| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner heute eingefangen - LOG FilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.09.2012, 23:08
| #1 |
| |  GVU Trojaner heute eingefangen - LOG Files Hi Ich habe mir heute den GVU Trojaner eingefangen. Ich bin nach dieser Anleitung vorgegangen: http://www.trojaner-board.de/117883-...er-webcam.html Hier meine Log Files: OTL: Code:
ATTFilter 7,93 Gb Paging File | 6,25 Gb Available in Paging File | 78,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 87,89 Gb Total Space | 4,79 Gb Free Space | 5,46% Space Free | Partition Type: NTFS Drive D: | 98,42 Gb Total Space | 36,10 Gb Free Space | 36,68% Space Free | Partition Type: NTFS Computer Name: DESKTOPPC | User Name: admin_new | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\admin_new\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - D:\FileServe Manager\FSStarter.exe (FileServe Limited) PRC - D:\Autodesk_2012\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () PRC - D:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP) PRC - C:\Programme\ESET\ESET Smart Security\x86\ekrn.exe (ESET) PRC - D:\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\AAVUpdateManager\aavus.exe () PRC - C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) PRC - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) PRC - C:\Windows\SysWOW64\nutsrv4.exe (DataFocus, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avutil-51.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avformat-54.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - D:\FileServe Manager\FFChromeExtHelper.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll () MOD - C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll () MOD - C:\Program Files (x86)\HP\HP UT LEDM\bin\LEDMXMLObjects.dll () MOD - C:\Program Files (x86)\HP\HP UT LEDM\bin\DMBaseObjects.dll () MOD - C:\PROGRA~2\Vision\system\rifxx.dll () MOD - C:\PROGRA~2\COMMON~1\Vision\vwmuapi.dll () ========== Services (SafeList) ========== SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (mi-raysat_3dsmax2012_64) -- D:\Autodesk_2012\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (EhttpSrv) -- C:\Programme\ESET\ESET Smart Security\EHttpSrv.exe (ESET) SRV - (ekrn) -- C:\Programme\ESET\ESET Smart Security\x86\ekrn.exe (ESET) SRV - (mi-raysat_3dsmax2010_64) -- D:\Autodesk\3ds Max Design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe () SRV - (AAV UpdateService) -- C:\Program Files (x86)\AAVUpdateManager\aavus.exe () SRV - (WinVNC4) -- C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (NuTCRACKERService) -- C:\Windows\SysWOW64\nutsrv4.exe (DataFocus, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation) DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation) DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation) DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc) DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation) DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation) DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (mvusbews) -- C:\Windows\SysNative\drivers\mvusbews.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (cmudax) -- C:\Windows\SysNative\drivers\cmudax3.sys (C-Media Inc) DRV:64bit: - (cmuda3) -- C:\Windows\SysNative\drivers\cmudax3.sys (C-Media Inc) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET) DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET) DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET) DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET) DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (MODRC) -- C:\Windows\SysNative\drivers\modrc.sys (DiBcom S.A.) DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\mod7700.sys (DiBcom) DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (PORTIO) -- C:\Users\Sotizzle\Desktop\JungleFlasher v0.1.73 Beta (108)\portio64.sys () DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (TPkd) -- C:\Windows\SysWow64\drivers\TPkd.sys (PACE Anti-Piracy, Inc.) DRV - (usbaudio) -- C:\Windows\SysWOW64\drivers\usbaudio.sys (Microsoft Corporation) DRV - (usbhub) -- C:\Windows\SysWOW64\drivers\usbhub.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-864713432-773561721-809381997-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}: D:\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5} [2011.05.13 22:30:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Addobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.01.20 12:33:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.01.20 12:36:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\Sotizzle\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012.01.26 23:33:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.07.18 22:32:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.06 20:08:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.15 17:17:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009.10.23 23:32:43 | 000,000,000 | ---D | M] [2012.07.29 12:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.06 20:08:13 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.03.19 05:58:26 | 000,067,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll [2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012.07.30 21:35:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.30 21:35:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.30 21:35:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.30 21:35:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.30 21:35:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.30 21:35:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\admin_new\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Adobe Contribute CS5.