ED1-50F9A0DBD691}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E8C60685-6359-47F1-8F4D-3085BF2C587D}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\flight_control_hd\flightcontrol_win32.exe |
"{E8D19F62-49B2-4C00-B63E-43D44D521D2C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E9E2B4AD-525E-42CA-B0D0-B22E51522E8C}" = protocol=6 | dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{EAADFDB8-091F-4850-B1E2-3216676F45D7}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\hoard\win32\reuben.exe |
"{EBC1D848-E7CE-4F5D-B0E7-3DDD2E5569A8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC658C77-F67B-4B56-A483-852E8DBFF3E8}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F36797FB-9A16-4EF1-B988-C028B366DBB3}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\blumeison\counter-strike\hl.exe |
"{F40902BE-CC76-4ED9-A952-C4DA4E4AABC8}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{F6E81CC1-A478-47BC-8841-90EC475933C0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{F805F2B3-F350-4358-81F3-F04C8E93E2E5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{F8368F14-E7A0-42B8-BF38-A0DCC230A661}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{F975F7F5-940E-4755-9169-40ABCE9AB6B0}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{FAC5910B-10EB-40E2-8813-6671C790A1C7}" = dir=out | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{FDE81826-8359-4DC4-81E8-1AB7977A50AA}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{FF7B7163-DB43-494A-862F-D09D72F9FDEA}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\jabiademo\jaggedalliancebiademo.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{9D3BAEFB-5DDD-43D4-8BB2-D9989521F003}" = Native Instruments Razor
"{A4BD55F5-65F5-44A6-A130-5FC39433EE9C}" = Max 5.1.7
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ACDA69C0-C5D3-4BBB-8936-FB5BE70D09A1}_is1" = IQ-Analyser Demo Version 1.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 290.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1107
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}" = Windows Phone Emulator x64 - ENU
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1338
"Explorer Suite_is1" = Explorer Suite III
"F08CF5BAFA651376713ABA6BE4395F7152EF8C85" = Windows Driver Package - Focusrite USB 2.0 Audio Driver (04/11/2011 15.7.48.775)
"Focusrite USB 2.0 Audio Driver_is1" = Focusrite USB 2.0 Audio Driver 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 2.1
"RolandRDID0058" = UM-3EX Driver
"Saffire USB 26_is1" = Scarlett MixControl 1.0
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
"Zune" = Zune
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05CDC06E-4C55-4EAE-9401-8EF62F60CB69}" = Microsoft XNA Game Studio 4.0 Refresh (Visual Studio)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{100F28BC-124C-4D2D-A26B-2EEC823A4AB3}" = Windows Product Key Retriever
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111DB3F0-0C58-4475-9954-1BD5B7B28618}" = League of Legends
"{12B8E200-99CC-4203-A8D1-4145FC4D0192}" = Microsoft Expression Blend SDK for Windows Phone OS 7.1
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{1A6853BA-E127-4155-AD57-876ACBA137B4}_is1" = Brink Version 1.0.0.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{22B8CB84-9AD0-49CE-852D-CA303DA0C652}" = Accent ZIP Password Recovery
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2E337869-756A-4E46-A936-0E67FE043A5E}" = Melodyne 3.2
"{39D385DF-53BA-4792-BED3-68132EEB488F}" = NVTweak
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray version 0.8
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper version 3.0.0
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{656458ED-DA77-4C82-AF2F-1640C191A2A7}" = Microsoft Advertising SDK for Windows Phone - ENU
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{69E11501-75F7-4ACE-8103-52513DDCFE26}" = Microsoft Expression Blend SDK for Windows Phone 7
"{6A7387C0-B74F-47D0-A217-B384E55FE0C9}" = Microsoft XNA Game Studio 4.0 Refresh (Redists)
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F33C2E2-5E02-4344-90BC-ED55C48341D2}" = WCF Data Services SDK for Windows Phone
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{776313DE-6596-4D92-9A7A-5BBA719DE94A}_is1" = Might & Magic Heroes VI
"{786D445C-F3D7-35D2-81AA-60DB61F9F552}" = Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78ADE646-7B51-4307-B4FB-3E64E4ADDFE9}_is1" = Jagged Alliance - Crossfire Version v1.0
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{879E1A85-4B17-48CF-8D73-6CC09F46497E}_is1" = Connon Fodder 3 version 1.0
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89690B51-2E21-4E93-914E-F9CAC5B24A84}" = Microsoft XNA Game Studio Platform Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{90120000-0014-0000-0000-0000000FF1CE}_PRO_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{916373A2-C6FE-481B-8F5C-E2AE6D5CDE65}_is1" = Der Bahngigant
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}" = Windows Phone SDK 7.1 Assemblies
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}" = Melodyne 3.2
"{A240191E-4302-435E-86FC-A5717EF0CF38}" = Microsoft XNA Game Studio 4.0 Refresh (Shared Components)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A4CC18F6-DB05-4B03-B724-4128322FA85F}" = Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0
"{A721BC43-E63E-3531-B1BF-6A405F9530BD}" = Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1" = Der Planer 4 1.0
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D932793F-920F-4A56-8168-F2ED3B3646EE}" = Ableton Live 8
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE3A5B79-C147-4BD9-952A-E894298C2ACA}" = Microsoft XNA Game Studio 4.0 Refresh (ARP entry)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}" = Microsoft Expression Blend 4 Add-in for Adobe FXG Import
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F656270D-66A6-41D9-828A-436EE0228D3B}" = calibre
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Any Video Converter_is1" = Any Video Converter 3.3.0
"Audacity_is1" = Audacity 2.0
"AutoGK" = Auto Gordian Knot 2.55
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BabylonToolbar" = Babylon toolbar on IE
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Blend_4.0.30816.0" = Microsoft Expression Blend 4
"BloodBowlLegendary_is1" = Blood Bowl Legendary Edition Version 2.0.0.0
"Cisco Connect" = Cisco Connect
"Clonk Rage" = Clonk Rage
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"Endless Space_is1" = Endless Space
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"EVE" = EVE Online (remove only)
"F5 Networks Client Components" = BIG-IP Edge Client Components (All Users)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.38.517
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"HbsMozillaLauncher" = HbsMozillaLauncher 1.0
"hedgewars" = Hedgewars
"IL Harmor" = IL Harmor
"ImgBurn" = ImgBurn
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Jagged Alliance - Back in Action_is1" = Jagged Alliance - Back in Action
"JDownloader" = JDownloader
"Live 8.2.2" = Live 8.2.2
"MakeMKV" = MakeMKV v1.6.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU" = Windows Phone SDK 7.1 - ENU
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mp3-2-wav" = mp3-2-wav converter 1.14
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Razor" = Native Instruments Razor
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"New LEGO Digital Designer" = LEGO Digital Designer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.2.1
"Orcs Must Die 2_is1" = Orcs Must Die 2
