| |  Why do I see this Page
 Einleitung:Ich habe Virus blaaaaaa hilfe Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:18 on 19/03/2013 (test_2)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
| Zitat:
OTL logfile created on: 19.03.2013 18:54:23 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\test_2\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 40,30% Memory free
6,71 Gb Paging File | 4,60 Gb Available in Paging File | 68,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 614,53 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,94 Gb Free Space | 44,69% Space Free | Partition Type: FAT32
Drive E: | 752,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: JUKI-PC | User Name: test_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.19 18:26:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\test_2\Desktop\OTL.exe
PRC - [2013.03.11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2013.03.06 16:30:44 | 004,161,888 | ---- | M] (TeamViewer GmbH) -- c:\Programme\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013.03.06 16:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.03.06 16:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.03.06 16:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\tv_w32.exe
PRC - [2013.02.12 14:10:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.12 14:09:18 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.02.12 14:09:16 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.12 14:09:13 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.01.11 06:42:22 | 000,100,864 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012.12.21 10:15:42 | 001,463,000 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.15 12:19:04 | 000,222,368 | ---- | M] () -- C:\Programme\Amazon Browser Bar\ToolbarUpdaterService.exe
PRC - [2010.08.23 13:40:26 | 012,710,600 | ---- | M] (MAXON Computer GmbH) -- C:\Programme\Cinema 4D R12\CINEMA 4D.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7311\Monitor.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Programme\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013.03.11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Programme\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013.03.11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Programme\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2010.08.30 11:32:46 | 001,299,144 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\xtensions\xtensions.cdl
MOD - [2010.08.30 11:32:32 | 002,347,720 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\objects\objects.cdl
MOD - [2010.08.30 11:31:48 | 000,312,008 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\shader\shader.cdl
MOD - [2010.08.30 11:31:36 | 002,765,512 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\newman\newman.cdl
MOD - [2010.08.30 11:31:26 | 002,360,008 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\modeling\modeling.cdl
MOD - [2010.08.30 11:28:50 | 000,561,864 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\gv\expressiontag\expressiontag.cdl
MOD - [2010.08.30 11:28:42 | 000,262,856 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\addons\addons.cdl
MOD - [2010.08.30 11:28:34 | 000,545,480 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\gv\graphviewcore\graphviewcore.cdl
MOD - [2010.08.30 11:26:58 | 001,872,584 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\onlineupdater\onlineupdater.cdl
MOD - [2010.08.30 11:26:42 | 002,876,104 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\ca\characteranim.cdl
MOD - [2010.08.30 11:25:44 | 000,725,704 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\browser\browser.cdl
MOD - [2010.08.30 11:25:12 | 000,590,536 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\bitmapfilter\bitmapfilter.cdl
MOD - [2010.08.30 11:25:00 | 000,148,168 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\allplan\allplan.cdl
MOD - [2010.08.30 11:24:54 | 000,193,224 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\bp2lw\bp2lw.cdl
MOD - [2010.08.30 11:24:50 | 000,176,840 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\bp2max\bp2max.cdl
MOD - [2010.08.30 11:24:48 | 000,209,608 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\bp2maya\bp2maya.cdl
MOD - [2010.08.30 11:24:44 | 000,344,776 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\compositing\compositing.cdl
MOD - [2010.08.30 11:24:38 | 000,156,360 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\bp2xsi\bp2xsi.cdl
MOD - [2010.08.30 11:24:32 | 001,471,176 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\sla\sla.cdl
MOD - [2010.08.30 11:24:12 | 000,451,272 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\dwgobjects\dwgobjects.cdl
MOD - [2010.08.30 11:24:08 | 000,565,960 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\relaxuv\relaxuv.cdl
MOD - [2010.08.30 11:24:06 | 001,172,168 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\python\python.cdl
MOD - [2010.08.30 11:23:46 | 000,250,568 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\onlinehelp\onlinehelp.cdl
MOD - [2010.08.30 11:23:20 | 000,189,128 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\spacemouse\spacemouse.cdl
MOD - [2010.08.30 11:16:14 | 000,127,688 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\updatemerge\updatemerge.cdl
MOD - [2010.08.30 11:15:54 | 000,103,112 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\openexr\openexr.cdl
MOD - [2010.08.30 11:15:28 | 000,152,264 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\ImportVW\VWImport.cdl
MOD - [2010.08.30 11:15:22 | 003,281,608 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\fbx2010\fbx2010.cdl
MOD - [2010.08.30 11:15:18 | 007,287,496 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\dwg\dwg.cdl
MOD - [2010.08.30 11:15:16 | 002,962,120 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\collada\collada.cdl
MOD - [2010.08.30 11:15:04 | 000,114,688 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\ArchiCADExchange\ArchiCADExchange.cdl
MOD - [2010.08.23 13:45:14 | 000,536,576 | ---- | M] () -- C:\Programme\Cinema 4D R12\resource\modules\openexr\openexrlib.dll
MOD - [2010.08.19 02:40:08 | 000,332,488 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\mocca\mocca\mocca.cdl
MOD - [2010.08.17 13:56:36 | 002,245,320 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\advanced render\cineman\cineman.cdl
MOD - [2010.08.17 13:53:56 | 002,228,936 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\hair\hair.cdl
MOD - [2010.08.17 13:51:02 | 001,057,480 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\sketch\sketch.cdl
MOD - [2010.08.17 13:49:34 | 001,016,520 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\advanced render\advanced render\advancedrender.cdl
MOD - [2010.08.17 13:49:28 | 001,860,296 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\advanced render\sky\sky.cdl
MOD - [2010.08.17 13:48:26 | 000,451,272 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\Engineering Extension Kit\iges\iges.cdl
MOD - [2010.08.17 13:48:14 | 000,684,744 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\mocca\ca2\ca2.cdl
MOD - [2010.08.17 13:47:52 | 000,434,888 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\Architecture Extension Kit\walkthrough\walkthrough.cdl