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: vshare plugin = C:\Users\admin_new\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\admin_new\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2011.05.28 10:39:19 | 000,000,485 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 1) Go into the hosts setup folder: O1 - Hosts: C:\Windows\System32\drivers\etc O1 - Hosts: (I use Notepad to open it) O1 - Hosts: add the following lines, at the bottom of the file, to the host file: O1 - Hosts: You can just do a copy and paste O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.com Blocking Adobe Activation O2 - BHO: (FileServeManager) - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - D:\FileServe Manager\FileServeBHO.dll (FileServe Limited) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Addobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Addobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [TNOD UP] "C:\Users\Sotizzle\Desktop\TNod\TNODUP.exe" /i File not found O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FileServe Manager Task] D:\FileServe Manager\FSStarter.exe (FileServe Limited) O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [NuTCSetupEnviron] C:\PROGRA~2\NUTCRA~1\bin\ncoeenv.exe () O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-864713432-773561721-809381997-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\nutafun4.dll (DataFocus, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\nutafun4.dll (DataFocus, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A52D424-DB35-4DD2-A80A-EE484C53C70F}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {24A42960-A7F8-11CF-8121-0020AFB5213D} - C:\PROGRA~2\Vision\SYSTEM\zonehook.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.07.01 23:34:43 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2008.12.28 19:46:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008.11.15 22:23:03 | 000,000,000 | ---- | M] () - C:\.autoreg -- [ NTFS ] O32 - AutoRun File - [2011.07.01 22:04:58 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2012.04.02 22:53:55 | 000,000,000 | ---D | M] - D:\Autodesk_2012 -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.08 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\Google [2012.09.08 23:32:26 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\Apple Computer [2012.09.08 23:32:19 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\Adobe [2012.09.08 23:32:14 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\ESET [2012.09.08 23:32:08 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\Adobe [2012.09.08 23:30:06 | 000,000,000 | R--D | C] -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.09.08 23:30:06 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Searches [2012.09.08 23:30:06 | 000,000,000 | R--D | C] -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.09.08 23:29:51 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\Identities [2012.09.08 23:29:48 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Contacts [2012.09.08 23:29:46 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\VirtualStore [2012.09.08 23:29:39 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\WTablet [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Vorlagen [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\AppData\Local\Verlauf [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\AppData\Local\Temporary Internet Files [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Startmenü [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\SendTo [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Recent [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Netzwerkumgebung [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Lokale Einstellungen [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Documents\Eigene Videos [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Documents\Eigene Musik [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Eigene Dateien [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Documents\Eigene Bilder [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Druckumgebung [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Cookies [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\AppData\Local\Anwendungsdaten [2012.09.08 23:29:23 | 000,000,000 | -HSD | C] -- C:\Users\admin_new\Anwendungsdaten [2012.09.08 23:29:22 | 000,000,000 | --SD | C] -- C:\Users\admin_new\AppData\Roaming\Microsoft [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Videos [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Saved Games [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Pictures [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Music [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Links [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Favorites [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Downloads [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Documents [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\Desktop [2012.09.08 23:29:22 | 000,000,000 | R--D | C] -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.09.08 23:29:22 | 000,000,000 | -H-D | C] -- C:\Users\admin_new\AppData [2012.09.08 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\Temp [2012.09.08 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\Microsoft Help [2012.09.08 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Local\Microsoft [2012.09.08 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\Media Center Programs [2012.09.08 23:29:22 | 000,000,000 | ---D | C] -- C:\Users\admin_new\AppData\Roaming\Macromedia [2012.08.16 00:12:19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.08.16 00:12:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.08.16 00:12:18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.08.16 00:12:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.08.16 00:12:17 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.08.16 00:12:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.08.16 00:12:17 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.08.16 00:12:17 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.08.16 00:12:15 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.08.16 00:12:15 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.08.16 00:12:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.08.16 00:12:14 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.08.16 00:12:13 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.08.15 21:25:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.08.15 21:25:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.08.15 21:25:28 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.08.15 21:25:25 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll ========== Files - Modified Within 30 Days ========== [2012.09.08 23:38:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.08 23:38:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.08 23:29:39 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.08 23:29:38 | 000,000,496 | RHS- | M] () -- C:\Users\admin_new\ntuser.pol [2012.09.08 23:28:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.08 23:28:49 | 3193,786,368 | -HS- | M] () -- C:\hiberfil.sys [2012.09.08 23:27:34 | 004,503,728 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.09.08 00:18:01 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.04 23:50:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.04 23:50:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.04 23:50:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.04 23:50:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.04 23:50:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.04 23:23:11 | 000,002,336 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.08.25 17:40:48 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.25 17:40:48 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.16 19:59:11 | 005,019,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.09.08 23:30:55 | 000,001,401 | ---- | C] () -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.09.08 23:30:15 | 000,001,435 | ---- | C] () -- C:\Users\admin_new\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.09.08 23:29:38 | 000,000,496 | RHS- | C] () -- C:\Users\admin_new\ntuser.pol [2012.09.08 11:53:54 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012.02.26 19:34:18 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\ColorEfexPro4FC64.dll [2011.12.09 15:00:24 | 000,326,144 | ---- | C] () -- C:\Windows\SysWow64\Viveza2FC32.dll [2011.12.08 02:47:26 | 000,326,144 | ---- | C] () -- C:\Windows\SysWow64\HDREfexProFC32.dll [2011.12.02 02:59:04 | 000,326,144 | ---- | C] () -- C:\Windows\SysWow64\SilverEfexPro2FC32.dll [2011.11.23 00:16:04 | 000,003,584 | ---- | C] () -- C:\Windows\SysWow64\ColorEfexPro4FC32.dll [2011.07.01 22:16:32 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2010.12.12 02:09:15 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll [2010.11.02 21:22:29 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\uuddc32.dll [2010.09.16 00:52:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\uninst.dll [2010.09.16 00:50:49 | 000,065,808 | ---- | C] () -- C:\Windows\SysWow64\nutsh4.DLL [2010.09.16 00:49:56 | 000,221,184 | R--- | C] () -- C:\Windows\SysWow64\tiffdump.exe [2010.09.16 00:49:56 | 000,028,672 | R--- | C] () -- C:\Windows\SysWow64\iflapigen.exe [2010.09.16 00:49:55 | 000,262,144 | R--- | C] () -- C:\Windows\SysWow64\iflTIFF0.dll [2010.09.16 00:49:55 | 000,163,840 | R--- | C] () -- C:\Windows\SysWow64\ifl0.dll [2010.09.16 00:49:55 | 000,118,784 | R--- | C] () -- C:\Windows\SysWow64\iflPNG0.dll [2010.09.16 00:49:55 | 000,110,592 | R--- | C] () -- C:\Windows\SysWow64\iflJFIF0.dll [2010.09.16 00:49:55 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\iflSGI0.dll [2010.09.16 00:49:55 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\iflGIF0.dll [2010.09.16 00:49:55 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\ifldbgen.exe [2010.09.16 00:49:55 | 000,032,768 | R--- | C] () -- C:\Windows\SysWow64\iflBMP0.dll [2010.09.16 00:49:55 | 000,032,768 | R--- | C] () -- C:\Windows\SysWow64\cifl0.dll [2010.09.16 00:49:55 | 000,028,672 | R--- | C] () -- C:\Windows\SysWow64\iflXPM0.dll [2010.09.16 00:49:55 | 000,028,672 | R--- | C] () -- C:\Windows\SysWow64\iflPPM0.dll [2010.09.16 00:49:55 | 000,028,672 | R--- | C] () -- C:\Windows\SysWow64\iflFIT0.dll [2010.09.16 00:49:55 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\iflXBM0.dll [2010.09.16 00:49:55 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\iflRaw0.dll [2010.09.16 00:49:55 | 000,020,480 | R--- | C] () -- C:\Windows\SysWow64\iflstatus.exe [2009.10.24 13:25:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== LOP Check ========== [2012.09.08 23:32:14 | 000,000,000 | ---D | M] -- C:\Users\admin_new\AppData\Roaming\ESET [2010.04.18 10:50:27 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\abgx360 [2011.09.14 23:41:15 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Apowersoft [2011.07.01 23:12:12 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Autodesk [2010.03.27 22:57:30 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\BlackBean [2009.10.24 01:26:20 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Blitware [2009.11.22 00:43:05 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\DAEMON Tools Lite [2009.10.25 18:04:06 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\DAEMON Tools Pro [2010.02.27 16:24:09 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\DigitalJuice [2009.10.23 23:33:25 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\ESET [2009.11.10 23:10:05 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\FlashFXP [2012.09.07 23:28:56 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\foobar2000 [2012.01.29 11:18:38 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\FreeStone Group [2010.07.19 20:04:19 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\GrabPro [2012.01.19 23:11:24 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\HDRsoft [2010.04.06 22:54:05 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\ImgBurn [2011.01.11 23:06:08 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Leadertech [2011.12.18 01:12:40 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Mael [2010.10.21 21:28:29 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\ManyCam [2012.06.16 13:24:24 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\MediaMonkey [2009.10.23 23:54:46 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\NetMeter [2012.02.09 21:21:40 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Nik Software [2010.07.21 17:49:07 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Notepad++ [2009.10.23 23:23:01 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Opera [2011.09.02 19:48:09 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Orbit [2012.05.03 21:45:05 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\PACE Anti-Piracy [2010.07.19 20:05:08 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\ProgSense [2009.12.24 00:40:00 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Ringtone Expressions [2011.06.27 22:45:43 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Samsung [2012.02.11 17:12:46 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Software4u [2012.04.09 23:40:56 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.01.31 23:53:40 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Stereoscopic Player [2012.05.02 21:47:10 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\TeamViewer [2012.05.23 23:05:17 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\Temp [2010.12.12 00:58:56 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\ThumbGen [2010.01.04 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\TrueCrypt [2012.02.11 17:25:38 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\WindSolutions [2012.06.12 22:01:52 | 000,000,000 | ---D | M] -- C:\Users\Sotizzle\AppData\Roaming\XnView [2010.12.12 03:59:00 | 000,000,468 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2012.05.25 08:38:51 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > und EXTRAS: Code:
ATTFilter 7,93 Gb Paging File | 6,25 Gb Available in Paging File | 78,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 87,89 Gb Total Space | 4,79 Gb Free Space | 5,46% Space Free | Partition Type: NTFS
Drive D: | 98,42 Gb Total Space | 36,10 Gb Free Space | 36,68% Space Free | Partition Type: NTFS
Computer Name: DESKTOPPC | User Name: admin_new | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Addobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Addobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087EB1C8-74E9-4C76-B05A-D7327D5F3DCF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{10B19112-0139-49CF-B786-E45E45CE3E01}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1A1EA812-7FA5-4A07-90C8-4A8B1BAC7B74}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1A738346-5523-48A8-AE34-C3E96DE0175F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{211F3D3B-4789-4D99-B839-1E82C92E5D68}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{260A2589-9AEF-4090-A69D-775893A36424}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C952AE4-50A1-4B11-A47C-279A3FF5044F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34C8DB82-B4E9-4BA3-A73D-66D9171E1065}" = lport=139 | protocol=6 | dir=in | app=system |
"{3E109CB3-2BBE-4910-8B3C-3F5C3BA99F18}" = rport=445 | protocol=6 | dir=out | app=system |
"{3E448F29-C46B-40A3-98D1-84D3FE6534B6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{445F7016-3A40-4EF2-AE2E-935DB11E7B49}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BDEB4E4-8EBE-4DA4-9163-096A35F82647}" = lport=138 | protocol=17 | dir=in | app=system |
"{500853BA-FE37-4D74-9BB4-AC41BBCC96FD}" = lport=445 | protocol=6 | dir=in | app=system |
"{52B28342-83F1-488F-B5AB-329F50B6E6DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56127733-FD7C-448E-8120-3C4D6DD49180}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{59368EBC-9100-4934-9091-20EFF3C5AACB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59CE7F75-0166-4CAA-8A69-814FB52F1A22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B31CE54-C7E5-4F6D-8886-B9E7BA43D1E7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F8EEE78-C7D1-4DA2-BA08-DBD57A55641E}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{6B86F1C9-FAF1-49F4-B0BB-829F982D47ED}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B9BAFC2-63A1-494F-86EE-FAE4A535BF4E}" = lport=137 | protocol=17 | dir=in | app=system |
"{856D00AE-42ED-47EC-9129-1981A4D0F6D0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{8770A5C3-F968-4806-B0CB-AD843759AD41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E66DA02-8A6A-4DDD-A665-B681FAEEFE1C}" = rport=137 | protocol=17 | dir=out | app=system |
"{924FAD34-706D-4BF7-AA76-8FFB3CCD8736}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{9B856E00-F076-4A7A-9907-D0B4BC5DBEF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A66A9A45-52DC-424A-B45E-CF6EF42B8799}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB1C1A91-0777-4E38-B89D-2314D4A38140}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ACFCEE19-7669-4CE9-AA8B-A23FFF63C2D7}" = rport=138 | protocol=17 | dir=out | app=system |
"{B53325C7-DB1D-415F-A25D-6C205CD6E519}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8FF5EFF-3565-4D86-AB90-20726BEDD8DF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BB36B90D-F208-4B29-B50A-0E3E474D2EA2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB50E33C-6C14-4174-8F4F-3E662A71B194}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C4979756-E408-4795-BD38-0791E420A9D1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CBD7828D-4D47-411C-8CE8-735F99568FF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD15A794-58A4-4591-9E53-37C2FC01D1B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6A1402F-CB67-4FED-BCDF-86BD8EF71D96}" = rport=139 | protocol=6 | dir=out | app=system |
"{D859C1FE-C3DB-4370-9071-62CD898274DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5E2EFA2-12C1-4684-9873-89E7CF1556CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EE5956C6-63CC-4187-857A-8E822332ACC6}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{F2864BAC-B88C-4BEF-A42D-FF27859744D8}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0353E5B9-1604-4D2C-9282-6575F9DF6314}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F73E3D7-33FB-4FF8-944F-7A5120420C0A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0F7D782F-502F-4DB0-B416-44C00AD9B718}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{142C9473-58AA-41DE-A829-E5B66CF645B6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{145F1BD2-4D8C-431F-9D54-007E67B6087F}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{1537F6DE-1066-4F83-AE4B-A3B9FE12E3B1}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{15BB6286-EC4F-40A8-A17C-A6E121B549BC}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{15EB572D-630F-44EE-882C-0A86446160C5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2006D16C-DAB5-40FA-A2E7-0EE379437DB4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2015B576-7411-4EBC-8850-5964CC2439BD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2182EBCB-0DE3-45FE-B1D4-2058886200CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{236363E2-7C4D-48A0-90C7-AA90B527BFA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2418FC7D-4C61-440C-BF58-1DF0C6E4962D}" = protocol=17 | dir=in | app=d:\sega\vancouver 2010\vancouver.exe |
"{259B4C18-B6AF-49CD-8867-60720F1DC425}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2643EAC0-F6F7-4782-81F2-6DFF3CB8DA58}" = protocol=17 | dir=in | app=d:\addobe\adobe flash builder 4.5\flashbuilder.exe |
