| |
| |||||||
Log-Analyse und Auswertung: Firefox, Umleitungen und Internetstörungen.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.12.2012, 17:27
| #1 |
| |  Firefox, Umleitungen und Internetstörungen. Hallo liebe Leute^^ Ich habe folgendes Problem: Seit Heute (etwa 14:30) leitet Firefox jede Webseite die ich öffne auf diese Adresse um: Code:
ATTFilter hxxp://go.timedirect.ru/?id=49983&go=1000000&close=1000000&hash=5fef3eff51dc719c4a9f565a742d78f2&domain=%ED%E5+%EE%EF%F0%E5%E4%E5%EB%E5%ED&rref=&adult=
Ausserdem streikt in unbestimmten Abständen das Internet. Obwohl meine Netzwerkinformationen angeben, dass ich Internetzugriff habe, kann ich mich weder in ein Online-Spiel, noch in Programme mit Internet einloggen oder eine Webseite öffnen (Fehler beim laden der Seite). Ich habe bisher jedesmal das Modem resettet und nach ein paar Minuten geht es dann wieder eine Weile (ich denke nicht, dass es an dem reset liegt). Ob diese 2 Probleme aber zusammenhängen weiß ich nicht. Fakten: - Irgendwas leitet sämtliche Seiten (ausser Google) die ich probiert habe auf oben genannte Adresse um. - Wenn ich in Firefox die Option "JavaScript aktivieren" deaktiviere, wird nichts mehr umgeleitet. Das Problem mit dem Internet bleibt allerdings. - Ich habe Antivir komplett durchlaufen lassen aber nichts diesbezüglich gefunden. - Falls das ein Problem speziell mit Java sein sollte hier ein paar Fakten zu Java: - Ich habe sowohl x32 als auch x64 Java installiert. - Java liegt nicht auf der gleichen Partition wie das System. - Ich habe in diesem Thread jemanden gefunden der vielleicht das gleiche Problem hatte wie ich: http://www.trojaner-board.de/122281-...-redirect.html habe jedoch die Finger von seiner Lösung gelassen, da in diesem Thread darauf hingewiesen wurde, dass die Schritte die er ausführen musste teilweise nur für ihn zugeschnitten sind und mich dafür entschieden lieber einen eigenen Thread zu eröffnen. Hier der Log von Antivir Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 7. Dezember 2012 15:10
Es wird nach 4497555 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Daniel
Computername : OMEGA
Versionsinformationen:
BUILD.DAT : 12.1.9.1236 40872 Bytes 11.10.2012 15:29:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 14.11.2012 16:32:32
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 17:22:18
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 17:22:19
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 17:22:19
AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 17:22:09
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 17:42:46
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 18:21:02
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 17:25:20
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 22:46:02
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 11:20:17
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 16:38:22
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 16:38:22
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 16:38:22
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 16:38:22
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 16:38:22
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 16:38:22
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 16:38:22
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 16:38:17
VBASE015.VDF : 7.11.51.95 140288 Bytes 26.11.2012 16:38:19
VBASE016.VDF : 7.11.51.221 164352 Bytes 29.11.2012 16:38:22
VBASE017.VDF : 7.11.52.29 158208 Bytes 01.12.2012 16:38:23
VBASE018.VDF : 7.11.52.91 116736 Bytes 03.12.2012 16:38:36
VBASE019.VDF : 7.11.52.151 137728 Bytes 05.12.2012 16:38:17
VBASE020.VDF : 7.11.52.152 2048 Bytes 05.12.2012 16:38:17
VBASE021.VDF : 7.11.52.153 2048 Bytes 05.12.2012 16:38:18
VBASE022.VDF : 7.11.52.154 2048 Bytes 05.12.2012 16:38:18
VBASE023.VDF : 7.11.52.155 2048 Bytes 05.12.2012 16:38:18
VBASE024.VDF : 7.11.52.156 2048 Bytes 05.12.2012 16:38:18
VBASE025.VDF : 7.11.52.157 2048 Bytes 05.12.2012 16:38:18
VBASE026.VDF : 7.11.52.158 2048 Bytes 05.12.2012 16:38:18
VBASE027.VDF : 7.11.52.159 2048 Bytes 05.12.2012 16:38:18
VBASE028.VDF : 7.11.52.160 2048 Bytes 05.12.2012 16:38:18
VBASE029.VDF : 7.11.52.161 2048 Bytes 05.12.2012 16:38:18
VBASE030.VDF : 7.11.52.162 2048 Bytes 05.12.2012 16:38:18
VBASE031.VDF : 7.11.52.218 146944 Bytes 06.12.2012 16:39:00
Engineversion : 8.2.10.216
AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 22:46:30
AESCRIPT.DLL : 8.1.4.72 467323 Bytes 06.12.2012 16:39:03
AESCN.DLL : 8.1.9.4 131445 Bytes 15.11.2012 16:38:01
AESBX.DLL : 8.2.5.12 606578 Bytes 30.06.2012 22:46:05
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 14:01:50
AEPACK.DLL : 8.3.0.40 815479 Bytes 12.11.2012 14:30:12
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 14:01:43
AEHEUR.DLL : 8.1.4.160 5624184 Bytes 06.12.2012 16:39:03
AEHELP.DLL : 8.1.25.2 258423 Bytes 11.10.2012 13:00:09
AEGEN.DLL : 8.1.6.10 438646 Bytes 15.11.2012 16:37:59
AEEXP.DLL : 8.2.0.18 123253 Bytes 06.12.2012 16:39:03
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 22:46:29
AECORE.DLL : 8.1.29.2 201079 Bytes 07.11.2012 14:01:40
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 14:01:34
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 17:22:18
AVPREF.DLL : 12.3.0.32 50720 Bytes 14.11.2012 16:32:32
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 17:22:19
AVARKT.DLL : 12.3.0.33 209696 Bytes 14.11.2012 16:32:31
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 17:22:18
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 17:22:19
AVSMTP.DLL : 12.3.0.32 63480 Bytes 08.08.2012 22:47:32
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 17:22:19
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 08.08.2012 22:47:30
RCTEXT.DLL : 12.3.0.32 98848 Bytes 14.11.2012 16:32:31
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: löschen