"Origin" = Origin
"PDF2TXT v3.2_is1" = PDF2TXT v3.2
"Picasa 3" = Picasa 3
"PokerTH 0.9.1" = PokerTH
"Postal 2_is1" = Portal 2
"PRO" = Microsoft Office Professional 2007
"PunkBusterSvc" = PunkBuster Services
"RGF HotSpot_is1" = RGF HotSpot version 0.6b
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"Steam App 105600" = Terraria
"Steam App 108200" = Ticket to Ride
"Steam App 204880" = Sins of a Solar Empire: Rebellion Beta
"Steam App 204920" = Jagged Alliance - Back in Action Demo
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 39230" = Dungeon Siege III Demo
"Steam App 46790" = Armada 2526
"Steam App 48240" = Anno 2070
"Steam App 570" = Dota 2
"Steam App 71000" = Evochron Mercenary
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"Steam App 92800" = SpaceChem
"Steam App 92810" = SpaceChem - Demo
"Stronghold 3 (c) THQ_is1" = Stronghold 3 (c) THQ version 1
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"UFO:Alien Invasion" = UFO:AI 2.4
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.11
"VobSub" = VobSub v2.23 (Remove Only)
"Win2day Poker" = Win2day Poker
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0 Refresh
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Monopoly Deluxe" = Monopoly Deluxe
"Seven Phases Spectrum Analyzer" = Seven Phases Spectrum Analyzer
"Spotify" = Spotify
"Tropico 4" = Tropico 4 1.00
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.01.2012 05:27:38 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 13.01.2012 05:50:32 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 07:53:01 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 08:16:20 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 11:05:44 | Computer Name = blumeison-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 15.01.2012 10:54:43 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 22.01.2012 04:59:55 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 24.01.2012 17:04:53 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 25.01.2012 14:11:44 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 26.01.2012 11:41:04 | Computer Name = blumeison-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
[ NetLimiter 3 Events ]
Error - 07.09.2012 10:28:03 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 10:29:52 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 10:29:52 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 11:16:40 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 11:16:40 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 14:02:20 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 14:02:20 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 08.09.2012 05:26:01 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 08.09.2012 05:26:01 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 09.09.2012 08:04:29 | Computer Name = blumeison-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
[ System Events ]
Error - 09.09.2012 08:03:58 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7000
Description = The Dienst "Bonjour" service failed to start due to the following
error: %%216
Error - 09.09.2012 08:04:28 | Computer Name = blumeison-PC | Source = PNRPSvc | ID = 102
Description =
Error - 09.09.2012 08:04:28 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 09.09.2012 08:04:28 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = PNRPSvc | ID = 102
Description =
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = PNRPSvc | ID = 102
Description =
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 09.09.2012 08:04:39 | Computer Name = blumeison-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
< End of report >
|
|
09.09.2012, 23:04
| #4 | |
| /// Helfer-Team | Polizei Virus Jippieh! :(Zitat:
|
|
10.09.2012, 21:59
| #5 |
| | Polizei Virus Jippieh! :( sry m8 hier der log vom full scan : Code:
ATTFilter Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.09.09.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ****:: ****-PC [administrator] Protection: Enabled 10.09.2012 19:19:07 mbam-log-2012-09-10 (19-19-07).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 686996 Time elapsed: 1 hour(s), 8 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 8 D:\Downloads\SoftonicDownloader_for_mineviewer.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully. D:\Downloads\_JDownloads\f3crack\paul.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully. D:\Downloads\_JDownloads\IZotope.Ozone.v4.03\keygen.exe (Trojan.Agent.ck) -> Quarantined and deleted successfully. D:\Downloads\_JDownloads\Portable Nero Micro US v10.5.10500 by Birungueta\Nero Burning ROM.exe (Trojan.Agent) -> Quarantined and deleted successfully. D:\Downloads\_JDownloads\Portable Nero Micro US v10.5.10500 by Birungueta\Nero Express.exe (Trojan.Agent) -> Quarantined and deleted successfully. D:\Fotos\IZotope.Ozone.v4.03\keygen.exe (Trojan.Agent.ck) -> Quarantined and deleted successfully. D:\Isos\Photoshop CS 3\Adobe Photoshop CS3 Extended-Version (Deutsch)\KeyGen\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. D:\_MusicArtwork\_Vsts\Celemony.Melodyne.Studio.Edition.v3.2.2.2.Incl.Keygen-AiR\AiR\Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. (end) (end) aktueller OTL Scan : OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.09.2012 23:02:05 - Run 3
OTL by OldTimer - Version 3.2.61.1 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,99 Gb Total Physical Memory | 4,13 Gb Available Physical Memory | 51,71% Memory free
15,98 Gb Paging File | 11,87 Gb Available in Paging File | 74,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 4,53 Gb Free Space | 7,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,61 Gb Free Space | 2,43% Space Free | Partition Type: NTFS
Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
PRC - C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - D:\Spiele\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.95\deploy\LoLLauncher.exe ()
PRC - C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - D:\Spiele\League of Legends\RADS\system\rads_user_kernel.exe ()
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - D:\Spiele\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.198\deploy\LolClient.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
MOD - C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - D:\Spiele\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.95\deploy\LoLLauncher.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - D:\Spiele\League of Legends\RADS\system\rads_user_kernel.exe ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtCore4.dll ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtGui4.dll ()
MOD - C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtXml4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (emaudsv) -- C:\Windows\SysNative\emaudsv.exe (E-MU Systems)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirService) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ezGOSvc) -- C:\Windows\SysWOW64\ezGOSvc.dll ()
SRV - (AntiVirSchedulerService) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (nlsvc) -- D:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (vmm) -- C:\Windows\SysNative\drivers\VMM.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (ffusb2audio) -- C:\Windows\SysNative\drivers\ffusb2audio.sys (Focusrite Audio Engineering Limited.)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (urvpndrv) -- C:\Windows\SysNative\drivers\covpnv64.sys (F5 Networks, Inc.)
DRV:64bit: - (f5ipfw) -- C:\Windows\SysNative\drivers\urfltv64.sys (F5 Networks, Inc.)
DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
DRV:64bit: - (RDID1058) -- C:\Windows\SysNative\drivers\Rdwm1058.sys (Roland Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV:64bit: - (emusba10) -- C:\Windows\SysNative\drivers\emusba10.sys (E-MU Systems)
DRV - (nltdi) -- D:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B4 BF 9A 57 65 8C CD 01 [binary data]
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@hanbiton.com/HbsMozillaLauncher: D:\Spiele\Mythos\nphlauncher.dll (hanbitsoft)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\****\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\****\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.09 16:50:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.09 16:50:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.04.12 22:43:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\Mozilla\Extensions
[2012.08.26 20:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions
[2011.05.19 17:27:08 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.26 20:38:00 | 000,270,021 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\9ajewxb6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.03.18 13:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.02 18:11:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.09.09 16:50:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.09 16:50:22 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.09 16:50:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.09 16:50:22 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.09 16:50:22 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.09 16:50:22 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.09 16:50:22 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\****\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\****\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012.05.02 18:24:00 | 000,001,322 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 195.72.134.217 sip.bwin.org #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.217 sip #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.26 ab.itsfogo.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.134.26 ab #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.132.251 ace.itsfogo.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 195.72.132.251 ace #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 127.0.0.1 launcher01.kalypsomedia.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FILSHtray] C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [E-MU USB Audio Control Panel] C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe (E-MU Systems)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [NetLimiter] D:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [RGSC] D:\Spiele\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [Spotify] C:\Users\****\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001..\Run: [Spotify Web Helper] C:\Users\****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1897697440-3972685969-3085652971-1001\..Trusted Domains: itsfogo.com ([ace] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5certchk.cab (F5 Networks Certificate Checker)
O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT AntiViruses Class)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT FireWalls Class)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\BLUMEI~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1 (F5 Networks Auto Update)
O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (OPSWAT ProcessesScanner Class)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5InspectionHost.cab (F5 Networks Policy Agent Host Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\urxhost.cab (F5 Networks Host Control)
O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} C:\Users\BLUMEI~1\AppData\Local\Temp\f5tmp\f5opswati.cab (F5 Networks OPSWAT Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CF7541D-30C1-45D6-83EC-60D8C60A970F}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FF35E88-D782-419D-98D3-9564D5F2276B}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.29 11:02:01 | 000,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{32176409-ef93-11e1-b423-001cc0937a72}\Shell - "" = AutoRun
O33 - MountPoints2\{32176409-ef93-11e1-b423-001cc0937a72}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{341306b6-683b-11e0-8af6-001cc0937a72}\Shell - "" = AutoRun
O33 - MountPoints2\{341306b6-683b-11e0-8af6-001cc0937a72}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{5ce2d588-6543-11e0-9c90-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5ce2d588-6543-11e0-9c90-806e6f6e6963}\Shell\AutoRun\command - "" = E:\BlueBirds.exe -- [2009.04.29 11:02:01 | 000,270,336 | R--- | M] (LG Electronics)
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.09 20:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.09.07 16:50:24 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes
[2012.09.07 16:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.07 16:50:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.07 16:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.07 16:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.02 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\****\.towns
[2012.08.31 09:13:07 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{00CABA61-483B-D03E-ECE1-D47DCB7A9EA4}
[2012.08.30 11:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012.08.30 11:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012.08.27 14:38:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Jagged Alliance - Crossfire
[2012.08.26 19:00:33 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WLAN Software
[2012.08.26 19:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WLAN_Software
[2012.08.26 19:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoInstall
[2012.08.20 23:26:56 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Stronghold 3
[2012.08.20 23:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012.08.16 22:02:02 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion
[2012.08.16 22:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion
[2012.08.16 22:00:31 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion-2.4
[2012.08.16 22:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UFOAlien Invasion-2.4
[2012.08.16 21:24:42 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\UFOAI
[2012.08.16 03:03:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 03:03:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 03:03:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 03:03:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 03:03:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 03:03:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 03:03:34 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 03:03:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 03:03:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 03:03:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 03:03:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 03:03:30 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 03:03:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 02:08:02 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\FLT
[2012.08.16 02:08:00 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Shiner
[2012.08.15 13:42:48 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 13:42:44 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 13:42:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 13:42:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 13:42:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 13:42:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 13:42:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 13:42:30 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.10 22:56:58 | 000,003,668 | ---- | M] () -- C:\Users\****\Desktop\mbam-log-2012-09-10_full (22-56-51)