"{300BF7EC-DE15-4B18-AA1F-8BA9532B38A0}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{356B0E96-EBD1-4C5D-9F87-1668C3A21FA0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3ABD99F8-B6FC-4601-8248-9238D8E488BC}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{3CF146C4-7339-4C72-A4D5-6252D23FD356}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{45BC0C29-5A0B-4144-ACB9-C0117E343C2D}" = protocol=17 | dir=in | app=d:\autodesk\3ds max design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe |
"{462056CA-23AD-47EE-91F2-4C5BE034CEBF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{46CBFEF9-DDBD-4A5E-86A6-7C58FE4C8B03}" = protocol=17 | dir=in | app=d:\autodesk\3ds max design 2010\3dsmax.exe |
"{4CF0EB8D-4C93-493D-AC85-5B32384C0825}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{4D90CE29-D169-4B28-8A65-18CB0C4613F5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4E2737BC-639F-4C15-B773-8247BE6F643B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4E2B9E19-F169-49EE-9177-997BC9FBA584}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{50FB5D4B-75D3-40F7-AE09-5E242D26786C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{57B75B98-72C1-4D89-AB25-1A415E6DC6A6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{5BE1FB3F-62C4-43E8-8B00-AC282F526A7B}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{5F3DD7B0-CBA8-4960-8344-DD47F12BAF74}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FDCB7AB-0188-4A76-86E8-A2CE913B3F9A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{61EC9600-7AAF-4C30-9DCD-72831A842FF3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{61F65346-9958-4E76-9C3E-82010B458283}" = protocol=6 | dir=in | app=d:\addobe\adobe flash builder 4.5\flashbuilder.exe |
"{630791B3-E15D-45AF-8B4F-55D57CEF126A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{632C770F-E272-496A-BE64-357D05E848E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{68DA2DC1-CF01-434F-A9BC-64A5EAE04B9F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6C6CB253-1A9B-45E4-ABBE-F5FDB224958C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6D80EBAC-3B0D-4FF2-8833-EAAFE37B2CDA}" = protocol=6 | dir=in | app=d:\autodesk_2012\3ds max 2012\3dsmax.exe |
"{726BB874-A3BB-49A1-ACB9-3135425E2134}" = protocol=6 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{77CECDFF-EC14-4588-BB7D-23E7228B86FF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{78B651C5-3806-4DA7-9BDA-FE4EC6C1E92F}" = protocol=6 | dir=in | app=d:\sega\vancouver 2010\vancouver.exe |
"{7B4E81B6-759A-4F42-BA03-7A4473D2C0AB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7C3AC18A-30DD-472B-A2EB-3D285471C621}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7E6564A2-095E-4A19-8B85-B96DA696E1B8}" = protocol=6 | dir=in | app=d:\autodesk\3ds max design 2010\mentalray\satellite\raysat_3dsmax2010_64.exe |
"{7E71DD46-FAA2-4E47-8C21-B4C720175A62}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{813FC762-9DCF-4C5D-9FCF-DD35BFB59D65}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{819D47E3-5C63-4CC8-90E0-6A1720AF0F23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85822126-1A9B-4F3D-BC40-912B3D352750}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{874A3BF7-5D92-469A-BFA9-E4E684B6CD1F}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{87EA2948-BFD4-496B-960D-5C8180DCB157}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B7D2A58-2330-4E59-83EF-CFA9DAC6A724}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{8BD3A9C3-B217-4191-A64B-1437E72C67AD}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{9016BD49-0FFF-471E-BAE8-85B83376BDC7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{91872C4A-2CCE-442D-AF34-816530D6F5E5}" = protocol=6 | dir=in | app=d:\autodesk\3ds max design 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe |
"{918D770A-A15E-4A67-9943-D50E20F1B47A}" = protocol=6 | dir=in | app=d:\autodesk\3ds max design 2010\3dsmax.exe |
"{930F64EF-60E8-446B-B64E-B910B5C762AC}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{94D9AB9F-2076-4AC5-BEA3-9D6C1ECC385B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{951A5F6E-CF40-4F45-A304-634C86C734E1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9930C656-0E8A-4076-A975-483B46E5AFF5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9ADB539C-0274-4F1D-AD3C-EB983EF6AD16}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9CE46CF1-B118-4BEE-AEB0-CD30908380E1}" = protocol=17 | dir=in | app=d:\autodesk\3ds max design 2010\mentalray\satellite\raysat_3dsmax2010_64.exe |
"{9E3F06D9-E04B-45BA-8FE6-68DB68DE4DE8}" = protocol=17 | dir=in | app=d:\autodesk_2012\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{9E4840AF-DCE4-4BF8-B71F-273B4F2556BF}" = protocol=6 | dir=in | app=d:\autodesk_2012\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe |
"{A017A15A-494D-4044-B52E-E2D04F62FB3F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AA1E2E66-7068-41EE-9175-CA22183E49A7}" = protocol=6 | dir=out | app=system |
"{AF1690BB-EEDD-47E6-8D10-E41BA1A99B05}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AF800796-245E-4BAC-A0A9-158B43D968EF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B416E33A-4F03-4A42-BBF0-AEDD016A3B56}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B4EDE0C7-7D59-49DD-B9AE-462FAA6008CF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6D560B5-81CE-4977-90FE-735705C09DB0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BAE0FD62-A011-4370-9412-769C44450E71}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BCBC5E83-F03B-40AE-84F8-3ADE2BFDA3BD}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{BF337E3E-C201-40FF-9EDE-13FB72586E0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BF78FC92-FAAB-494F-A735-E0FE3F56371A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{C0A603DD-4946-442C-AC40-035C0D49A8C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C305A0CC-10C4-4DDA-8777-BA7D5469E266}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{C3B3B9DC-4B5B-4671-B378-FC6EA7C6D776}" = protocol=17 | dir=in | app=d:\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{C78B3FF6-928D-4646-950E-ABC9240B8EB3}" = protocol=6 | dir=in | app=d:\autodesk_2012\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{C978FD1C-FD5E-4E34-8BBF-76FA34FC040E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C9CB2DB1-440B-4DCC-9872-DE500561AD11}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CA10B524-E7ED-4C22-82FB-DB1C9B69426C}" = protocol=17 | dir=in | app=d:\autodesk_2012\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe |
"{CAB397E8-181E-4AEE-961F-B618D45AD6D7}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{CF9BCDB4-D191-453A-BF7B-BFF3A661206E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1AB25A8-1245-43F2-9BDC-7F3F9C91BAC2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{D6C6C643-56F7-4978-BE25-1EE098E43D4B}" = protocol=17 | dir=in | app=d:\autodesk_2012\3ds max 2012\3dsmax.exe |
"{D9D2F801-3B06-47B7-94AE-CB278C77C631}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DA26F6EE-8FE7-41C6-9DCD-640401053CDA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DAA72676-C0DC-4B0E-A704-A867034333F7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E132A5F6-1C85-402B-8D1F-9B84FCA0093C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1C5E17A-BC26-4D54-BC71-B50ACD66F95F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9035740-84B7-440B-A007-A89F17325F7F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{EF5F88B5-0833-4939-AF6D-C72E9D09A73B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F6C7EA2B-2D11-4C45-A1E9-150215E46879}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{F8A9C8EB-846F-4119-B76E-F2D2CC844882}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB1C38F8-01B5-448D-A147-5293B99D93DC}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{FEAB9C32-45F5-4DB0-A0ED-B9BA5CDE566C}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"TCP Query User{0C861752-A720-4FE9-9C84-9193FC9CC89B}D:\maya2009\bin\maya.exe" = protocol=6 | dir=in | app=d:\maya2009\bin\maya.exe |
"TCP Query User{1175F336-A227-4240-9C4D-A93337D41B7A}D:\autodesk\3ds max design 2010\3dsmax.exe" = protocol=6 | dir=in | app=d:\autodesk\3ds max design 2010\3dsmax.exe |
"TCP Query User{13D3A3AB-F1EC-417B-B7A4-6172C554C4B5}D:\appz\maya2009\bin\maya.exe" = protocol=6 | dir=in | app=d:\appz\maya2009\bin\maya.exe |
"TCP Query User{1E7EB4D7-CA29-4E09-8541-6DAC2602D1C7}D:\appz\maya2009\bin\maya.exe" = protocol=6 | dir=in | app=d:\appz\maya2009\bin\maya.exe |
"TCP Query User{2D83D84F-9D50-47F5-80EB-6EBF23AE27CB}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe" = protocol=6 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"TCP Query User{56CD9539-84A5-4C84-BB2C-D01D5789D59B}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe" = protocol=6 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe |
"TCP Query User{7270421D-2BF4-4E56-9CA9-9151DB7A65B0}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{72E50640-6B22-45C3-895D-71203844ABBF}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{77977D7C-EACA-494E-8DF8-4EEB2AA3E15F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{7D4873B7-5365-4A88-859C-DFC78414AB9B}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"TCP Query User{80BD0D39-EC16-41F3-96CE-042C0D0D2C8E}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe" = protocol=6 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"TCP Query User{83376CBB-6A82-4D1D-B9F5-F1E97E956EFC}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{9439463B-65D4-42E9-8B59-77BB9DE03C75}E:\wd_windows_tools\wddiscovery\wddiscovery.exe" = protocol=6 | dir=in | app=e:\wd_windows_tools\wddiscovery\wddiscovery.exe |
"TCP Query User{9496D9AF-A999-4516-ACAF-E745A16BEC78}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{959042D1-0104-4BB6-AFCA-0E41BEB1C30E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{9B4DE63E-9131-4A69-BE7A-31B6D9E85572}C:\program files\progdvb\progdvbnet.exe" = protocol=6 | dir=in | app=c:\program files\progdvb\progdvbnet.exe |
"TCP Query User{9EE33285-2460-4675-91EE-D7EE55297E4B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{9F3998B4-7AEC-420C-A654-05ABD0EF001A}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{A136468D-5F37-4365-8109-50B7B1E3D89D}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe" = protocol=6 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe |
"TCP Query User{A89B9D87-D26A-4415-9402-776B966F39E2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{AED5E45D-6C8D-4D66-BBED-44DC13B32960}C:\program files (x86)\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realvnc\vnc4\winvnc4.exe |
"TCP Query User{C0A32D8C-C25C-416D-A03C-E4F36A3A4AB4}C:\program files (x86)\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe |
"TCP Query User{C17E253E-49EC-4403-ADA4-8C8A4ACF1659}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{DA859BEF-3033-497E-9F78-C146DADED20D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{DB2A968B-12DF-472B-9CE9-D09C4247F48F}D:\trillian\trillian.exe" = protocol=6 | dir=in | app=d:\trillian\trillian.exe |
"TCP Query User{E6FFC7E6-D796-45C1-8B71-F438E4D85BA2}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{F4F71952-5D1B-476E-84D2-0E24F1A5E5F2}D:\autodesk_2012\maya2012\bin\maya.exe" = protocol=6 | dir=in | app=d:\autodesk_2012\maya2012\bin\maya.exe |
"TCP Query User{F5BD0742-9D48-40BD-9813-4556A52127F1}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{11EF8F6B-36A1-4973-A83F-E95E61512817}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{1A394818-062A-4242-85AE-8F43A8DA2D61}C:\program files (x86)\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realvnc\vnc4\winvnc4.exe |
"UDP Query User{1EEB90B9-80F7-4539-9511-7D07B2E59899}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{23AA8B91-F2C2-4601-8D0F-798A0FC0AE9B}D:\appz\maya2009\bin\maya.exe" = protocol=17 | dir=in | app=d:\appz\maya2009\bin\maya.exe |
"UDP Query User{2F973F43-0C0D-44FF-BCAB-0CC8DEC55CC7}C:\program files\progdvb\progdvbnet.exe" = protocol=17 | dir=in | app=c:\program files\progdvb\progdvbnet.exe |
"UDP Query User{33BF1F88-CDE8-43DF-BD19-8BAF8432ADC7}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{39867B2D-947A-4B8B-97AA-A2BA4EB78655}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"UDP Query User{41B98232-FFCB-46DA-B32A-BD6DCBA2A670}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{453AEB16-0883-4086-9ED9-6872201A318B}D:\autodesk_2012\maya2012\bin\maya.exe" = protocol=17 | dir=in | app=d:\autodesk_2012\maya2012\bin\maya.exe |
"UDP Query User{5EF0CF78-96E6-4F68-972A-21067E4EE8C0}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{6BCA75C4-FEA1-481C-998E-E5F20C7D0227}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{7CA88000-C14B-4FCE-858A-29E6E93427A3}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe" = protocol=17 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe |
"UDP Query User{7E5AA13A-1011-4D65-96F8-6A7D7F33AF46}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{89258A8B-2C6F-4EC6-8AED-A1D95C68C853}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{9C2F263C-32F0-4A6B-A226-6DDB769076CE}D:\autodesk\3ds max design 2010\3dsmax.exe" = protocol=17 | dir=in | app=d:\autodesk\3ds max design 2010\3dsmax.exe |
"UDP Query User{A68C0236-E41B-449E-B1F8-22FE12E659C2}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{BFFEC455-6B1F-4192-9036-D38864EC426B}D:\maya2009\bin\maya.exe" = protocol=17 | dir=in | app=d:\maya2009\bin\maya.exe |
"UDP Query User{C3F8EC59-08F3-42D0-ADA2-0436B70F33BF}E:\wd_windows_tools\wddiscovery\wddiscovery.exe" = protocol=17 | dir=in | app=e:\wd_windows_tools\wddiscovery\wddiscovery.exe |
"UDP Query User{C4D4C810-6091-48F7-987C-7AADAA37A8B6}D:\appz\maya2009\bin\maya.exe" = protocol=17 | dir=in | app=d:\appz\maya2009\bin\maya.exe |
"UDP Query User{C8CD7B08-1E16-421B-A393-723BBE730D82}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe" = protocol=17 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"UDP Query User{CFEBAB19-2290-4086-AB0B-6E40A5378C0F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{D19BE430-3324-4A52-82A8-B5D7D2A23A8A}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{E29F3691-3E98-4178-A105-1CA01029BC94}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{E30AE8CA-6299-4D47-A5CE-6928B80B533E}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe" = protocol=17 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"UDP Query User{E71E1090-3F50-4DB9-8A60-942532982374}C:\program files (x86)\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe |
"UDP Query User{EEDA8D42-0F64-439D-9BCD-24929AE2FF24}D:\trillian\trillian.exe" = protocol=17 | dir=in | app=d:\trillian\trillian.exe |
"UDP Query User{EFAAA660-4D2D-4C3C-8346-1ACB140E1F57}C:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe" = protocol=17 | dir=in | app=c:\users\sotizzle\appdata\local\xenocode\sandbox\3ds max\13.0.0.94\2010.08.29t06.43\virtual\stubexe\8.0.1135\@programfiles@\autodesk\3ds max design 2011\3dsmax.exe |
"UDP Query User{F3F1325B-FAD0-4FDA-BEE2-D15EC2E5ABF1}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{227B4E66-B95F-46B8-8E86-740D5CBFC65C}" = Maya 2009 (64-bit)
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{33EE1A55-D9DD-44AC-91E0-0D0AC75608D7}" = Maya 2009 Bonus Tools (64-bit)
"{420461EA-8522-0409-B836-C9BFC6137A6D}" = Autodesk 3ds Max Design 2010 64-bit Components
"{4529F749-C362-4119-AFA0-0A3F1CA924AB}" = Autodesk MatchMover 2012 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{470BB39A-7231-4077-AD3D-86067AD04604}" = Native Instruments Audio 8 DJ Driver
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6378ABCE-F816-4330-A7B1-FBEBCD50B746}" = ESET Smart Security
"{69F849EF-4918-4333-81C1-8D8FC07E62B1}" = Knoll Light Factory Photo 64 bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{723C8298-C7B0-0409-A1B6-C3BA6F3FFAB1}" = Autodesk 3ds Max 2012 64-bit - English
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile-Gerätecenter: Treiberupdate
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E6BB4E4-0B20-4922-AA37-260FA5ACFBA5}" = Autodesk Maya 2012 64-bit
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC3E3746-8F18-4F8A-9521-1493022C6E0A}" = Autodesk DirectConnect 2012 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9E49EC1-F125-0409-A5D1-452B98A1530A}" = Autodesk 3ds Max Design 2010 64-bit
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D44BCDFB-817B-4C14-8551-915E8B9DDD8B}" = Maya 2009 (64-bit) Documentation (en_US)
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{EA234BC3-39FE-4734-B72F-076086889F6D}" = Composite 2012 64-bit
"{EC4EBC45-30AF-4F3C-B2B5-2FAF3FF9A1D1}" = Autodesk DirectConnect 2009 (64-bit)
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}" = NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit
"Autodesk 3ds Max 2012 64-bit - English" = Autodesk 3ds Max 2012 64-bit - English
"Autodesk DirectConnect 2012 64-bit" = Autodesk DirectConnect 2012 64-bit
"Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max Design 2010 64-bit
"Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit" = Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
"Autodesk Maya 2012 64-bit" = Autodesk Maya 2012 64-bit
"C-Media Audio Driver" = C-Media PCI Audio 64-bit Driver
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v2.7.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Pen Tablet Driver" = Bamboo
"PhotomatixPro41x64_is1" = Photomatix Pro version 4.1.4
"ProgDVB" = ProgDVB
"Recuva" = Recuva
"TNod" = TNod User & Password Finder
"V-Ray for 3dsmax 2010 for x64" = V-Ray for 3dsmax 2010 for x64
"WinRAR archiver" = WinRAR archiver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1" = System.Data.SQLite v1.0.80.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0976596E-2882-487D-8738-A32C3B3A3C7C}" = PJ Remix
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48EE4F71-8365-11D4-A82C-0000E85C4F70}" = 3D-Equalizer V3 R4b8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5A07D8BC-C982-43B3-B24F-6FD8D6E89F02}_is1" = FileServe Manager 1.0.0.2821
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1" = Juicer 3.55a
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68E6762C-20CA-41B2-8720-1B178B2C6AED}" = DxO FilmPack 2.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5B1D32-CC86-4689-B43C-AD52A9B8773B}" = DIYPhotoBits.com Camera Control 5.2
"{7021CBFE-9C50-4BE0-A299-8F173E751302}" = Autodesk 3ds Max Design 2010 Tutorials Files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iExplorer 2.2.1.3
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
"{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}" = Orca
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E299894D-5014-427C-8C4C-7AC4B1897495}" = Gigabyte U8000 TV Card Driver
"{E7D293C9-732D-4E22-905D-2615FED321A4}" = BILD-Steuer 2010
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5AEB5A7-D4EA-49A5-89F2-A799F1C620B9}" = TViXiE
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"7-Zip" = 7-Zip 4.65
"abgx360" = abgx360 v1.0.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Autodesk 3ds Max 2012 64-bit - English SP1" = Autodesk 3ds Max 2012 64-bit - English SP1
"BayGenie eBay Auction Sniper Pro Edition_is1" = BayGenie eBay Auction Sniper Pro Edition 3.3.1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CloneCD" = CloneCD