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, F:, E:, I:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: aus
Archiv Smart Extensions...............: ein
Abweichende Archivtypen...............: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, +ISO 9660,
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +PCK,+PFS,
Beginn des Suchlaufs: Freitag, 7. Dezember 2012 15:10
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'F:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Versteckter Treiber
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DivXUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PlusService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSOSYNC.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DTLite.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'hamachi-2-ui.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'CTAudSvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '1' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Windows\Sysnative\drivers\sptd.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Die Registry wurde durchsucht ( '2279' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Windows\System32\drivers\sptd.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Beginne mit der Suche in 'D:\'
D:\pagefile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
D:\Steam\SteamApps\common\terraria\dotNetFx40_Full_x86_x64.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'F:\'
Beginne mit der Suche in 'E:\'
Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'I:\'
Der zu durchsuchende Pfad I:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Ende des Suchlaufs: Freitag, 7. Dezember 2012 16:15
Benötigte Zeit: 1:05:17 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
52412 Verzeichnisse wurden überprüft
762294 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
3 Dateien konnten nicht durchsucht werden
762291 Dateien ohne Befall
5717 Archive wurden durchsucht
4 Warnungen
0 Hinweise
73 Objekte wurden beim Rootkitscan durchsucht
1 Versteckte Objekte wurden gefunden
Ich hoffe ihr könnt mir weiterhelfen^^ Gruß, Boleal Verzeiht mir bitte den Doppelpost aber ich habe eben erst von OTL und Malwarebytes gelesen, als meine Zeit für die Bearbeitung des ersten posts schon um war und möchte gerne noch die Logs posten, da ich vermutlich sowieso danach gefragt werden würde^^ Malwarebytes Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.07.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Daniel :: OMEGA [Administrator] Schutz: Aktiviert 07.12.2012 19:39:05 mbam-log-2012-12-07 (19-39-05).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 263181 Laufzeit: 2 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL.Txt: Code:
ATTFilter OTL logfile created on: 07.12.2012 19:45:05 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Daniel 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,01% Memory free 19,95 Gb Paging File | 16,50 Gb Available in Paging File | 82,73% Paging File free Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 12258 12258 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 110,64 Gb Total Space | 70,09 Gb Free Space | 63,35% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 60,72 Gb Free Space | 22,45% Space Free | Partition Type: NTFS Drive F: | 84,57 Gb Total Space | 76,67 Gb Free Space | 90,65% Space Free | Partition Type: NTFS Computer Name: OMEGA | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Daniel\OTL.exe (OldTimer Tools) PRC - D:\Firefox\firefox.exe (Mozilla Corporation) PRC - D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - D:\Malwarebytes\mbam.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamgui.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) PRC - D:\Malwarebytes\mbamscheduler.exe (Malwarebytes Corporation) PRC - D:\Messenger Plus! Live\PlusService.exe (Yuna Software) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) ========== Modules (No Company Name) ========== MOD - D:\Firefox\mozjs.dll () MOD - D:\XSplit\Cultures\swresample-0.dll () MOD - D:\XSplit\Cultures\avcodec-54.dll () MOD - D:\XSplit\Cultures\avformat-54.dll () MOD - D:\XSplit\Cultures\swscale-2.dll () MOD - D:\XSplit\Cultures\avutil-51.dll () MOD - D:\Messenger Plus! Live\Detour32.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation) SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Hamachi2Svc) -- D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (MBAMService) -- D:\Malwarebytes\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- D:\Malwarebytes\mbamscheduler.exe (Malwarebytes Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (WRfiltv) -- C:\Windows\SysNative\drivers\WRfiltv.sys (Creative Technology Ltd.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (1394hub) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (WinRing0_1_2_0) -- D:\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 5F 89 75 89 39 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.autocompletepro.com/?si=10214&bi=400 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}: "URL" = hxxp://www.plusnetwork.com/s/?q={searchTerms}&iesrc={referrer:source?} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.autocompletepro.com/?si=10214&bi=400&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.4pre.120724a FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Java64\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Java32\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\VLC Player\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.10 11:18:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 23:28:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Firefox\components [2012.12.01 16:22:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Firefox\plugins [2012.06.11 20:57:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.10.10 11:18:52 | 000,000,000 | ---D | M] [2010.08.11 21:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2012.12.07 19:41:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\i11rcq62.default\extensions [2012.12.07 19:41:23 | 000,035,624 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.24 03:35:56 | 000,737,058 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012.09.14 13:03:57 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\i11rcq62.