[2012.09.10 22:55:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1897697440-3972685969-3085652971-1001UA.job
[2012.09.10 22:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.10 19:24:24 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.10 19:24:24 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.10 19:23:04 | 000,789,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.10 19:23:04 | 000,657,818 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.10 19:23:04 | 000,126,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.10 19:16:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.10 19:16:53 | 2138,464,255 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.09 20:08:23 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.09.09 17:55:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1897697440-3972685969-3085652971-1001Core.job
[2012.09.07 16:50:22 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 16:31:16 | 000,001,108 | ---- | M] () -- C:\Users\****\Desktop\taskmgr.exe - Shortcut.lnk
[2012.09.06 21:37:37 | 004,503,728 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.02 18:56:37 | 000,002,477 | ---- | M] () -- C:\Users\****\Desktop\Google Chrome.lnk
[2012.08.27 13:54:37 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\Jagged Alliance - Crossfire.lnk
[2012.08.20 23:26:05 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold 3.lnk
[2012.08.16 22:21:30 | 000,000,633 | ---- | M] () -- C:\Users\****\Desktop\UFOAlien Invasion-2.4.lnk
[2012.08.16 21:54:37 | 000,007,601 | ---- | M] () -- C:\Users\****\AppData\Local\Resmon.ResmonCfg
[2012.08.16 12:00:33 | 002,392,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 17:46:09 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 17:46:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.10 22:56:58 | 000,003,668 | ---- | C] () -- C:\Users\****\Desktop\mbam-log-2012-09-10_full (22-56-51)
[2012.09.09 20:01:50 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.09.07 16:50:22 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.07 16:30:39 | 000,001,108 | ---- | C] () -- C:\Users\****\Desktop\taskmgr.exe - Shortcut.lnk
[2012.09.06 21:25:14 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.08.27 13:54:37 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\Jagged Alliance - Crossfire.lnk
[2012.08.26 19:00:26 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL
[2012.08.26 19:00:26 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\InsDrvZD64.dll
[2012.08.20 23:26:05 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\Stronghold 3.lnk
[2012.08.20 23:26:05 | 000,000,898 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold 3.lnk
[2012.08.16 22:00:31 | 000,000,633 | ---- | C] () -- C:\Users\****\Desktop\UFOAlien Invasion-2.4.lnk
[2012.03.03 23:17:02 | 000,007,601 | ---- | C] () -- C:\Users\****\AppData\Local\Resmon.ResmonCfg
[2012.02.28 12:45:18 | 000,776,326 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.18 23:44:56 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\PDF2TXT.DAT
[2011.12.17 13:43:40 | 000,406,336 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.12.06 20:56:37 | 000,000,551 | ---- | C] () -- C:\Users\****\AppData\Roaming\AutoGK.ini
[2011.11.27 22:46:56 | 000,003,135 | ---- | C] () -- C:\Users\****\AppData\Local\Perfmon.PerfmonCfg
[2011.06.23 14:58:22 | 000,139,816 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.05.29 15:59:09 | 000,080,256 | ---- | C] () -- C:\Windows\SysWow64\ezGOSvc.dll
[2011.04.26 09:02:51 | 000,000,000 | ---- | C] () -- C:\Windows\f5unistall.INI
[2011.04.13 21:26:12 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.13 21:25:45 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.13 08:16:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
< End of report >
extras.txt : OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.09.2012 23:02:05 - Run 3
OTL by OldTimer - Version 3.2.61.1 Folder = D:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,99 Gb Total Physical Memory | 4,13 Gb Available Physical Memory | 51,71% Memory free
15,98 Gb Paging File | 11,87 Gb Available in Paging File | 74,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 4,53 Gb Free Space | 7,61% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 22,61 Gb Free Space | 2,43% Space Free | Partition Type: NTFS
Drive E: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024BA725-E382-48A7-804A-B2622695A0BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{04061A29-66E0-4FA3-88F5-DE35E4A391B5}" = lport=6889 | protocol=6 | dir=in | name=league of legends launcher |
"{04D86F39-EBEE-4BE1-A475-0367FC86398E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E35BEE6-69EE-4AE0-BCFE-D313F773D1AE}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
"{11830C35-2290-4433-99C7-7EE45545B18B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A54B550-F0E4-4E98-B061-07EF1E0F60F4}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{1B11174D-9894-448B-AB69-C0F4C7F790B0}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{1CF6961B-F2CF-4862-A0E5-07E6DE80FFF6}" = lport=6920 | protocol=6 | dir=in | name=league of legends launcher |
"{21FD0B41-0F87-4767-B121-B6A132809059}" = lport=6889 | protocol=17 | dir=in | name=league of legends launcher |
"{25EB578C-4275-4D62-A6EE-A0CF29B063FA}" = rport=138 | protocol=17 | dir=out | app=system |
"{27AA5862-C7A2-463E-ABAA-A3E2409AB1E1}" = rport=139 | protocol=6 | dir=out | app=system |
"{2812F867-61D6-480C-B8D7-B675E8EF8A9F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2DDE748A-A74F-4662-9F7E-4C0C3B8B6E48}" = lport=137 | protocol=17 | dir=in | app=system |
"{380BBBD2-EC78-4F02-9303-0B0672213063}" = lport=58122 | protocol=6 | dir=in | name=pando media booster |
"{3C834553-BF92-492E-BFE0-0F48907D8A18}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3EC671E0-C965-4129-82A9-DC1FA2AC8791}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{472F61BB-1AAA-4383-8847-BAE09BFB9468}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47492A03-1BFE-4C86-8517-FA6902CD3842}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{4F27A6E5-6987-4685-8201-BAAE93A2B218}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{528AC362-9C64-4EAA-AAE6-717BF0AF8E2B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5ED9F819-826B-4229-A377-8CCF32E8B3A3}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{795C822E-FAFB-46C9-ADC5-C3E9548B9930}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CC7C82F-40E8-4AB6-A9AA-4F44174321C5}" = lport=6945 | protocol=6 | dir=in | name=league of legends launcher |
"{8E9B9A7A-6124-4FAD-9C86-2D1EE4092479}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{90BCF9D4-E29B-4034-8942-9AD44FCC38C2}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{954D0078-206B-43CC-BA4D-19206FD461DC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{96CE10C3-38D4-4BB9-BD25-AB02A9F57035}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
"{9A841E0F-3471-45C0-AFA9-BD01E2CFF86B}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C356D98-6BFA-42DF-ACB6-2D944CE2EBA8}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{9FB7E1E4-7647-43A2-9E5D-FBDF6D230C0D}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{B74405FC-B1F7-4AE8-BC23-AA6C1D92D728}" = lport=6920 | protocol=17 | dir=in | name=league of legends launcher |
"{B77757BF-AE6B-4409-BB8B-BB331BB81809}" = lport=139 | protocol=6 | dir=in | app=system |
"{BD88EBFE-109C-4660-BDCC-F379830E0671}" = lport=6941 | protocol=17 | dir=in | name=league of legends launcher |
"{BDB1E434-4711-49C7-B656-DD3D112876E0}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{BF26D0E2-1CE4-479E-BED0-8B7705BFADFD}" = lport=6941 | protocol=6 | dir=in | name=league of legends launcher |