MOD - [2010.08.17 13:47:36 | 000,336,584 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\mocca\clothilde\clothilde.cdl
MOD - [2010.08.17 13:47:22 | 000,664,264 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\Thinking Particles\tpoperators\tpoperators.cdl
MOD - [2010.08.17 13:47:06 | 000,418,504 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\Thinking Particles\Thinking Particles\thinkingparticles.cdl
MOD - [2010.08.17 13:44:36 | 001,942,216 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\mograph\motiongraphics.cdl
MOD - [2010.08.17 13:43:24 | 001,979,080 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\dynamics2\dynamics2.cdl
MOD - [2010.08.05 10:09:48 | 000,127,688 | ---- | M] () -- C:\Programme\Cinema 4D R12\modules\Engineering Extension Kit\OkinoComClient\OkinoComClient.cdl
MOD - [2008.09.16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe /SERVICE -- (IBUpdaterService)
SRV - [2013.03.06 16:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.12 14:10:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.12 14:09:16 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.11 06:42:22 | 000,100,864 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.23 16:10:00 | 004,598,456 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2012.05.15 12:19:04 | 000,222,368 | ---- | M] () [Auto | Running] -- C:\Programme\Amazon Browser Bar\ToolbarUpdaterService.exe -- (Updater Service for AMZN)
SRV - [2011.04.29 22:59:32 | 000,227,840 | ---- | M] (Mp3Tube) [Disabled | Stopped] -- C:\Programme\Mp3Tube Toolbar\Mp3TubeSvc.exe -- (Mp3Tube Toolbar Service)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.08 23:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\qfdqdats.sys -- (qfdqdats)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2012.12.11 14:29:05 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.12.11 14:29:04 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.16 20:17:15 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.02.11 22:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.10.21 10:10:18 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2009.06.21 11:52:19 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.30 16:53:56 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/04/22 16:10:50] [Kernel | Auto | Running] -- C:\Programme\HomeCinema\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007.09.21 08:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.03.14 10:57:56 | 000,449,024 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2004.03.09 11:18:09 | 000,065,504 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.03.09 10:45:49 | 000,077,184 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\mam und dad\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=hp&exp=true
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=ds&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=ds&q={searchTerms}
IE - HKCU\..\URLSearchHook: {1d053bb5-c922-44e3-9910-66585f017505} - No CLSID value found
IE - HKCU\..\URLSearchHook: {adca5064-9e30-43fe-9856-58b07a3149fe} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=GB&userid=1daa04df-4612-4f40-8442-8c8369c736b3&searchtype=ds&q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109986&tt=100512_3_&babsrc=SP_ss&mntrId=cedae3900000000000000022436b3f31
IE - HKCU\..\SearchScopes\{107C466A-FD40-43AC-B917-2E943D33D9F1}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{3C24962B-E2F5-40D1-8A13-795A7AA2335C}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3260501
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC
IE - HKCU\..\SearchScopes\{73C05A1F-EF4F-42D9-BA7B-13722BCF798E}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{768352B9-8A5D-41CD-B0A7-BD0DB72BEC14}: "URL" = hxxp://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://search.chatzum.com/?q={SearchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{F0758EE8-AA5E-4C9E-93C4-05E8ECC3F6E7}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{F3B12371-1155-43C3-92B9-9E70AF035098}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\test_2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\test_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\11.0.19.0\firefox\extensions [2011.09.26 15:39:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.07.06 13:02:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.01.27 17:25:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{33044118-6597-4D2F-ABEA-7974BB185379}: C:\Users\test_2\AppData\Roaming\16001.006
[2012.12.09 10:54:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.27 15:50:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2010.12.13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}
CHR - homepage: hxxp://google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: (Enabled) = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.5_0\BabylonChromeToolBar.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\test_2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\test_2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: Facebook RED = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\djicdajegmppedmnlgkhgjgejlgeblei\1.0.1_0\
CHR - Extension: New Tab = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.2_0\
CHR - Extension: FreemakeGold = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flegfcibpcnhjcfmmpgckdobbiiogkda\2.3.19.11_0\
CHR - Extension: AdBlock = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Freemake Video Converter = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: ChatZum.com - Easy Pictures zoom = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.9_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: FreemakeTB = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgficikadnmmefckdecajlmffkbagomp\10.14.370.524_0\
CHR - Extension: FreemakeVideoConverterTB = C:\Users\test_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljimjhojfmofiknegekaamldkbbaccbh\2.3.19.11_0\
O1 HOSTS File: ([2013.03.19 17:10:09 | 000,010,410 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 198.167.139.182 google.com
O1 - Hosts: 198.167.139.182 www.google.ae
O1 - Hosts: 198.167.139.182 www.google.com.af
O1 - Hosts: 198.167.139.182 www.google.com.ag
O1 - Hosts: 198.167.139.182 www.google.off.ai
O1 - Hosts: 198.167.139.182 www.google.am
O1 - Hosts: 198.167.139.182 www.google.com.ar
O1 - Hosts: 198.167.139.182 www.google.as
O1 - Hosts: 198.167.139.182 www.google.at
O1 - Hosts: 198.167.139.182 www.google.com.au
O1 - Hosts: 198.167.139.182 www.google.az
O1 - Hosts: 198.167.139.182 www.google.ba
O1 - Hosts: 198.167.139.182 www.google.com.bd
O1 - Hosts: 198.167.139.182 www.google.be
O1 - Hosts: 198.167.139.182 www.google.bg
O1 - Hosts: 198.167.139.182 www.google.com.bh
O1 - Hosts: 198.167.139.182 www.google.bi
O1 - Hosts: 198.167.139.182 www.google.com.bo
O1 - Hosts: 198.167.139.182 www.google.com.br
O1 - Hosts: 198.167.139.182 www.google.bs
O1 - Hosts: 198.167.139.182 www.google.co.bw
O1 - Hosts: 198.167.139.182 www.google.com.bz
O1 - Hosts: 198.167.139.182 www.google.ca
O1 - Hosts: 198.167.139.182 www.google.cd
O1 - Hosts: 198.167.139.182 www.google.cg
O1 - Hosts: 313 more lines...