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011.12.29 23:28:18 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- D:\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java64\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java64\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java32\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java32\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE File not found O4:64bit: - HKLM..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PDFPrint] D:\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PlusService] D:\Messenger Plus! Live\PlusService.exe (Yuna Software) O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe" File not found O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Malwarebytes\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8F3F467-89CF-4830-86B5-15909E7E0E99}: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F09DF95A-9A95-4A08-A958-540542C2DBD4}: DhcpNameServer = 192.168.1.1 212.186.211.21 195.34.133.21 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4a193fc9-a5d2-11df-99eb-90e6ba1e8a94}\Shell - "" = AutoRun O33 - MountPoints2\{4a193fc9-a5d2-11df-99eb-90e6ba1e8a94}\Shell\AutoRun\command - "" = I:\startup.exe O33 - MountPoints2\{4a194004-a5d2-11df-99eb-90e6ba1e8a94}\Shell - "" = AutoRun O33 - MountPoints2\{4a194004-a5d2-11df-99eb-90e6ba1e8a94}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.07 19:37:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2012.12.07 19:37:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.07 19:37:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.11.29 15:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2012.11.29 03:18:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\SWTOR [2012.11.29 00:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2012.11.23 14:01:19 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.11.23 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.11.21 00:16:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Audacity [2012.11.20 11:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi [2012.11.19 19:42:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Razer [2012.11.19 19:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2012.11.19 19:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [2012.11.19 19:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2012.11.19 11:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2012.11.16 22:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2012.11.15 17:18:30 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.15 17:18:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.15 17:14:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.11.15 17:14:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.11.15 17:14:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.11.15 17:14:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.11.15 17:14:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.11.15 17:14:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.11.15 17:14:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.11.15 17:14:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.11.15 17:14:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.11.15 17:14:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.11.15 17:14:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.11.15 17:14:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.11.15 17:14:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.11.15 17:14:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.11.15 17:14:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.11.15 17:12:31 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.15 17:12:31 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.15 17:12:31 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.15 17:12:31 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.15 17:10:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.15 17:10:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.15 17:10:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.15 17:10:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll [2012.11.15 17:10:37 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll [2012.11.15 17:10:37 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll [2012.11.15 17:10:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll [2012.11.15 17:10:36 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll [2012.11.15 17:10:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll [2012.11.15 17:10:36 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe [2012.11.15 17:10:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe [2012.11.15 17:10:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll [2012.11.15 17:10:36 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll [2012.11.15 17:10:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll [2012.11.15 17:10:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll [2012.11.15 17:10:28 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.15 17:10:28 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.15 17:10:28 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.15 17:10:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.15 17:10:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.15 17:10:28 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.15 17:10:22 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.15 