"{BF631503-6982-4BAC-A0AB-F0CFC174B0CC}" = lport=6945 | protocol=17 | dir=in | name=league of legends launcher |
"{C04C90B9-201F-4E35-ABD4-4239781084C0}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{C8CB3B6A-9BF0-4499-B82E-18F3AA2FC158}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CC86917A-07ED-44DA-8350-D55752BEA473}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{CC9EDD03-FF61-443A-9A8A-E25423B0EBAD}" = lport=58122 | protocol=17 | dir=in | name=pando media booster |
"{CDCDEAFE-8266-438A-BC9F-17FB5D1984CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{D105D38E-F67E-4926-96EE-3460A2463E45}" = lport=6918 | protocol=17 | dir=in | name=league of legends launcher |
"{D1736638-211C-445C-BF63-88B08129D6BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D2850DD9-B9D2-4671-BCF2-2B8CAA766E58}" = lport=8382 | protocol=6 | dir=in | name=league of legends launcher |
"{D923B745-9F13-46C7-81D4-80FEF4D04276}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8543D04-1233-47BF-8416-831A41D255BD}" = lport=6918 | protocol=6 | dir=in | name=league of legends launcher |
"{E948002B-75D6-45D7-866F-A5495CE1F5F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EF50FFE4-2B23-46F1-8BB1-EC55463A59B6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F370A96E-8DD0-4FF7-9720-95BAC2CAC165}" = lport=8382 | protocol=17 | dir=in | name=league of legends launcher |
"{F527C647-3CCB-4479-A4DA-CDEBBBF070C4}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{F70997FF-5B1A-441E-91CF-22DA87E3C3F9}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{F8E4735D-1D61-43DC-ACCF-AADA654DA8AE}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{FAE4398E-7352-49E9-AB3A-AD1E039C22E7}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{FDDA000E-3735-43DA-B607-2ABF832C94E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003A542C-7919-416A-A825-0AB438221DB0}" = dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{0543252C-2B66-459C-A83F-8FAAA21CD249}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{06E443FA-0A7C-4A29-9CD1-E826FD1A6205}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{079F349A-2402-4323-A59A-3FF780E192BB}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{08C23CD2-4BE0-4097-9F13-A95E92E0918A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\the settlers 7 paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{08FE6815-E972-473B-9E6D-F0C40CDB798B}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{091E9A87-B154-41B4-BB01-536EDEF1991C}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0A6BF2BA-1AFC-456F-B851-C314FF50E3D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0C4392B4-2DC9-4F07-BE69-B41EDDE038E9}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0EDE9561-CC6A-4C88-A804-4879AF291015}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\napoleon total war\napoleon.exe |
"{10036914-5370-4C12-8D84-3708A6FF9658}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1007D901-BDCA-49CB-9971-29EB3BA41759}" = protocol=6 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{10D1A4DF-F974-43FD-8559-B8409860450F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{10D3AD66-1501-42B6-903A-93BB049AB0FE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{11F4D69F-DC4B-4658-AD28-0BA0F0C689CE}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{135C0B9C-3A32-4826-9086-6B212A8C48DD}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\hoard\win32\reuben.exe |
"{14C7A9BB-F66C-42B9-A7AD-6AE4CDDBD199}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{16696091-467A-4158-B5CF-EA17A9F31C38}" = dir=in | app=d:\spiele\port royale 3\portroyale3.exe |
"{18E7346A-A287-4CF3-8743-129ED79BEA13}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\eve online\eve.exe |
"{1A055906-73AD-418C-A806-97C4267652F0}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{1A9E2E43-7A25-4B45-8162-B22C48DB61A5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl\runme.exe |
"{1B570BA3-36C8-4C8E-858D-8E84442B06AC}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{1D426911-3FAC-402F-9D34-4F929CA93297}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1DCB18B9-AD51-4289-A5BE-9A3AFD9710D0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\armada 2526\bin\armada2526.exe |
"{1E79B3A8-5DAE-4BC6-866A-36D090E1504B}" = protocol=6 | dir=in | app=d:\spiele\steam\steam.exe |
"{1EB2FCC0-547D-4026-ACE0-ECCAEEC80911}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{1FCFDE4A-81D6-4C7C-9AB3-2C31D0727E07}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{1FFB3559-B5FA-4C19-8410-0DD22880AB88}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{21D3CB6E-D065-4DA7-9C49-1A69DC475C92}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\evochron mercenary\evochronmercenary.exe |
"{21DF89E8-A61F-4A57-95AE-CAB67767C74A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\dota 2 beta\dota.exe |
"{22EC6CDC-51B7-4D2D-B0B5-7075C7E4900D}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\evochron mercenary\evochronmercenary.exe |
"{23048318-D95C-4C54-B1D1-3DA5A4BDDE77}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{24D55F22-119C-4D48-9663-DCE516F92369}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's railroads\railroads.exe |
"{2680D842-BE31-495C-B3E8-73386F5797E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26FD749F-292E-49A3-A9C7-086F7E061393}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\eve online\eve.exe |
"{28896BA4-6894-4471-8CB7-E1967AB99FB0}" = dir=in | app=d:\programme\itunes\itunes.exe |
"{29219EB8-F0DA-4634-8CC4-636E718649C5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{292D0C0F-75BC-4D0C-855E-F678F42CB5D1}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{2C609787-7399-4C79-9BDC-4D7420958658}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{2E6A0F4A-C3D9-422F-ADDF-1B85E6E37552}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2EE40CCB-2124-4C53-956A-03DD03FFDFD4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\armada 2526\bin\armada2526.exe |
"{302A0C47-40B2-4435-A871-D4EDBD58F0A4}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\uplaybrowser.exe |
"{304B834A-FC62-43D0-900A-0F5FCC9BE99A}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{36C948B6-D770-4495-886C-61C4E2579520}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{377B809C-05FA-402E-BF76-4B68BF234C03}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{37B17285-6E57-4004-AF1C-324C8F73233D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3980901E-43BE-40AF-8D33-3B94F34E330F}" = protocol=6 | dir=in | app=d:\spiele\origin\battlefield 3\bf3.exe |
"{3AACA11F-9883-4521-86F0-279F771ADC37}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\napoleon total war\napoleon.exe |
"{3AD54E28-9BB4-4C48-9AEE-7037ADA446BC}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{3B3517FB-E695-4060-8253-D5E448034318}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl\runme.exe |
"{3D790D22-F43B-45E9-81D4-52D8FB9BCB27}" = protocol=6 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{3F16AC9F-D511-4787-B805-1E0AC836C6A8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4267E12E-227B-4954-AC16-BC0E8C45BFCB}" = protocol=17 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{442978F7-1DC9-4977-8DD8-6D2F79943B5E}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{44A93FDC-CAFB-4734-A661-E36C67ED1FAB}" = protocol=6 | dir=in | app=d:\spiele\league of legends\game\league of legends.exe |
"{44F0003C-26D4-4766-BBAE-53BF854EB206}" = protocol=17 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{49494EFB-51CD-40EF-A0B3-AE9EAC19BEFF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4A8664D6-A6E2-4CE5-8F2B-DB2F1D9BA269}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbsp.exe |