"Color Efex Pro 4" = Color Efex Pro 4
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dfine 2.0 Stand-Alone" = Dfine 2.0
"DivX Setup" = DivX-Setup
"DVB Dream_is1" = DVB Dream version 1.5c
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EuroGrand Casino" = EuroGrand Casino
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"FileRestorePlus™_is1" = FileRestorePlus™ 3.0.1.1111
"foobar2000" = foobar2000 v1.0
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Google Chrome" = Google Chrome
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"HDR Efex Pro" = HDR Efex Pro
"HijackThis" = HijackThis 2.0.2
"HxD Hex Editor_is1" = HxD Hex Editor Version 1.7.7.0
"Image Format Library 1.4" = Image Format Library
"ImgBurn" = ImgBurn
"InstallShield_{69F849EF-4918-4333-81C1-8D8FC07E62B1}" = Knoll Light Factory Photo 64 bit
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"JDownloader" = JDownloader
"KaloMa_is1" = KaloMa 4.91
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.2.0
"Knoll Light Factory Photo" = Knoll Light Factory Photo
"MediaMonkey_is1" = MediaMonkey 4.0
"MKS Platform Components 7.x" = MKS Platform Components 7.x
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Audio 2 DJ Driver" = Native Instruments Audio 2 DJ Driver
"Native Instruments Audio 4 DJ Driver" = Native Instruments Audio 4 DJ Driver
"Native Instruments Audio 8 DJ Driver" = Native Instruments Audio 8 DJ Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor" = Native Instruments Traktor
"NetMeter_is1" = NetMeter 1.1.3
"Notepad++" = Notepad++
"Opera 11.52.1100" = Opera 11.52
"Pixelspeed_Layouter" = Pixelspeed Layouter
"PixPlant2 App_is1" = PixPlant 2.0.43
"PokerStars.net" = PokerStars.net
"RealVNC_is1" = VNC Free Edition 4.1.3
"Ringtone Expressions" = Ringtone Expressions 1.5.0
"Sharpener Pro 3.0 Stand-Alone" = Sharpener Pro 3.0
"Silver Efex Pro 2" = Silver Efex Pro 2
"TeamViewer 7" = TeamViewer 7
"TrueCrypt" = TrueCrypt
"UltraISO_is1" = UltraISO Premium V9.36
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCloneDrive" = VirtualCloneDrive
"Viveza 2" = Viveza 2
"VLC media player" = VLC media player 1.1.11
"vShare.tv plugin" = vShare.tv plugin 1.3
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite_Wave3" = Windows Live Essentials
"XnView_is1" = XnView 1.97
"XVision" = SCO XVision-Eclipse
"YouTubeGet_is1" = YouTubeGet 5.9.5
"Zattoo" = Zattoo 3.3.4 Beta
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-864713432-773561721-809381997-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.07.2012 16:09:47 | Computer Name = desktopPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.1.0.0,
Zeitstempel: 0x4d90cf71 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0x448 Startzeit der fehlerhaften Anwendung: 0x01cd638954ff2419 Pfad der
fehlerhaften Anwendung: D:\Addobe\Adobe Photoshop CS5.1\Photoshop.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 307b6c00-cf82-11e1-a476-002215c850af
Error - 17.07.2012 15:50:07 | Computer Name = desktopPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000174c ID des fehlerhaften Prozesses:
0x1b94 Startzeit der fehlerhaften Anwendung: 0x01cd645540b5efcd Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: 9bafe28c-d048-11e1-831a-002215c850af
Error - 21.07.2012 12:46:38 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.07.2012 12:39:05 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.07.2012 14:15:55 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.07.2012 06:30:37 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.07.2012 09:04:31 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.07.2012 08:24:15 | Computer Name = desktopPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000174c ID des fehlerhaften Prozesses:
0x20e0 Startzeit der fehlerhaften Anwendung: 0x01cd6d85012247af Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: 4f1d9f39-d978-11e1-97db-002215c850af
Error - 30.07.2012 06:53:10 | Computer Name = desktopPC | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 20.0.1132.57 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1518 Startzeit:
01cd6e2035ea3ecb Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID:
a48955c4-da34-11e1-a9b1-002215c850af
Error - 30.07.2012 07:58:26 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 30.07.2012 13:30:33 | Computer Name = desktopPC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\Autodesk_2012\Composite
2012\python\lib\distutils\command\wininst-8_d.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 31.07.2012 17:42:12 | Computer Name = desktopPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000174c ID des fehlerhaften Prozesses:
0x1dd8 Startzeit der fehlerhaften Anwendung: 0x01cd6f653bb9d29c Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: 95c93adc-db58-11e1-9007-002215c850af
[ System Events ]
Error - 08.09.2012 05:56:41 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 08.09.2012 05:56:41 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 08.09.2012 05:56:41 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 08.09.2012 05:59:03 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TPkd
Error - 08.09.2012 17:24:27 | Computer Name = desktopPC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?09.?2012 um 11:59:36 unerwartet heruntergefahren.
Error - 08.09.2012 17:25:00 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TPkd
Error - 08.09.2012 17:28:57 | Computer Name = desktopPC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?09.?2012 um 23:27:27 unerwartet heruntergefahren.
Error - 08.09.2012 17:29:29 | Computer Name = desktopPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
TPkd
Error - 08.09.2012 17:50:59 | Computer Name = desktopPC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 08.09.2012 17:50:59 | Computer Name = desktopPC | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
mfg |
| Themen zu GVU Trojaner heute eingefangen - LOG Files |
| 7-zip, adobe after effects, converter, downloader, eset smart security, flash player, google, google earth, hijack, homepage, iexplore.exe, install.exe, jdownloader, monitor.exe, ntdll.dll, office 2007, plug-in, pup.ccproxy, pup.hacktool.patcher, pup.uusee, pup.vshareredir, pup.wpakill, realtek, recuva, registry, safer networking, security, software, spyware.passwords.xgen, spyware.spyeyes, svchost.exe, third party, trojan.agent, trojan.agent.ck, trojan.ransom.gen, trojaner, windows |
Baum-Darstellung