17:10:22 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.11.09 13:43:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{6CDD72E2-B1B3-47CB-BE59-6AA202C9246C} [2012.11.08 01:41:43 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{854D69FF-6018-4533-8B95-BE92C080E828} [2012.11.08 01:21:13 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.worldoflogs [2012.11.08 01:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.11.08 01:19:40 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.11.08 01:19:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.11.08 01:19:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.11.08 01:19:37 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.11.08 01:17:46 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.08 01:17:41 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.08 01:17:41 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.08 01:17:41 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.06 16:39:54 | 000,015,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.06 16:39:54 | 000,015,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.06 16:30:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.06 16:30:25 | 3213,402,112 | -HS- | M] () -- C:\hiberfil.sys [2012.12.04 19:58:54 | 000,000,600 | ---- | M] () -- C:\Users\Daniel\AppData\Local\PUTTY.RND [2012.12.04 19:58:26 | 000,000,600 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\winscp.rnd [2012.11.29 15:01:27 | 000,000,532 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2012.11.29 00:00:15 | 000,000,530 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.11.23 13:55:43 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | M] () -- C:\Users\Daniel\Desktop\Audacity.lnk [2012.11.20 11:15:51 | 000,000,532 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2012.11.20 01:19:03 | 001,881,714 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.20 01:19:03 | 000,801,320 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.20 01:19:03 | 000,739,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.20 01:19:03 | 000,187,524 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.20 01:19:03 | 000,152,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.19 19:41:42 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.11.19 17:56:15 | 000,000,626 | ---- | M] () -- C:\Users\Daniel\Desktop\Free YouTube Download.lnk [2012.11.19 11:53:17 | 000,000,680 | ---- | M] () -- C:\Users\Daniel\Desktop\Free YouTube to MP3 Converter.lnk [2012.11.16 22:31:45 | 000,000,833 | ---- | M] () -- C:\Windows\Windows - Verknüpfung.lnk [2012.11.15 17:32:32 | 000,434,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.12 11:29:23 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.12 11:29:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.11.08 01:19:33 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.11.08 01:19:33 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.11.08 01:19:33 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.11.08 01:19:33 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.11.08 01:19:33 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.11.08 01:19:33 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.11.08 01:17:38 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.11.08 01:17:38 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.11.08 01:17:38 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.08 01:17:38 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.08 01:17:38 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.08 01:17:38 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.29 15:01:27 | 000,000,532 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2012.11.29 00:00:15 | 000,000,530 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.11.23 13:55:40 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | C] () -- C:\Users\Daniel\Desktop\Audacity.lnk [2012.11.21 00:16:32 | 000,000,549 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012.11.19 19:41:42 | 000,001,626 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk [2012.11.19 11:53:17 | 000,000,680 | ---- | C] () -- C:\Users\Daniel\Desktop\Free YouTube to MP3 Converter.lnk [2012.11.16 22:31:45 | 000,000,833 | ---- | C] () -- C:\Windows\Windows - Verknüpfung.lnk [2012.11.15 17:18:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.15 17:12:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.04.27 23:47:08 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.04.27 23:47:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.04.25 00:42:59 | 000,027,264 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\net.telestream.wirecast.xml [2012.03.21 02:47:19 | 000,000,600 | ---- | C] () -- C:\Users\Daniel\AppData\Local\PUTTY.RND [2012.03.20 21:52:00 | 000,000,600 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\winscp.rnd [2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2011.05.25 17:46:30 | 000,099,932 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.02.15 02:10:21 | 000,007,597 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2011.01.10 01:15:13 | 000,000,094 | ---- | C] () -- C:\Users\Daniel\AppData\Local\fusioncache.dat [2011.01.10 01:14:12 | 001,766,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.05 01:25:29 | 000,000,484 | RHS- | C] () -- C:\Users\Daniel\ntuser.pol ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 07.12.2012 19:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Daniel
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 35,01% Memory free
19,95 Gb Paging File | 16,50 Gb Available in Paging File | 82,73% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 12258 12258 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 110,64 Gb Total Space | 70,09 Gb Free Space | 63,35% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 60,72 Gb Free Space | 22,45% Space Free | Partition Type: NTFS