"{4C104C82-7FBA-41C9-A521-ADB4B1B52D51}" = protocol=6 | dir=in | app=d:\spiele\blood bowl\bb_le.exe |
"{4C2BC78F-43DB-427E-BB06-505EAD98E80B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4F4868E9-7946-451B-8B5A-E4E02CF141A4}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{51F90881-5A8A-47BE-BF70-0489DEFDDA68}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\the settlers 7 paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{52DCCBAE-0B71-4D66-84E3-A1F4CB498EBC}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{533172EE-49F8-4BBC-931D-BE3AB7920C34}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{56BF47C1-F429-4F70-A181-51882291C02D}" = protocol=17 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbmp.exe |
"{5BECDEF3-C364-4745-AF1F-74426B75DB3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D93CBD3-9784-4D28-92C8-439D036306A5}" = protocol=6 | dir=out | app=system |
"{5EF888AD-FE1A-46E3-88B1-A1F3E22F330C}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{600F0BDA-C8B2-4BCF-8B8C-4CDD15705502}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{617E334E-72C9-45D4-96C0-162416EF0727}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{62C6D5A2-8857-47D8-9C96-87318BB6DDCB}" = protocol=17 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{62EC6EF1-3564-4AF1-A9B5-4D101D6301A0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{63FBD749-49A4-457F-8F49-EE93FBE2AE46}" = dir=in | app=d:\spiele\max payne 3\maxpayne3.exe |
"{67BFB9FD-F6DD-4180-8977-0446359C3354}" = protocol=17 | dir=in | app=c:\users\****\appdata\roaming\dropbox\bin\dropbox.exe |
"{68295DB5-3D02-4260-979D-458857802236}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6A78A085-B6DF-4EA6-AF0B-352BB5C2024C}" = protocol=6 | dir=in | app=d:\spiele\fable iii\fable3.exe |
"{6B5644C6-1909-4DAE-B4FB-6A39FCBF5891}" = protocol=6 | dir=in | app=d:\spiele\blood bowl\autorun\exe\autorun.exe |
"{6BE6CCAC-79D6-4263-BD30-B84509453D88}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{6D13182B-626F-4120-8467-7742858276BB}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\anno 2070\anno5.exe |
"{6F73197F-7835-48B8-AB5B-B06CE874E6E9}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{70414979-0F2D-444E-A920-7ADC8A44F9C4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{70420342-EF03-48AD-8DA2-97A08329BC8F}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\****\counter-strike\hl.exe |
"{73244208-9C1D-4E2E-8555-BC246FEB92B6}" = protocol=17 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{7413E50A-ED4E-438C-9809-3FF5EDB9FBA1}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\addon.exe |
"{7417C606-91C2-46A1-8CFC-4345D51B1CF9}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\spectromancer\spectromancer.exe |
"{756DB66B-38D7-4DB1-903E-4BB85A1FD479}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbsp.exe |
"{7AC5B7A3-5972-413F-B2D0-CFE6D6F1EF66}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\acbmp.exe |
"{7BFE8A45-96E6-4433-9E88-F692F9D95529}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82E1B9D7-D33E-44BD-94D9-1057E77B91E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{874E4C76-3204-418E-9033-31E9ACD91F13}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{8CB462AF-12BA-4669-A5B8-441764CE2501}" = dir=out | app=d:\spiele\tropico 4\tropico4.exe |
"{8E39725E-CDF3-4639-811E-9C4120F16D6A}" = protocol=17 | dir=in | app=d:\spiele\blood bowl\autorun\exe\autorun.exe |
"{8F56A15B-3DDA-4EEA-98F2-7DAFA1D511F4}" = protocol=17 | dir=in | app=d:\spiele\anno 1404\anno4.exe |
"{8FCA9BA5-FD81-417A-A502-4F5B41A7FEDC}" = dir=out | app=d:\spiele\orcs must die 2\build\release\orcsmustdie2.exe |
"{92C371C9-129F-496A-8E11-2DA584520095}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{92F29086-E015-45A2-A094-C1583DCB3117}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94030CD8-E7A9-4AEA-A935-AD1083C00F79}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{98207016-F7B8-482D-93B2-D4DB5FAC19FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{984B75B9-73CE-4163-BB8C-909DC00EFAFC}" = dir=out | app=d:\spiele\port royale 3\portroyale3.exe |
"{99418C0D-F8FA-4873-980A-A74C6478F3A3}" = protocol=17 | dir=in | app=d:\spiele\steam\steam.exe |
"{9A11158F-2D8E-47F9-BA92-6D343C000F29}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A9AB58B-F9BD-4887-9C44-34AA01563DE3}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{9BB0A918-9870-4C63-A57E-C9D6A3534F6F}" = protocol=6 | dir=in | app=d:\spiele\league of legends\air\lolclient.exe |
"{9C107E53-D84B-46B4-B46A-C27419316356}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{9E3B6FED-6C3B-4D43-8EF0-9FD3F0854568}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F766FEB-CDA4-4744-B916-39422BB7C4BE}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A12D4377-982A-4661-A6D1-B83DD8FD2B12}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A29BFFB6-FA70-494A-B4F4-99C42620A8E8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2FA7F24-7619-40E5-AD45-44E39E7804EF}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's railroads\railroads.exe |
"{A36487BF-6622-4C2B-9198-4A485CAAB4B2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{A38D67CC-EB1A-48CA-A669-AC23019D7934}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A53D7D66-D3C6-414D-AAA0-C73BAEC604DE}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\spectromancer\spectromancer.exe |
"{A689A2CE-D7EB-4804-B506-BF0DFDF9E6AC}" = protocol=17 | dir=in | app=d:\spiele\blood bowl\bb_le.exe |
"{A9551302-CEC2-4658-85A9-B49F3D85CD2C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{ABFF5E89-83AB-45C4-9034-B09646439E56}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AF6447FD-22A7-457D-83E4-3F9004228080}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B01BDF24-1030-4F64-885A-3B4B62E222FE}" = protocol=17 | dir=in | app=d:\spiele\origin\battlefield 3\bf3.exe |
"{B0E94820-D2FC-4F46-8768-16787B2172D9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{B50344F7-E5FD-4201-BFAD-E0C52DE2C631}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B505FF6A-8AAA-4A32-B423-B0862B7AFFD4}" = protocol=17 | dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{B5C4219F-8C43-488E-B6DA-54DFC45D7F2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B860695C-AF4F-4027-B788-DF88C72A6EE4}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{B95C5D5A-6339-4BC7-9D26-AF35B7932DA0}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{BCC4F9FA-B72D-49AE-9F63-31D422FAF9FB}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\spacechem\spacechem.exe |
"{BDA49362-69B1-4931-8D4C-1733490D69B8}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\flight_control_hd\flightcontrol_win32.exe |
"{BED0D62C-3C95-4047-A665-05F4299F7899}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0966D01-9822-476F-8512-0BE92A275716}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\anno4web.exe |
"{C134BBC6-4696-49DB-A725-D79D982E1CEA}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{C23D2A8D-6299-41FD-9C7E-C9208ED4D999}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C2AD06E0-DED0-4EA1-8CBB-2DDE0534EA96}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{C515361A-A54F-4B55-955E-4440C7E344C9}" = protocol=17 | dir=in | app=d:\spiele\star wars-the old republic\launcher.exe |
"{C5EE4282-AB4A-4010-AFD1-79F9CFA6D564}" = dir=in | app=d:\spiele\tropico 4\tropico4.exe |
"{C73B61B1-9F23-44A5-B564-434EF9394351}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\anno 2070\anno5.exe |
"{C844DCBF-9986-48D8-8EAE-B3775B5B54AF}" = protocol=6 | dir=in | app=d:\spiele\league of legends\lol.launcher.exe |
"{C96C56FB-3165-4FC1-B216-4B5E2C7EDDE2}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{C996546C-B54A-4E44-9344-7E2644E1187F}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{CAC77BC6-32A6-4503-8572-12889D24C9A2}" = protocol=6 | dir=in | app=c:\users\****\appdata\roaming\dropbox\bin\dropbox.exe |