O2 - BHO: (DVDVideoSoftTB_DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\mam und dad\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O2 - BHO: (AlxHelper Class) - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Programme\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O2 - BHO: (TBSB09850 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\ChatZum Toolbar\tbunsyD865.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - !{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Mp3Tube Toolbar) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - C:\Program Files\Mp3Tube Toolbar\mp3tubetb.dll (Mp3Tube Toolbar)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Amazon Browser Bar) - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Programme\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1D053BB5-C922-44E3-9910-66585F017505} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [PAC7311_Monitor] C:\Windows\PixArt\PAC7311\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKCU..\Run: [Adobe(R) Updater] C:\Users\test_2\AppData\Roaming\Microsoft\Windows\Drivers\Drivers.exe File not found
O4 - HKCU..\Run: [HKCU] C:\Users\test_2\AppData\Roaming\WinDir\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [igfxpers] C:\Users\test_2\AppData\Local\Temp\dwm.exe File not found
O4 - HKCU..\Run: [Inspector] C:\Users\test_2\AppData\Roaming\Protector-cfhj.exe File not found
O4 - HKCU..\Run: [Java(TM)Runtime] C:\Users\test_2\AppData\Roaming\Microsoft\Windows\Java\Runtime.exe File not found
O4 - HKCU..\Run: [MicrosoftWindows] C:\Users\test_2\AppData\Roaming\Microsoft\update_windir23467.exe File not found
O4 - HKCU..\Run: [MS Sound Drivers] C:\Users\test_2\AppData\Local\Temp\Random Steam Keygen.exe File not found
O4 - HKCU..\Run: [Policies] C:\System32\svchost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Userinit] C:\Users\test_2\AppData\Roaming\appConf32.exe File not found
O4 - HKCU..\Run: [Windows Updater] C:\Users\test_2\AppData\Local\Temp\wuauclt.exe File not found
O4 - HKCU..\Run: [WinUpdate] C:\Users\test_2\AppData\Roaming\WinUpdate.exe File not found
O4 - HKCU..\Run: [WinUpdtr] C:\Users\test_2\AppData\Roaming\WinUpdtr\Steam Keygen.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\test_2\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Value error. File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.10.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F419195-D135-4BD1-A7E0-AE5AFCA11483}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\test_2\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\test_2\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.12.01 15:43:08 | 000,000,000 | R--D | M] - E:\autorun -- [ UDF ]
O32 - AutoRun File - [2011.12.01 15:43:08 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{919d4e31-4a90-11de-b5b2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{919d4e31-4a90-11de-b5b2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdstart.exe -- [2011.12.01 15:43:08 | 001,419,984 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.19 18:26:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\test_2\Desktop\OTL.exe
[2013.03.19 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Roaming\TeamViewer
[2013.03.18 20:44:13 | 000,000,000 | ---D | C] -- C:\Users\test_2\Desktop\Neuer Ordner (2)
[2013.03.17 07:26:56 | 000,000,000 | ---D | C] -- C:\Users\test_2\Documents\Arma 3 Alpha - Other Profiles
[2013.03.17 07:23:58 | 000,000,000 | ---D | C] -- C:\Users\test_2\Documents\Arma 3 Alpha
[2013.03.17 07:23:58 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Local\Arma 3 Alpha
[2013.03.09 20:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Landwirtschafts Simulator 2011
[2013.03.09 20:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Landwirtschafts Simulator 2011
[2013.03.08 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\test_2\Documents\Nexus Mod Manager
[2013.03.08 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Local\Black_Tree_Gaming
[2013.03.08 15:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager
[2013.03.03 13:01:08 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Roaming\.minecraft
[2013.02.23 11:32:20 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Roaming\Teeworlds
[2013.02.23 11:04:39 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Roaming\Apple Computer
[2013.02.22 22:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013.02.22 22:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.22 22:09:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.02.22 12:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D
[2013.02.22 12:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\Cinema 4D R12
[2013.02.21 17:34:09 | 000,000,000 | ---D | C] -- C:\Users\test_2\AppData\Roaming\MAXON
[2013.02.18 15:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2013.02.18 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon Browser Bar
[2013.02.18 15:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.02.18 15:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\test_2\AppData\Roaming\*.tmp files -> C:\Users\test_2\AppData\Roaming\*.tmp -> ]
[2 C:\Users\test_2\*.tmp files -> C:\Users\test_2\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.19 18:57:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.19 18:48:59 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1000UA.job
[2013.03.19 18:26:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\test_2\Desktop\OTL.exe
[2013.03.19 18:21:28 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 18:20:52 | 000,004,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 18:20:51 | 000,004,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 18:20:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.19 18:20:41 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.19 18:19:05 | 000,000,020 | ---- | M] () -- C:\Users\test_2\defogger_reenable
[2013.03.19 18:17:59 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1003UA.job
[2013.03.19 18:17:59 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1003Core.job
[2013.03.19 18:12:46 | 000,050,477 | ---- | M] () -- C:\Users\test_2\Desktop\Defogger.exe
[2013.03.19 17:23:16 | 000,596,036 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.19 17:23:15 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.03.19 17:23:15 | 000,126,486 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.03.19 17:23:15 | 000,104,110 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.19 16:32:59 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1000UA.job
[2013.03.19 16:27:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1005UA.job
[2013.03.19 16:21:59 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1006UA.job
[2013.03.19 16:09:59 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1002UA.job
[2013.03.19 08:49:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1000Core.job
[2013.03.18 22:22:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1006Core.job
[2013.03.18 19:09:59 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1002Core.job
[2013.03.18 13:27:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1005Core.job
[2013.03.17 01:32:59 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1317817364-592537932-3020792247-1000Core.job
[2013.03.16 17:05:57 | 000,001,181 | ---- | M] () -- C:\Users\test_2\Desktop\Euro Truck Simulator 2 ausführen.lnk
[2013.02.25 16:42:45 | 000,053,248 | ---- | M] () -- C:\Users\test_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.22 12:48:16 | 000,000,848 | ---- | M] () -- C:\Users\test_2\Desktop\CINEMA 4D.lnk
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\test_2\AppData\Roaming\*.tmp files -> C:\Users\test_2\AppData\Roaming\*.tmp -> ]
[2 C:\Users\test_2\*.tmp files -> C:\Users\test_2\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.19 18:18:20 | 000,000,020 | ---- | C] () -- C:\Users\test_2\defogger_reenable
[2013.03.19 18:12:56 | 000,050,477 | ---- | C] () -- C:\Users\test_2\Desktop\Defogger.exe
[2013.03.16 17:05:57 | 000,001,181 | ---- | C] () -- C:\Users\test_2\Desktop\Euro Truck Simulator 2 ausführen.lnk
[2013.02.22 22:11:03 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.02.22 12:48:16 | 000,000,848 | ---- | C] () -- C:\Users\test_2\Desktop\CINEMA 4D.lnk
[2013.01.07 17:35:14 | 000,000,032 | ---- | C] () -- C:\Users\test_2\jagex_cl_runescape_LIVE.dat
[2012.10.30 17:39:32 | 000,000,051 | ---- | C] () -- C:\Users\test_2\AppData\Roaming\blckdom.res
[2012.09.21 14:23:56 | 000,138,904 | ---- | C] () -- C:\Users\test_2\AppData\Roaming\PnkBstrK.sys
[2012.09.09 08:53:46 | 000,000,132 | ---- | C] () -- C:\Users\test_2\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012.07.01 14:35:21 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2012.05.31 06:39:51 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.05.26 11:55:20 | 000,000,680 | ---- | C] () -- C:\Users\test_2\AppData\Local\d3d9caps.dat
[2012.03.24 00:10:08 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.03.24 00:09:40 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.03.24 00:09:39 | 000,794,408 | ---- | C] () -- C:\Windows\System32\Pbsvc.exe
[2012.03.24 00:09:39 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.03.16 12:57:37 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.02.25 10:35:07 | 000,053,248 | ---- | C] () -- C:\Users\test_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.06 20:25:26 | 000,000,867 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2012.02.06 20:25:24 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP7311.ini
[2012.02.06 20:21:34 | 000,106,496 | ---- | C] () -- C:\Windows\JAPI.DLL
[2012.02.06 20:21:34 | 000,035,600 | ---- | C] () -- C:\Windows\AMCAP.EXE
[2012.02.06 20:21:34 | 000,000,392 | ---- | C] () -- C:\Windows\WebEye.ini
[2012.02.06 20:21:10 | 000,172,032 | ---- | C] () -- C:\Windows\JAPI2.DLL
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.26 15:39:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\a5200dfca975a5e14ffe8d30b685e64a_c
[2005.09.13 17:12:58 | 000,167,322 | -H-- | C] () -- C:\Users\test_2\AppData\Roaming\test_2log.dat
========== ZeroAccess Check ==========
[2011.11.18 21:23:34 | 000,002,048 | -HS- | M] () -- C:\Users\test_2\AppData\Local\{5eb00754-7274-ecab-2731-8b37b3a38837}\@
[2011.11.18 21:23:34 | 000,000,000 | -HSD | M] -- C:\Users\test_2\AppData\Local\{5eb00754-7274-ecab-2731-8b37b3a38837}\L
[2011.11.18 21:23:34 | 000,000,000 | -HSD | M] -- C:\Users\test_2\AppData\Local\{5eb00754-7274-ecab-2731-8b37b3a38837}\U
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"ThreadingModel" = Both
"" = C:\Users\test_2\AppData\Local\{5eb00754-7274-ecab-2731-8b37b3a38837}\n.