Drive F: | 84,57 Gb Total Space | 76,67 Gb Free Space | 90,65% Space Free | Partition Type: NTFS
Computer Name: OMEGA | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC Player\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2348:TCP" = 2348:TCP:*:Enabled:Remote Assistance Local
"12163:TCP" = 12163:TCP:*:Enabled:Remote Assistance Remote
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BA85675-C4D7-45E8-98A2-D118908138FC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0CC7DCA3-D975-4CB2-BEDA-F346FE386BE6}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{1C311768-9A4B-4EA6-BB6A-9FA5C700F70F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1D6AACE0-7DBB-4895-86F4-993165EE1D83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2647B604-246E-4F79-ABDF-012E89DFCE52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2779F6AB-325A-495D-95C3-DBCB1471E40C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{291B3B3D-A148-4165-B1CC-BC83A8F91092}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{29C4E386-F32C-4FB1-9AA7-08603EA078E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{2A13988D-E874-403C-A1CF-FEDAFCAEE73F}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{2BF60ADF-BD5F-4DF0-B38F-13B2805516BC}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{2ED9A9DC-CEE8-443F-9DD8-D65428F62188}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3122395C-CC61-4A72-82C0-DC22999F9D86}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{33F04DCB-3A50-4035-8961-2AF0BE92BF71}" = rport=138 | protocol=17 | dir=out | app=system |
"{37068FB8-8A7D-4356-B84F-14FD3486E124}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3B5D83F4-6BF2-48FD-ABDA-94CEEA31C2A2}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{4479856C-0F4E-4D63-8629-A71E4132DAEB}" = lport=137 | protocol=17 | dir=in | app=system |
"{46A00935-7094-4FF3-A4CB-B8EEE104CC1E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50487C7F-FEB6-47F2-8277-A90B9050F11F}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{507C6D76-F07F-45AD-A0B3-263E5F50CE5B}" = lport=49188 | protocol=6 | dir=in | name=akamai netsession interface |
"{5316A456-B7F4-4EF0-B73A-5714FB447F7E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{555A2C62-87CD-4871-9A27-302BA72AA34E}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{5CF649AE-B181-40AB-9D0F-78F9B47FD52B}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{6BBD69FF-B326-432A-AE0E-2F07DD30CCE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CEACD0A-ED12-4F01-A794-B7B2E3D7CE82}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6D37ED22-54FF-4641-8390-6D313FC721BF}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher |
"{7B04A4CD-7725-4B1D-AB18-6AC697ECF6EB}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{80E2022A-75A0-4D5E-A686-C1755FBF726C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8948A36B-742F-4A25-8209-6A04321D7474}" = rport=137 | protocol=17 | dir=out | app=system |
"{8DDC334F-5594-4BCC-906B-64479A3902CC}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher |
"{908F9F5B-0828-44FB-8F2E-4B844B3B8C45}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{920232A8-FFD1-4D5A-A5AE-999E0817E4E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{92C58E56-43E4-48B0-B8B3-182CEFE33E2A}" = lport=6939 | protocol=6 | dir=in | name=league of legends launcher |
"{94227FF5-A35E-40C9-BCDA-E4EA973804D9}" = lport=6955 | protocol=17 | dir=in | name=league of legends launcher |
"{A8FDDFE7-2E35-4C35-9121-78B44EE5D3D1}" = lport=6955 | protocol=6 | dir=in | name=league of legends launcher |
"{ABB17169-9007-4A36-845D-E51B8A7A9C12}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC5A44D9-33C6-432E-AB2D-B63D962B2FA3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B1056114-D7E6-47E6-B72B-A1BBE2ECE289}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6466736-C763-4EE6-AF9E-9EAF250A2901}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCF22E97-19AA-4D0B-BE7B-4712C5B42517}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C7DB06E4-D7EE-4F5F-A52D-B76457BFBF68}" = lport=139 | protocol=6 | dir=in | app=system |
"{C94D95C7-0FF4-4F3E-BB6F-8F023E0CA3A3}" = lport=6939 | protocol=17 | dir=in | name=league of legends launcher |
"{C98720E8-10E9-4DDA-B9FA-E1AFEB53C6C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDF7E988-6B7C-46D7-B1E5-9A52A323D5B2}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{D244995C-B303-4C9B-971D-D577FDA21327}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4DAE12E-9F05-45BB-8A65-57A1F462D901}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{DC11FBB3-FF5F-48E3-9DFB-263765870646}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E35262B5-7A2A-4717-B326-3C92ED5D0D3E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5E00C1F-7F73-4491-9EDE-F386D17461D1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F5DAB5E3-875B-4675-8314-A29CFC4FFD45}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7CF63DD-A9B6-40FD-B338-13A6EE0897B0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8BBEEF1-453B-4E30-9CF1-FC57F2F2FB8D}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{FAD59611-AC29-467D-9EB2-9397A6B33ADE}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{FB155CB0-A3C1-470F-9DBE-3EBD8FE81D1D}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{FC49037C-ACAB-478F-8905-308B9AA5F0E5}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B81AE9-2DDE-486C-8A6C-3084ED0EA9BE}" = protocol=6 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{00C82591-B2FB-4ACE-8710-7F3C87824987}" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"{06B2B3F2-76E5-4917-839C-FC3EF93A7877}" = protocol=58 | dir=in | app=system |