"{CCB5E39A-3BD8-46B8-BBB7-4A83A9C01229}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\jabiademo\jaggedalliancebiademo.exe |
"{CDE2592A-D5EB-4449-A775-03C3F9582CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CF9AD19E-5AEE-442B-8998-7064CE604392}" = dir=out | app=d:\spiele\max payne 3\maxpayne3.exe |
"{D160F75E-EC13-4BCB-84DA-675EF170E0E4}" = protocol=17 | dir=in | app=d:\spiele\fable iii\fable3.exe |
"{D3F748F6-0DA3-4403-A979-AB50135ED2FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8000AE3-545E-4440-BC1D-0EEA986CADF5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D9993B73-C780-4663-91F1-B2757B25C6EA}" = dir=in | app=d:\spiele\port royale 3\portroyale3.exe |
"{DBA836FC-AA34-4F06-80DC-A32C8415E5C4}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\spacechem\spacechem.exe |
"{DC85F4D1-F846-40A0-B58A-792A866B9E78}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF17CA0B-E330-40C7-A72F-4652020E3600}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{E02B4532-34F3-48C9-BB36-6F8F0F4752A9}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{E1BBE8AB-B737-423E-87B1-8E196B996DA7}" = protocol=6 | dir=in | app=d:\spiele\assassin's creed brotherhood\uplaybrowser.exe |
"{E24E7E1B-3C02-4B71-829D-2221B091CD44}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{E3BA63FF-D669-46A8-A138-D671CB427623}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3 beta\bf3.exe |
"{E5CB8FCA-14B1-4011-8ED1-50F9A0DBD691}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E8C60685-6359-47F1-8F4D-3085BF2C587D}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\flight_control_hd\flightcontrol_win32.exe |
"{E8D19F62-49B2-4C00-B63E-43D44D521D2C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E9E2B4AD-525E-42CA-B0D0-B22E51522E8C}" = protocol=6 | dir=in | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{EAADFDB8-091F-4850-B1E2-3216676F45D7}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\hoard\win32\reuben.exe |
"{EBC1D848-E7CE-4F5D-B0E7-3DDD2E5569A8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC658C77-F67B-4B56-A483-852E8DBFF3E8}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F36797FB-9A16-4EF1-B988-C028B366DBB3}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\****\counter-strike\hl.exe |
"{F40902BE-CC76-4ED9-A952-C4DA4E4AABC8}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{F6E81CC1-A478-47BC-8841-90EC475933C0}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{F805F2B3-F350-4358-81F3-F04C8E93E2E5}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{F8368F14-E7A0-42B8-BF38-A0DCC230A661}" = protocol=6 | dir=in | app=d:\spiele\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{F975F7F5-940E-4755-9169-40ABCE9AB6B0}" = protocol=6 | dir=in | app=d:\spiele\anno 1404\tools\addonweb.exe |
"{FAC5910B-10EB-40E2-8813-6671C790A1C7}" = dir=out | app=d:\spiele\max payne 3\playmaxpayne3.exe |
"{FDE81826-8359-4DC4-81E8-1AB7977A50AA}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{FF7B7163-DB43-494A-862F-D09D72F9FDEA}" = protocol=17 | dir=in | app=d:\spiele\steam\steamapps\common\jabiademo\jaggedalliancebiademo.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{9D3BAEFB-5DDD-43D4-8BB2-D9989521F003}" = Native Instruments Razor
"{A4BD55F5-65F5-44A6-A130-5FC39433EE9C}" = Max 5.1.7
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ACDA69C0-C5D3-4BBB-8936-FB5BE70D09A1}_is1" = IQ-Analyser Demo Version 1.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 290.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1107
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}" = Windows Phone Emulator x64 - ENU
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.2.0.1338
"Explorer Suite_is1" = Explorer Suite III
"F08CF5BAFA651376713ABA6BE4395F7152EF8C85" = Windows Driver Package - Focusrite USB 2.0 Audio Driver (04/11/2011 15.7.48.775)
"Focusrite USB 2.0 Audio Driver_is1" = Focusrite USB 2.0 Audio Driver 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 2.1
"RolandRDID0058" = UM-3EX Driver
"Saffire USB 26_is1" = Scarlett MixControl 1.0
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
"Zune" = Zune
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{05CDC06E-4C55-4EAE-9401-8EF62F60CB69}" = Microsoft XNA Game Studio 4.0 Refresh (Visual Studio)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{100F28BC-124C-4D2D-A26B-2EEC823A4AB3}" = Windows Product Key Retriever
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111DB3F0-0C58-4475-9954-1BD5B7B28618}" = League of Legends
"{12B8E200-99CC-4203-A8D1-4145FC4D0192}" = Microsoft Expression Blend SDK for Windows Phone OS 7.1
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{1A6853BA-E127-4155-AD57-876ACBA137B4}_is1" = Brink Version 1.0.0.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1C99893D-BC98-4456-AA3E-B67AB42301A6}" = E-MU USB Audio
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{22B8CB84-9AD0-49CE-852D-CA303DA0C652}" = Accent ZIP Password Recovery
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2E337869-756A-4E46-A936-0E67FE043A5E}" = Melodyne 3.2
"{39D385DF-53BA-4792-BED3-68132EEB488F}" = NVTweak
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{5928359F-BF46-4646-BF19-B64E55171EB5}_is1" = FILSHtray version 0.8
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper version 3.0.0
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{656458ED-DA77-4C82-AF2F-1640C191A2A7}" = Microsoft Advertising SDK for Windows Phone - ENU
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{69E11501-75F7-4ACE-8103-52513DDCFE26}" = Microsoft Expression Blend SDK for Windows Phone 7
"{6A7387C0-B74F-47D0-A217-B384E55FE0C9}" = Microsoft XNA Game Studio 4.0 Refresh (Redists)
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F33C2E2-5E02-4344-90BC-ED55C48341D2}" = WCF Data Services SDK for Windows Phone
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{776313DE-6596-4D92-9A7A-5BBA719DE94A}_is1" = Might & Magic Heroes VI
"{786D445C-F3D7-35D2-81AA-60DB61F9F552}" = Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78ADE646-7B51-4307-B4FB-3E64E4ADDFE9}_is1" = Jagged Alliance - Crossfire Version v1.0
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{879E1A85-4B17-48CF-8D73-6CC09F46497E}_is1" = Connon Fodder 3 version 1.0
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89690B51-2E21-4E93-914E-F9CAC5B24A84}" = Microsoft XNA Game Studio Platform Tools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{90120000-0014-0000-0000-0000000FF1CE}_PRO_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{916373A2-C6FE-481B-8F5C-E2AE6D5CDE65}_is1" = Der Bahngigant
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}" = Windows Phone SDK 7.1 Assemblies
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}" = Melodyne 3.2
"{A240191E-4302-435E-86FC-A5717EF0CF38}" = Microsoft XNA Game Studio 4.0 Refresh (Shared Components)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A4CC18F6-DB05-4B03-B724-4128322FA85F}" = Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0
"{A721BC43-E63E-3531-B1BF-6A405F9530BD}" = Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA9E9ED5-FFF3-4E0D-95B9-62527672268B}_is1" = Der Planer 4 1.0
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D932793F-920F-4A56-8168-F2ED3B3646EE}" = Ableton Live 8
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE3A5B79-C147-4BD9-952A-E894298C2ACA}" = Microsoft XNA Game Studio 4.0 Refresh (ARP entry)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}" = Microsoft Expression Blend 4 Add-in for Adobe FXG Import
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F656270D-66A6-41D9-828A-436EE0228D3B}" = calibre
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Any Video Converter_is1" = Any Video Converter 3.3.0