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-1317817364-592537932-3020792247-1005\$5eb007547274ecab27318b37b3a38837\n.
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.03.19 18:34:50 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\.minecraft
[2012.04.21 13:30:39 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\.Nitrous
[2013.01.02 11:23:16 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.01.01 14:55:53 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\Command & Conquer 3 Tiberium Wars Demo
[2013.01.27 17:13:18 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\DVDVideoSoft
[2012.11.11 14:06:05 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\fizzy
[2013.02.23 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\MAXON
[2012.12.26 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\MTE
[2013.01.27 17:21:04 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\OpenCandy
[2012.10.18 15:56:36 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\OpenOffice.org
[2013.01.26 11:50:27 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\Origin
[2013.01.01 22:06:08 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\PDAppFlex
[2012.12.09 19:59:44 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\Rovio
[2013.03.19 17:31:19 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\TeamViewer
[2012.11.09 13:51:13 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\TechSmith
[2013.02.23 12:13:50 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\Teeworlds
[2012.08.05 14:47:22 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\TS3Client
[2012.12.11 13:29:35 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\TuneUp Software
[2012.10.28 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\test_2\AppData\Roaming\Unity
[2005.08.25 04:20:56 | 000,000,000 | RHSD | M] -- C:\Users\test_2\AppData\Roaming\WinDir
========== Purity Check ==========
< End of report >
| Zitat:
OTL Extras logfile created on: 19.03.2013 18:27:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\test_2\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 58,65% Memory free
6,71 Gb Paging File | 5,30 Gb Available in Paging File | 79,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 615,50 Gb Free Space | 67,53% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,94 Gb Free Space | 44,69% Space Free | Partition Type: FAT32
Drive E: | 752,84 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: JUKI-PC | User Name: test_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B3F8AD6-E838-4D6E-9C92-7A60FC8CF47E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FE1C36A-0DA6-42A7-A318-4CAA9A215C05}" = rport=445 | protocol=6 | dir=out | app=system |
"{1C4F69C7-6B15-4164-8225-361B3C0931FA}" = lport=445 | protocol=6 | dir=in | app=system |
"{25B0BC20-8A7B-4663-B1E1-18502AAC00D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2F124CDE-6702-41D9-A3C4-2F4161EDEAF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{318062EB-FEFC-4406-A2D5-1A04E7F06E0E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4273856F-23AA-4AF5-AFCD-113211933B90}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4D45CB77-DE7B-43B5-BC9A-C33FD0EC40E2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4DA75FFB-B83F-44B5-B1E5-1D4047914FFB}" = lport=137 | protocol=17 | dir=in | app=system |
"{56696065-60CE-4100-BBC1-68EBE5C1C3B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5EEB81CE-0E10-4083-8784-68F660BC4B69}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CB6F4E6-17C6-40B6-8CF2-6B3E7F75FF25}" = lport=139 | protocol=6 | dir=in | app=system |
"{7096331D-9E0A-429F-B9D5-64B7993A50DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78CFA3CE-6B64-47D7-B3C6-A4187120292B}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D34B8B4-89CE-4E00-963D-76B568586FCF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A67AB1D-D9BB-494E-993B-8FEBE1F87A1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{8B8FB2AD-24CE-4D63-A3D2-C1FD47A87599}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97F2C13C-201C-4E9A-BAED-EFF8A550F12D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9B194793-DA50-46EB-B60C-313A420C847C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7E1261F-0B21-4EB7-9F9E-974DACCA6764}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB37B359-F87D-4068-A626-FEA75D6C2F34}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B4AE7EA7-D674-4578-B919-0B887911AE05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4E4ADE8-3CBF-4BE9-A62B-628FED0EA481}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BA4F8EBE-9EDA-4D66-B239-D2EA53F56C54}" = rport=139 | protocol=6 | dir=out | app=system |
"{C3927D80-FFD0-4A87-B705-DF4EEED25D90}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D131439A-B241-406F-B107-2ABFAB92236E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D238F3DA-2F3F-42B8-8455-E7793983D66E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB7F31D6-813D-4914-8FDB-0028B99FEBC2}" = lport=138 | protocol=17 | dir=in | app=system |
"{DE2BFA6F-5C41-48B7-81D2-7A12ACCF9F0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E63BBE-2BB1-4FE9-B936-49EE6A14D2CF}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{02B1A3A3-E6F9-4601-A3B3-B8CEE05BE901}" = dir=in | app=c:\program files\homecinema\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{05CD6C43-320E-4D9E-B64F-B40F0B0F14AE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\skyrim\skyrimlauncher.exe |
"{063A59A9-1AF0-43A2-996D-8BBDC5D79179}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{063FE53B-4201-4845-A1AF-E7AA4690A142}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{0716424C-2EA2-4A8D-83E0-07DC9B6CAE35}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe |
"{0CF13425-2B1B-419D-80EA-BD83A5699A60}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{0DDCA841-62F5-46F5-9AF5-E4AD21B84FFB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{0E7C3FD2-159C-4E36-91EA-A9B88FC9318C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\mafia ii\pc\mafia2.exe |
"{0ECBACF3-74E2-4EB5-A333-B286FE0BFC2C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{0F452BCC-7F83-4D44-BCEE-4BA3A2135907}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10E81DF8-EB4C-4CAB-BAEF-9BBEDB10CA78}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{12E45E73-7658-4EEA-8E97-2C7A5639D019}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{15EC7F5A-3D89-4C0F-B5F8-6E9F9790A3C5}" = protocol=6 | dir=in | app=c:\program files\steam\appcache\httpcache\10\steam.exe |
"{170653D6-CDCE-4F9F-A747-224A395DFFFA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1807BF05-2FCE-4F14-BFE7-F7689AF197F0}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{1A74FCE4-FAE9-485B-9DF6-EB4AA626D3DF}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1E827984-02C6-4663-8164-2A6E2420BBD9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{246F36F5-CD07-4ED5-8299-1736C7E7D276}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe |
"{27FC2BEA-3485-43AC-961F-C718965E90D1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{28659B51-CCF7-44F1-A06A-01FE3828BBF7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\left 4 dead 2\left4dead2.exe |
"{2B76B87B-DD26-443A-8E9A-6E1923E9FA78}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe |
"{2CEF40B5-D24D-4A28-BCBF-AD1E3B75B12C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{2ED672E0-B624-4473-9D82-BBAD23E82A79}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{308EFB5D-9090-4908-8532-E5D6FD38A896}" = protocol=17 | dir=in | app=c:\mafia\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{34DA6458-4298-4685-9B92-3F1BE050AAA6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6zm.exe |
"{37EB6EBB-14CF-423D-BE32-FA2A822D5000}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arma 3\arma3.exe |
"{38DC81CF-D14D-4704-8017-187FCEEF7137}" = protocol=6 | dir=in | app=c:\mafia\steamapps\common\portal 2\portal2.exe |
"{38EC1129-F6BC-49B5-832F-285BB6EAE695}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\game_launcher.exe |
"{390A98B6-E402-4375-A1E5-B437CA040B67}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3C89EC52-B001-4AB0-8E44-2713ACD02A06}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\farcry3.exe |
"{43F1458A-562E-4E2B-B9FD-017E5E8A435B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steam.exe |
"{4405058F-1957-4101-8717-D1E72E61816D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{44979C21-3ED9-411D-B54C-59019B15BCB7}" = protocol=6 | dir=in | app=c:\mafia\steam.exe |
"{449B1204-191D-41F4-AAF7-7B738293C994}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{44E3F3DA-D2F3-46F4-954A-4CD56F505E7E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{46AD2D5A-D5DA-4A65-B5EF-7F29A85462AB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{46C267AB-495E-4131-A949-1F3EBF18E6F6}" = protocol=6 | dir=in | app=c:\mafia\steamapps\common\mafia ii\pc\mafia2.exe |
"{472221F6-7384-4A76-810F-238FFCDDBDAC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\farcry3.exe |
"{4A89B357-5679-48E3-A074-75101820FD63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B6E9D21-0D82-4EAB-B0FF-CF9A6ECBF234}" = protocol=6 | dir=in | app=c:\mafia\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{4CAF27B8-51A5-4ECF-976B-C70260D23A4F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{4CF0CDA6-90C3-41EE-AEEF-88B16E577F97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F3140C0-DA5B-469D-AF4A-BABA2059B055}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe |
"{528A3959-848F-4DFE-A6B5-5BF05E52ACB9}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{57367F64-FBA7-4033-A424-C704D4160257}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{5B46585A-C0E7-4CCB-82FE-0B402D6E2D8A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{5C5D76A8-3840-4349-97B5-C5C189D9C722}" = dir=in | app=c:\program files\homecinema\powerdvd9\powerdvd9.exe |
"{5D3DB7D1-D410-42C6-BF3C-CFD2224A4627}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steam.exe |
"{5D664A61-EF6F-4E81-98CF-6BA04DD8BAB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E8B1DBC-2AF3-4A93-8F1D-7BA4103EB51B}" = protocol=17 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{62ABB3FD-821C-4CE1-ADE6-4385AE74A1A5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{6D796E77-9895-4B56-A11F-58389677A030}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\launchpad.exe |
"{6D898928-02F6-404C-944E-75DA9BD36150}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arma 3\arma3.exe |
"{74184BA8-1B23-4070-9EA0-E5B18A174ACE}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{7511BEED-EEA2-4D78-A60B-0B3A7B463DC3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{78E2D920-2E90-40F0-8224-CD188490CAFF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7A2E9BA0-678F-4DF1-BE5A-B6BF2521C2E7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7A3188D8-7F63-48B5-A30F-5EEEA7E30812}" = protocol=17 | dir=in | app=c:\mafia\steamapps\common\mafia ii\pc\mafia2.exe |
"{7AE558CE-BA0F-446C-B093-7C64729DE067}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7D90BD15-48F3-44C0-A9F0-C2A11241908C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steam.exe |
"{81F47644-A7BD-455B-A091-F2E3FB67DC51}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8240CB86-8E31-4509-9F21-4208D465E632}" = dir=in | app=c:\users\mam und dad\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{82E003A1-6D24-4596-B62E-2CC707DDC43A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\left 4 dead 2\left4dead2.exe |
"{83DCEE31-0026-4602-B6B2-21D5C8624C5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\left 4 dead 2\left4dead2.exe |
"{83F0DA3C-5B0B-49A9-AB77-5D8F7B90665F}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{860FFD01-CF85-4954-9195-F90BD7BC4124}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6mp.exe |
"{880BBB28-63C7-46BB-A171-D4343E03D84F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{895482EC-5036-49F7-A6C6-A59B66984FCA}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{8ABF70E5-9E58-4B38-893E-27C7E887BD99}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{8DAC9DB0-D42B-4F3D-9501-C70AA60AFF6D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{8DAD8F65-8770-49E1-BEE5-F0AA59164F1E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{918C1592-1355-4EBD-983F-CE16C21C7A80}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{93B1F3D8-B09D-40AE-8E6F-924A5BCFF94D}" = protocol=6 | dir=in | app=c:\users\matej\appdata\local\microsoft\windows\temporary internet files\content.ie5\kema84ia\sweetimsetup.exe |
"{949AF792-7C59-4C49-AEAB-B555E0FA70F5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird.exe |
"{950F70BF-1845-41C8-A318-E388EFC049B3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{9548DDF7-7331-4D0A-97D2-6501CB122005}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{956C5BC9-496A-4DBB-86C3-992DBD420693}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{96D2ECDB-51EF-4A48-9229-4CEE7F02799B}" = protocol=17 | dir=in | app=c:\program files\steam\appcache\httpcache\10\steam.exe |
"{98DC172B-ACDA-44DC-8D7A-8C047EF1E28E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FBAA37B-1C9D-4193-A822-1854FFD9E0CD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A10F8766-C84F-4F94-8FA7-F790F1FE1319}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A14EB92D-7BC3-4893-A298-F2538469FCD7}" = protocol=17 | dir=in | app=c:\mafia\steam.exe |
"{A38A7FF1-49CC-4E39-8F99-BE129FF6F878}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{A451EEFF-28ED-49EA-81AA-53A8584C290D}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{A50CCE2F-8E2E-4FEE-A882-5F7B37DCFDB2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{A8B96DB4-2494-4D64-9861-A9D93CDCFB84}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AA978BC2-6A68-4409-A4FB-22BA6FE9E9E1}" = protocol=6 | dir=in | app=c:\mafia\steamapps\common\mafia ii\pc\mafia2.exe |