"{09B98E11-0A03-4AAE-A2C4-F476BF3283B1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0A33E404-36D2-4A9E-9AEA-78F91AD8E565}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B7905CF-8759-4EE8-8468-025EBFD09975}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{14CDA463-5BAD-41AE-B8B9-D2C2F12466A2}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{158C2858-CAED-4C56-80E8-25082065E5E2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{207C592B-A65E-4CD0-8EFD-9DE21F9AC35B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{20CC9500-6C6D-4FAD-9AA4-2332FF20B448}" = protocol=6 | dir=in | app=d:\ff14\squareenix\final fantasy xiv\ffxivboot.exe |
"{242656C5-E125-43DE-AC3A-11D64FD1AFAE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{24685AA1-5581-4137-BE0F-06276A2A3CA0}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{25344E81-8F5F-43CB-9948-05AAB3FB317A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{27AD8AFE-B54F-4577-8115-A154B4F05490}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{280E919D-C52E-45C7-B3E7-5184D035B989}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{28FA7956-D7AC-4DD3-AA95-105C1A79D93D}" = protocol=17 | dir=in | app=d:\bittorrent\bittorrent.exe |
"{29448AF4-F1F2-4687-8F46-9539639776F4}" = protocol=17 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike\hl.exe |
"{2C898769-1858-4F36-BCCA-27DE823E9328}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{2CB9E809-7D77-45F8-B250-E21B1C03E1E2}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{2D7DA1CB-DDAB-4C54-AD1A-197437F17B92}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{2F88AA94-B580-485D-9F6A-249D8E15A9CE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magicka\magicka.exe |
"{2FB9EF73-8E80-4A7B-A2C8-CB63A13C2B64}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{363BAE9A-ED63-41DE-8691-3BEB2325A661}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{389BBD7D-2CDF-421E-89D9-ED9E17B44072}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B8B264A-33B5-4C18-975B-EE78DE879307}" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{3BBB80E2-F734-48DB-8C40-DADEED1E4E48}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{40F2B205-37DD-45A7-8EA3-F544EBA7E3AD}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{418DAE0A-B465-423B-931E-D52389649F13}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{437C69D3-2A0E-4EBB-A7FA-CB554BACA353}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{460AA5E4-4EFD-4D8B-8649-5AD5A715AFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{47712B32-655E-4154-AFC3-F6468DD9BC86}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{47C77F3B-1D1E-40FD-8AB8-346D3E30170E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CA09633-3261-46FE-A73D-DEF44872BBA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4DFC394F-06CE-446F-97F9-F365FF824AAA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{52FFDDB4-6443-46F8-A50B-F88031505ACD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{54507D3F-65F4-46D3-BAE6-19136F7D5379}" = protocol=6 | dir=in | app=d:\league of legends\lol.launcher.exe |
"{57BF04B1-E64B-4216-89D9-B6325A2FEDCA}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{59A315AD-6A8D-4E9A-9EEE-025C3867F956}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59B46779-897B-4411-B285-A8AC1C2617E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B7E2F16-7293-42CB-91FE-783CC24EB5FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5DA24D4C-8DFB-423B-BC2B-E5A849EE5C14}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{70131628-4F37-4161-81FE-D26E5FEA3672}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{70B94AFF-2D48-4FC3-B39B-58402400A1E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{721B197D-7AC6-48C2-9C1A-42307DE3EE7B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7408E49E-B8AE-471F-93D1-A22D2D4069C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magicka\magicka.exe |
"{76314F73-C892-4178-B782-06639B6D1BC5}" = protocol=17 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{78E91BED-720D-42C4-972E-02A583416AFF}" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{7929D5F5-7333-4BB2-B3FB-2BD5A6906B7E}" = protocol=6 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"{7962AEA0-3176-4FD8-BBCB-BE2A0295B908}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BCADAE3-0C53-4DF2-8D19-90E1A3D5E7A9}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{7C996479-A03C-421B-9B30-BF044DA051AA}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8122E0BE-4D50-4E21-A467-C982FB14A7EA}" = protocol=6 | dir=in | app=d:\swtor\launcher.exe |
"{815E3C1B-3216-47A1-A982-057BEB0F8377}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{83AA9437-6D10-453A-853A-8C2AFAD242CA}" = protocol=17 | dir=in | app=d:\swtor\launcher.exe |
"{83BAD8B0-9BDE-452D-81C5-91D9152E463D}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{861E24D1-5D97-4065-B73F-D0B6361D364E}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{8DE834F1-BDE1-4A1D-8111-82EA8B708336}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0F6C14-26D9-4D2F-92AB-0A3AAF466EC0}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\local\apps\2.0\86p2pjto.49x\p59g20he.pqx\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{8E75FE85-9EA8-46F5-8CE1-B40849A0EA7B}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{8F82BB43-A286-45A8-A530-667362660D6E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{8FBB5F84-AD7C-4F4A-BF70-BBF688816D70}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{9617EE7E-6D5B-477D-8494-2F60DAAAE3F9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{969E4652-9AFD-4B71-B83C-5A2F10709D01}" = protocol=17 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"{96F5ABBF-7301-4A0A-9CAC-D03556A60575}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"{9B096FD4-4A75-4329-B8B5-BD6B082F8058}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9C2EF51A-7138-48C0-BC79-CCC29C331DCB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E4EE8B7-5FE7-429D-A24B-6AE41D581B5F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{9FC83379-4808-4702-A1C5-6BF9F035482C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{A149F9FC-3B41-4E82-975C-D8480DBEC91C}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{A41B84C3-9D7F-4F4C-A80A-D52C2F52C5AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A61AF2B6-0ACE-4EB7-A265-519BE8F02CBD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{AAF616AB-3258-4B0B-B13B-7C444DD65228}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\local\akamai\netsession_win.exe |