"Audacity_is1" = Audacity 2.0
"AutoGK" = Auto Gordian Knot 2.55
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BabylonToolbar" = Babylon toolbar on IE
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Blend_4.0.30816.0" = Microsoft Expression Blend 4
"BloodBowlLegendary_is1" = Blood Bowl Legendary Edition Version 2.0.0.0
"Cisco Connect" = Cisco Connect
"Clonk Rage" = Clonk Rage
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"Endless Space_is1" = Endless Space
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"EVE" = EVE Online (remove only)
"F5 Networks Client Components" = BIG-IP Edge Client Components (All Users)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.38.517
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"HbsMozillaLauncher" = HbsMozillaLauncher 1.0
"hedgewars" = Hedgewars
"IL Harmor" = IL Harmor
"ImgBurn" = ImgBurn
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"Jagged Alliance - Back in Action_is1" = Jagged Alliance - Back in Action
"JDownloader" = JDownloader
"Live 8.2.2" = Live 8.2.2
"MakeMKV" = MakeMKV v1.6.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU" = Windows Phone SDK 7.1 - ENU
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mp3-2-wav" = mp3-2-wav converter 1.14
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Razor" = Native Instruments Razor
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"New LEGO Digital Designer" = LEGO Digital Designer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.2.1
"Orcs Must Die 2_is1" = Orcs Must Die 2
"Origin" = Origin
"PDF2TXT v3.2_is1" = PDF2TXT v3.2
"Picasa 3" = Picasa 3
"PokerTH 0.9.1" = PokerTH
"Postal 2_is1" = Portal 2
"PRO" = Microsoft Office Professional 2007
"PunkBusterSvc" = PunkBuster Services
"RGF HotSpot_is1" = RGF HotSpot version 0.6b
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 108200" = Ticket to Ride
"Steam App 204880" = Sins of a Solar Empire: Rebellion Beta
"Steam App 204920" = Jagged Alliance - Back in Action Demo
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 39230" = Dungeon Siege III Demo
"Steam App 46790" = Armada 2526
"Steam App 48240" = Anno 2070
"Steam App 570" = Dota 2
"Steam App 71000" = Evochron Mercenary
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"Steam App 92800" = SpaceChem
"Steam App 92810" = SpaceChem - Demo
"Stronghold 3 (c) THQ_is1" = Stronghold 3 (c) THQ version 1
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"UFO:Alien Invasion" = UFO:AI 2.4
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.1.11
"VobSub" = VobSub v2.23 (Remove Only)
"Win2day Poker" = Win2day Poker
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0 Refresh
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1897697440-3972685969-3085652971-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"Monopoly Deluxe" = Monopoly Deluxe
"Seven Phases Spectrum Analyzer" = Seven Phases Spectrum Analyzer
"Spotify" = Spotify
"Tropico 4" = Tropico 4 1.00
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.01.2012 05:27:38 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 13.01.2012 05:50:32 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 07:53:01 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 08:16:20 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 14.01.2012 11:05:44 | Computer Name = ****-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 15.01.2012 10:54:43 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 22.01.2012 04:59:55 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 24.01.2012 17:04:53 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 25.01.2012 14:11:44 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 26.01.2012 11:41:04 | Computer Name = ****-PC | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
[ NetLimiter 3 Events ]
Error - 07.09.2012 10:29:52 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 11:16:40 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 11:16:40 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 14:02:20 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 07.09.2012 14:02:20 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 08.09.2012 05:26:01 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 08.09.2012 05:26:01 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 09.09.2012 08:04:29 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 09.09.2012 08:04:29 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>
<nl-error>
<err-code>1</err-code>
<hresult
code='80070422'>The service cannot be started, either because it is disabled or
because it has no enabled devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
Error - 10.09.2012 13:18:22 | Computer Name = ****-PC | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80070422'>The
service cannot be started, either because it is disabled or because it has no enabled
devices associated with it.</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>
</nl-error-list>
[ System Events ]
Error - 10.09.2012 13:18:36 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
Error - 10.09.2012 13:18:36 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 10.09.2012 13:18:36 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
Error - 10.09.2012 13:31:29 | Computer Name = ****-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = PNRPSvc | ID = 102
Description =
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = PNRPSvc | ID = 102
Description =
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535
Error - 10.09.2012 15:36:28 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535
< End of report >
Geändert von m00h (10.09.2012 um 22:11 Uhr) |
|
11.09.2012, 01:02
| #6 | |
| /// Helfer-Team | Polizei Virus Jippieh! :(Zitat:
Schon mal darueber nachgedacht, warum es Cracks gibt? Mit Cracks & Co installiert man sich Hintertueren auf dem Rechner. Kriminelle nutzen solche Rechner als Botnetz fuer ihre Machenschaften. Dein System ist als nicht vertrauenswuerdig einzustufen und du solltest keine sensiblen Sachen wie Homebanking an dem PC betreiben. Anleitungen zum Neuaufsetzen (bebildert) > Windows 7 neu aufsetzen > Vista > XP 1. Datenrettung:
2. Formatieren, Windows neu instalieren:
3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
__________________ --> Polizei Virus Jippieh! :( |
|
11.09.2012, 07:44
| #7 |
| | Polizei Virus Jippieh! :( ist das dein ernst? zuerst whinest du herum, um mir letzendlich den glorreichen tipp zu geben, ich soll neu aufsetzen? ich bin nicht wegen der cracks hier ich bin wegen dem scheiss polizeitrojaner/virus hier. und warum bitte muss ich jetzt neu aufsetzen wenn die scanprogramme das zeug deleted haben? oder sind die scanprogramme ohnehin alle nutzlos, weil ich mir sowieso nie sicher sein kann immer alles zu erwischen? weil dann bleib ich nämlich im bot netz, weils der aufwand dann nicht wert ist... ich versuchs hier nochmal diplomatisch -> muss ich noch etwas beachten/tun um evtl. den Polizeivirus vollständig zu entfernen, oder hat sich mit den scans ergeben, dass der weg ist? (was für mich offensichtlich so aussieht) gibt es zusätzliche programme die ich installieren sollte um meinen pc sicherer gegen solche exploits zu machen? danke. |
|
12.09.2012, 12:43
| #8 | ||||||||
| /// Helfer-Team | Polizei Virus Jippieh! :(Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
 Zitat:
Zitat:
Zitat:
|
|
| Themen zu Polizei Virus Jippieh! :( |
| administrator, anti-malware, appdata, detected, explorer, kaspersky, locker, malware, malware bytes, malware.packer.gen, malwarebytes, microsoft, nichts, pup.offerbundler.st, pup.riskwaretool.ck, riskware.tool.ck, roaming, service, startup, system, temp, trojan.agent, trojan.agent.ck, unlocker, version, virus, wgsdgsdgdsgsd.exe |
Linear-Darstellung