"{AB1502D8-8BB4-42EF-8237-D3021F6CAC43}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{AC6784E2-5E97-42C3-8F67-3F08B737CC75}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3295EAB-4B18-4DF9-A50F-8BF6BEBBD6E9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\skyrim\skyrimlauncher.exe |
"{B43E900E-1B01-48A0-94AF-E53DD8AB2F05}" = protocol=6 | dir=in | app=c:\program files\cracked steam\steam.exe |
"{B51BBE9C-7768-4A86-B9D1-9AAAF54FE08D}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{B54EF9E9-86EE-4B63-AC94-5D419ADB8465}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B59F1D9D-00D8-4A8E-910D-72E25D4E1A90}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{B64D5931-A545-466D-8FDC-58AAD11A56FA}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{B8343BEA-69A1-4C4B-BF19-DAD7F0B1D79C}" = dir=in | app=c:\users\mamund~1\appdata\local\temp\ibtmpa341382\component_360.decrpt |
"{B8E4A8E8-AE0B-489E-B924-7877837333DF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird.exe |
"{BBDF03B5-2E53-47C1-9C84-646FD672268B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{BDA30BF2-C41B-43AB-98ED-F5E0CEBCFB9F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BFA191CB-A912-46FD-9CC2-564E290D30B7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\skyrim\skyrimlauncher.exe |
"{C1AA1D2F-FF6D-467B-9C37-85AC3D04C2C0}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{C311FCCF-BB31-4E2E-A191-A2AC23BE4665}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{C64B97B2-D39C-4A8C-82CF-3D08F27A54D6}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{C6EB1591-5865-4589-89C2-E3915E42F284}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{CCD69E3C-673F-4735-B89F-80E965A1A2B6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe |
"{D1C92B6F-4B04-4609-BEE3-D6D953262154}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D3E33055-BA4E-4717-94D2-F13C13C73D48}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\skyrim\skyrimlauncher.exe |
"{D5B97D7B-F6CB-47ED-964F-CFC867F0FF74}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{D6427CD3-5272-49A4-8325-E4EA23BC3EF5}" = dir=in | app=c:\users\mamund~1\appdata\local\temp\ibtmpa341382\component_358.decrpt |
"{D6D40C2E-8E49-4F25-A7DC-19B73463AB31}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\mafia ii\pc\mafia2.exe |
"{D8D59A66-40C1-4423-917A-009348A1F84A}" = protocol=17 | dir=in | app=c:\mafia\steamapps\common\portal 2\portal2.exe |
"{DA6005FC-A731-4102-87BA-F856A5E88BC3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DE74D102-EEAD-48E5-838F-B411D1181D1A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{DEF644AF-45BE-4901-B081-E1880F85D1BA}" = protocol=17 | dir=in | app=c:\mafia\steamapps\common\duke nukem forever demo\system\dukeforeverdemo.exe |
"{E01C3C70-7520-4894-8045-1A09A3893882}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\arcticcombat\gamelauncher_gp\mappingaccount.exe |
"{E11E688A-E8BD-4FEA-A4B2-CAD78BE2587E}" = protocol=6 | dir=out | app=system |
"{E29762C5-788F-491D-B2BF-C197437AADFE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steam.exe |
"{E34CBC62-DD6C-4A48-BC91-5F631990C2B6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6mp.exe |
"{E628B351-E610-413C-BA71-0879E05C3B7B}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{E7634CAF-AB96-402E-83BE-9E2BDA19E6B0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E7B72DB0-66CB-4595-AED6-61B377CCE651}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\game_launcher.exe |
"{E7D68DBE-671B-4A89-B2EF-68A89D26B145}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6zm.exe |
"{EA70029A-AF0A-4B47-88A6-792B05230C09}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE108225-1FEB-4B53-A2FE-0CA03493D42E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F2C55E5C-B65A-4370-AE82-A87D1A6862A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F43B27AC-9429-42DC-ACB1-BDD7D24C4526}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{F4E974EA-825C-4E8D-B276-4FB2754BB770}" = protocol=17 | dir=in | app=c:\users\matej\appdata\local\microsoft\windows\temporary internet files\content.ie5\kema84ia\sweetimsetup.exe |
"{F78B0999-88EE-4018-9FD0-35DA0CCEB1C9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F79F689D-7BE1-4FF1-94AD-F8DBFB454C2B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F998B916-46EF-40CC-8AB9-4B2601338BA3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\launchpad.exe |
"{FB3E152B-395A-4C20-B6B2-7CE9AA474239}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB42CD58-F790-4940-BDE8-816362D40EA9}" = protocol=17 | dir=in | app=c:\mafia\steamapps\common\mafia ii\pc\mafia2.exe |
"{FB6704DA-22F7-4FBE-B6D8-23E46A7A2FFA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FC176558-189C-455B-89E5-2DBA8E548552}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{FF608F20-1D9B-4385-A1BE-075ACD2D6040}" = protocol=6 | dir=in | app=c:\mafia\steamapps\common\duke nukem forever demo\system\dukeforeverdemo.exe |
"TCP Query User{085CC550-DB5F-4E0F-AFAE-7DBB53E7DA80}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{18452A50-989C-4FC2-BB41-78CD49344F20}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{1F05A97F-F6DE-4858-90EC-99E2759CB3D7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{1F39DEA2-9906-4A4A-810E-66110B44BB26}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{21EA89FC-BE33-48C6-BC00-CC9D3154DF2A}C:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{24E5BC90-931A-4BC6-90BF-6ECAABF3424A}C:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe |
"TCP Query User{2A1AF9BC-B9B5-4125-A824-FC1F4F8BCCE5}C:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe |
"TCP Query User{2CB5EB16-0A30-4B86-BA86-4E0BAA016E81}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{2E1EAD41-C972-468A-8432-644220053AA1}C:\users\matej 2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\matej 2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{2F899A1A-BA3E-4EB5-B216-D43DA201B2D5}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{3022DF63-9A5E-4434-AF71-EFCA2869484E}C:\users\matej.juki-pc\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\matej.juki-pc\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{3740C6E9-3692-4A8A-9BF9-2884E1B6F10A}C:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe" = protocol=6 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe |
"TCP Query User{37E5937E-D31E-4E7F-927C-D5CA91617B46}C:\program files\xfire\ua_lsp_inst.exe" = protocol=6 | dir=in | app=c:\program files\xfire\ua_lsp_inst.exe |
"TCP Query User{3CD6F0D3-1E00-4675-BE46-74F9A748259E}C:\program files\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty\codmp.exe |
"TCP Query User{4063F90F-8272-454D-A628-7290245ABA50}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{47343BD5-9B6F-448C-9BD6-C7FFAFC7B56E}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{4DB64911-BB29-4E8C-B161-95228A3D1F46}C:\users\juki\appdata\local\temp\rar$ex03.999\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex03.999\iw4mp.exe |