"{AEA8EE92-FAF5-4625-B626-34765E5FC5CD}" = protocol=6 | dir=in | app=d:\swtor\launcher.exe |
"{AFE6E651-39FB-42C9-A951-075B353B91F5}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\local\apps\2.0\86p2pjto.49x\p59g20he.pqx\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\curseclient.exe |
"{B3FD8C89-A520-46E4-9482-38747389C444}" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{BA56FD1A-6B55-436D-8F07-AA5226B9F4BB}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"{BB082149-5384-402F-A5F0-153429ADC3B6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{BB4A5469-56F0-4442-92A1-D51966AA019F}" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
"{BBA333A3-088F-4531-B977-0BE9CDF54EDE}" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"{BE374FBD-201F-43BE-8A95-D978A1B148A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C087E23A-F56C-465D-AF9F-BE19E6167608}" = protocol=17 | dir=in | app=d:\dragon nest\dragonnest.exe |
"{C0DAA1A7-276F-4A03-AC70-9E44384B3831}" = protocol=6 | dir=in | app=d:\dragon nest\dragonnest.exe |
"{C1AEA930-8AC9-4391-971E-8C11302F6D82}" = protocol=6 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{C1BD6C82-3881-4B6F-8DAE-5683A7055AD1}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\local\akamai\netsession_win.exe |
"{C3A2B0FB-993D-49DC-8DF8-9418FD282572}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3F7C2AC-91C3-4F83-BDDA-94079AD0D697}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{C6CEF7A5-0E91-4DF9-9F1B-D3F4915E902E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C7AEE773-FCED-40CB-877B-145D0EC1EB7C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CF660575-4EA4-4A22-BAC9-FBDC8D8D910F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{CF9CF928-C3A0-4177-BE7E-D625ECCCB25A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{D0450D7E-3F70-4729-B9C6-8C38477A560D}" = protocol=6 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike source\hl2.exe |
"{D0DB9684-F755-48EE-BF2A-90F1E8098203}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{D153E2C7-8189-4177-B53C-0CD8661B5C1A}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{D6CA6D61-C6EB-4507-83A4-46225400D44B}" = protocol=17 | dir=in | app=d:\league of legends\lol.launcher.exe |
"{D7E0E58C-3EF3-42A2-B5D4-B45183970E01}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D84E7D49-3997-4987-8B11-BEC3F639C368}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D8AA5C5C-AF1E-4F1B-981F-545851A63F90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D9524492-ECAA-412A-987F-3E1E4653AA35}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC880B4E-97EA-4C9A-A531-2E52342CD0D8}" = protocol=17 | dir=in | app=d:\swtor\launcher.exe |
"{DF2207C6-1A60-45E8-9F41-816D318DAC45}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{E0C9609B-755F-45E7-8AAF-4237EFF0549D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe |
"{E8E800E6-EB9C-415E-9EFE-D3AFAD395D9E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EC3CE8B6-6ED0-4D9D-8179-55565AEEC172}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC812715-0A2B-42DC-80F1-98D89DF3D0C1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe |
"{EE258E7F-8404-4E41-B3BF-E101A7246C7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EFF78B35-A817-4B78-8C2D-70853EB5C0D5}" = protocol=17 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike source\hl2.exe |
"{F2B91EE5-72F3-45F7-8DF2-FDE0E35B5271}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{F3461369-DC4A-4155-9741-FBC4E68FC9B2}" = protocol=17 | dir=in | app=d:\ff14\squareenix\final fantasy xiv\ffxivboot.exe |
"{F398E91E-5D9B-4696-BE73-19E2714C80CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\go7hic@hotmail.com\counter-strike\hl.exe |
"{F5E6069B-22D6-42C8-A97D-36BD4BCD846C}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{F67A997F-EFD7-4C5F-A1E3-11E268FBC378}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F78FDBD4-8C30-4AF7-8291-A56EB3C23A01}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{FD4679EF-6F0C-4D32-A4ED-8FBABDBBBAA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FF0A0680-1D1D-49D1-B777-A08D972A39FD}" = protocol=6 | dir=out | app=system |
"TCP Query User{17C8F416-3260-409C-A46D-4F8A9F320C26}D:\java\bin\java.exe" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"TCP Query User{2A8FC19E-B318-4DE9-9E42-7E563F553C2B}F:\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=f:\dc universe online live\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{3D81D930-DB3D-46EF-A89C-DF01BCE26D4C}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{4444A59C-FD41-4892-BB74-7C590B06FD10}F:\star wars the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=f:\star wars the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{997AA031-6AFA-4620-A1AB-631D5BC01F16}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{CA5F7B8A-E8A3-4F7D-9267-AFC647D23A7A}D:\java\bin\javaw.exe" = protocol=6 | dir=in | app=d:\java\bin\javaw.exe |
"TCP Query User{F3BD8FBF-6BCE-4F7A-872F-43ABDD07601A}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{119780BF-06BE-4416-B875-AB2A527EF5B0}F:\star wars the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=f:\star wars the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{425B978B-BD4E-4BBC-B5EE-ACB01942D4C4}D:\java\bin\javaw.exe" = protocol=17 | dir=in | app=d:\java\bin\javaw.exe |
"UDP Query User{58CC67FC-D153-437D-A213-AC55FDD5FE57}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{84A583FE-3BE0-494F-81C0-71A02F626865}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{9D264B53-8BFC-4090-A721-911956757C4B}D:\java\bin\java.exe" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
"UDP Query User{A9D8EA52-B153-4E3D-BABA-F4B25C57883A}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{E310657D-7B40-4679-B831-3DA20801B6B1}F:\dc universe online live\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=f:\dc universe online live\unreal3\binaries\win32\dcgame.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F42AB02-6626-45DE-AA69-E141FDB82CDF}" = Vegas Pro 9.0 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}" = PDF-XChange Viewer
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0429B343-D023-4524-89BC-0478E0D9E3C3}" = Sound Blaster World of Warcraft Headset
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 vibration driver version 0.100
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{55725CAB-ED4D-4169-A22E-20249EFCF2B5}" = Ragnarok_Europe
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{70184743-6B98-4DEA-A847-9B8B3F6F56ED}" = XSplit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.6.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BitTorrent" = BitTorrent
"CraftBukkit" = CraftBukkit
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"jdownloader09" = JDownloader 0.9
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Messenger Plus!" = Messenger Plus! 6
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"ScummVM_is1" = ScummVM 1.0.0
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 42910" = Magicka
"Steam App 570" = Dota 2
"Steam App 57300" = Amnesia: The Dark Descent
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.3.7
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"GameRanger" = GameRanger
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.06.2012 19:24:21 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll,
Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x000ccb60 ID des fehlerhaften Prozesses: 0x1544 Startzeit der fehlerhaften Anwendung:
0x01cd4da96aef7fd4 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
Berichtskennung:
bb2335c3-b99c-11e1-8357-90e6ba1e8a94
Error - 19.06.2012 20:00:55 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x794 Startzeit der fehlerhaften Anwendung: 0x01cd4e57c97bc5ca Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 01262a5f-ba6b-11e1-9fdd-90e6ba1e8a94
Error - 20.06.2012 18:46:11 | Computer Name = Omega | Source = Application Hang | ID = 1002
Description = Programm LolClient.exe, Version 2.0.2.12610 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 162c Startzeit: 01cd4f325560ef6a Endzeit: 3 Anwendungspfad: D:\League
of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Berichts-ID:
b90ba466-bb29-11e1-9728-90e6ba1e8a94
Error - 21.06.2012 09:01:13 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x1124 Startzeit der fehlerhaften Anwendung: 0x01cd4fa6afa5cd7d Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 2dc59b84-bba1-11e1-a879-90e6ba1e8a94
Error - 21.06.2012 13:21:50 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.06.2012 19:17:41 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880,
Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000781a4 ID des fehlerhaften
Prozesses: 0x568 Startzeit der fehlerhaften Anwendung: 0x01cd4fe056de3317 Pfad der
fehlerhaften Anwendung: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.150\deploy\Adobe
AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 4bfbb0bf-bbf7-11e1-a879-90e6ba1e8a94
Error - 21.06.2012 21:49:57 | Computer Name = Omega | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 0.0.0.0,
Zeitstempel: 0x49d43eaf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x5c0 Startzeit der fehlerhaften Anwendung: 0x01cd4f9f6bb41aee Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 91bca406-bc0c-11e1-a879-90e6ba1e8a94
Error - 24.06.2012 08:50:12 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.06.2012 07:34:30 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.06.2012 08:55:02 | Computer Name = Omega | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "D:\XSplit\Cultures\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 21.10.2010 09:13:46 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 15:13:46 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 27.03.2011 10:00:23 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 16:00:23 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 27.03.2011 10:02:24 | Computer Name = Omega | Source = MCUpdate | ID = 0
Description = 16:02:00 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)
[ System Events ]
Error - 07.12.2012 10:48:17 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:21 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:23 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:55 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:48:59 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:05 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:15 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:16 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:49:19 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
Error - 07.12.2012 10:51:35 | Computer Name = Omega | Source = WMPNetworkSvc | ID = 866329
Description =
< End of report >
Danke im Voraus^^ |
| Themen zu Firefox, Umleitungen und Internetstörungen. |
| .dll, antivir, application/pdf:, avg, desktop, einloggen, eudora, fehler, firefox, free, google, hängen, install.exe, java6, jdownloader, league of legends, leitet, libusb0.sys, log, lösung, modul, msvcrt, nvidia update, plug-in, problem, probleme, programme, prozesse, registry, reset, seiten, störungen, svchost.exe, system32, tracker, vdeck.exe, warnung, windows |
Baum-Darstellung