"TCP Query User{4ED4D2B6-A051-467F-8A78-BB9275DA74AA}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{55228030-DD50-4206-94BA-AB7F58D1EE68}C:\users\mam und dad\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\mam und dad\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{55E24738-5E2F-426D-AA3A-A82703DA1BD4}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{5E5AFC0C-10D7-4CD3-B1CC-EADC52A1BF5D}C:\program files\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game |
"TCP Query User{677AC9D5-FCBD-4610-A043-C02D5541ABC2}C:\program files\007 james bond nightfire\bond.exe" = protocol=6 | dir=in | app=c:\program files\007 james bond nightfire\bond.exe |
"TCP Query User{6EF05B60-A84B-49BC-8830-B42112696619}C:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{8C8D4066-1A28-4338-9C8E-BAF57D3E7C75}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{968D6CB4-0D0E-4041-BE22-C0162DD69A9A}C:\users\test_2\desktop\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\test_2\desktop\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{A08C383F-26FD-4EB0-8EC5-4D5852E3CBD7}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{A485FB6C-8D53-4C1D-BF3D-C08A8CF03CD7}C:\users\mam und dad\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\mam und dad\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{A5B1E07F-0C2E-4960-BC3F-5788142BBF39}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{A85DC276-8901-4D78-9FCC-8B549CAA52E7}C:\users\juki\appdata\local\temp\rar$ex05.977\iw4mp.exe" = protocol=6 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex05.977\iw4mp.exe |
"TCP Query User{ABA26560-3A9B-437B-8BFC-45703B5C03E8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B69B5CFB-8D4F-4A4C-A0EB-0C4C1D9F8CE5}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=6 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"TCP Query User{B8E5D86B-4239-4C7F-A3D4-6B9CC50B90A3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{BA19F509-1B93-4D7C-A98E-44435497FFCB}C:\program files\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=c:\program files\cossacks - back to war\dmcr.exe |
"TCP Query User{C160796E-2DDA-4D0B-893B-B7BF96016096}C:\program files\bohemia interactive\arma 2\arma2.exe" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe |
"TCP Query User{D1553A45-5034-4CC7-A02F-732C1927C5DB}C:\users\juki\appdata\local\temp\rar$ex00.697\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex00.697\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{D304E942-90AE-4EE7-A007-201C10993B43}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{D69049A4-0AA5-4C2B-AD80-ADB9F9A6E885}C:\users\juki\desktop\cod\c o d 4\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\juki\desktop\cod\c o d 4\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{D6FD029B-4225-488B-B3B7-FEB48C883E54}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{DC80F5F1-F106-4D68-BC6E-1D214D04F685}C:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe |
"TCP Query User{E1F7CA65-06A3-4FC2-907D-4F87E73B8B34}C:\users\juki\appdata\local\temp\rar$ex07.102\iw4mpold.exe" = protocol=6 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex07.102\iw4mpold.exe |
"TCP Query User{E5248BFB-D4E3-4C11-86BA-6A3253867C4F}C:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{EAA3004A-1631-4654-8776-85D9BEB6E6D8}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{EBF20E48-0491-4B68-8896-BE457409C357}C:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"TCP Query User{F0C026FD-10D2-4265-B216-2C3F6592AF27}C:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{F4DB3F8D-963C-4A62-A76E-47DCF48DCFCF}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{055DF65D-FC86-453E-9162-C08810DE861E}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{07A19CB7-377C-42F6-B624-2398C44D73C7}C:\program files\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=c:\program files\cossacks - back to war\dmcr.exe |
"UDP Query User{0AFC28D9-14D4-4B27-B01B-E3E63332F363}C:\users\juki\appdata\local\temp\rar$ex07.102\iw4mpold.exe" = protocol=17 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex07.102\iw4mpold.exe |
"UDP Query User{2052DF8E-9D73-4C95-896C-B7B310AA9EE1}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{2146D119-8EB7-4582-BFCA-2399997ABC7A}C:\program files\007 james bond nightfire\bond.exe" = protocol=17 | dir=in | app=c:\program files\007 james bond nightfire\bond.exe |
"UDP Query User{246622CF-D721-49FD-B1BE-4F6F80D19EF7}C:\users\juki\appdata\local\temp\rar$ex00.697\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex00.697\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{291CEBAE-3144-4A0A-BA2E-077E39D1AAD5}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{3291EED4-04A3-40F5-872E-CBB08A66167B}C:\program files\cossacks - the art of war\dmcr.exe" = protocol=17 | dir=in | app=c:\program files\cossacks - the art of war\dmcr.exe |
"UDP Query User{3299D5BA-71E5-4B9C-B522-F1793FCF4F7D}C:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\call of duty black ops ii\t6sp.exe |
"UDP Query User{364B9D2B-D611-4609-8B11-9077F1E5D98A}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{465DB3DC-F89C-4124-9D64-2C9CA3955B79}C:\program files\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty\codmp.exe |
"UDP Query User{52BB2891-B353-4F13-AF0B-5572AC2B3ECC}C:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{59EF0137-004B-4AE3-876F-ED53EBBF4D41}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{6116A483-104D-4439-BC75-0F5790636C02}C:\users\matej 2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\matej 2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{65500E4A-3E3E-4E5E-ACFC-637D76D83686}C:\users\juki\desktop\cod\c o d 4\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\juki\desktop\cod\c o d 4\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{666993EA-9ED1-4C58-9670-B588603D2365}C:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{69DB15F1-3599-4D5B-A82C-0846ECBA8A3D}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{6AD03B63-BAF7-40BA-92FB-8B466204CD94}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6B3D26CA-A2DF-42A1-8A98-F2FCC2C43292}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{6D74E2B0-DDA5-499F-B5C9-3711B260F4BB}C:\users\juki\appdata\local\temp\rar$ex05.977\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex05.977\iw4mp.exe |
"UDP Query User{6E27D7CC-FC9B-45A5-AEDF-191A7F95CA16}C:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\test_2\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{75F73322-DEE6-43FF-B71C-1A846D29A908}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{80DD18F2-1AB4-4485-A3E0-C43CBB6CDA37}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{87B0D1F8-F428-43FB-951A-7B9EA77B4E18}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{87D26ABD-A1CC-4C64-AF5F-07D1A6789BE7}C:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe |
"UDP Query User{89C0B3DD-65C2-4684-8E48-FE33161FEBE0}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{8D76C201-B793-4B62-B2B7-8202D0B8050E}C:\program files\xfire\ua_lsp_inst.exe" = protocol=17 | dir=in | app=c:\program files\xfire\ua_lsp_inst.exe |
"UDP Query User{90FF7EFB-B9C8-494D-A43C-C902996A39F4}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{A2F21581-3B65-4E15-9E17-0395B3DC4BAA}C:\users\mam und dad\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\mam und dad\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{A818964A-E3F1-49E3-BDF1-DAD4E666E2A8}C:\users\mam und dad\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\mam und dad\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{A8BAC84C-6BCC-4554-9C12-219C99A93477}C:\users\matej.juki-pc\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\matej.juki-pc\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{ACA3FABE-BC88-429B-AB78-325770B0B547}C:\users\test_2\desktop\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\test_2\desktop\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{AF1D40AD-7E4C-494E-A2BC-439FE68DA47C}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{B1BDAFE7-B2C5-4D1A-9E76-AE5268E80C2E}C:\program files\bohemia interactive\arma 2\arma2.exe" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma 2\arma2.exe |
"UDP Query User{B77C093C-CEF6-4736-BE39-8D2AAEF404CC}C:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe" = protocol=17 | dir=in | app=c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe |
"UDP Query User{C29F67C7-3A62-4CFA-BDC3-2770805000E7}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{C3D46753-8AFD-4393-8D58-39702BD3D96E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CEC9C91E-1F75-4E44-A95A-7B3D8891DA25}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{D369AD7E-7953-4023-B2B5-0E61C375D7E3}C:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{DF9393DE-35A4-4A2F-BA0E-68ADA7AAFDD1}C:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{EAF02AA3-BF5B-45FE-9CC2-DAB06D6DB437}C:\users\juki\appdata\local\temp\rar$ex03.999\iw4mp.exe" = protocol=17 | dir=in | app=c:\users\juki\appdata\local\temp\rar$ex03.999\iw4mp.exe |
"UDP Query User{EDD37E6A-49AE-4A48-86C1-928B3241E16F}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{F645D74C-3F09-4D02-B5C7-25232BB16D3A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{F761E9CB-70D7-4598-817D-94F7DBEB934D}C:\program files\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 4 tiberian twilight\data\cnc4.game |
"UDP Query User{FED0F587-E75F-4013-ACCF-739F5BC81A6E}C:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\sourcemods\steamapps\nero98755\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{332DB63A-14F2-465D-9C7E-B0D04353323F}" = RegistryReviver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D741B12-ACE9-4C3D-A006-3E4DAD22CBD2}" = VP-EYE
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires
"{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1" = Cinema 4D version R12
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACE914C9-4A83-456C-BF29-7A0F68C3461C}" = PC VGA Camer@
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon Browser Bar" = Amazon Browser Bar
"Avira AntiVir Desktop" = Avira Free Antivirus
"ChatZum Toolbar" = ChatZum Toolbar
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Combat Arms EU" = Combat Arms EU
"EdnaSE" = Edna Bricht Aus - Sammler Edition
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.2.1
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Minecraft Texturepack Editor" = Minecraft Texturepack Editor
"NoIPDUC" = No-IP DUC
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.7
"PunkBusterSvc" = PunkBuster Services
"QuestScan" = QuestScan 1.0 build 189
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam App 107410" = Arma 3 Alpha
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 204100" = Max Payne 3
"Steam App 212370" = Arctic Combat
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218230" = PlanetSide 2
"Steam App 220240" = Far Cry® 3
"Steam App 440" = Team Fortress 2
"Steam App 49520" = Borderlands 2
"Steam App 50130" = Mafia II
"Steam App 550" = Left 4 Dead 2
"Steam App 55230" = Saints Row: The Third
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamViewer 8" = TeamViewer 8
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"R4 3DS Emulator" = R4 3DS Emulator
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.03.2013 17:09:38 | Computer Name = juki-PC | Source = EventSystem | ID = 4622
Description =
Error - 18.03.2013 08:24:59 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.03.2013 14:27:06 | Computer Name = juki-PC | Source = Google Update | ID = 20
Description =
Error - 18.03.2013 15:57:44 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.03.2013 03:28:36 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.03.2013 08:35:57 | Computer Name = juki-PC | Source = Freemake Improver | ID = 0
Description = Service cannot be started. System.PlatformNotSupportedException: Operation
is not supported on this platform. at System.Net.HttpListener..ctor() at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener
channelListener) at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback
selectTransportManagerCallback) at System.ServiceModel.Channels.TransportChannelListener.OnOpen(TimeSpan
timeout) at System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan
timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at
System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan
timeout) at FreemakeUtilsService.Common.ProcessO...
Error - 19.03.2013 08:37:28 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.03.2013 12:14:01 | Computer Name = juki-PC | Source = Google Update | ID = 20
Description =
Error - 19.03.2013 12:19:05 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.03.2013 13:21:52 | Computer Name = juki-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.02.2013 15:17:35 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 26.02.2013 12:10:48 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 26.02.2013 12:10:48 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.02.2013 11:35:02 | Computer Name = juki-PC | Source = DCOM | ID = 10010
Description =
Error - 12.03.2013 07:51:49 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 12.03.2013 07:51:49 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.03.2013 09:51:47 | Computer Name = juki-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 13.03.2013 um 14:36:38 unerwartet heruntergefahren.
Error - 13.03.2013 17:01:13 | Computer Name = juki-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 16.03.2013 05:18:04 | Computer Name = juki-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.199 für die Netzwerkkarte mit der Netzwerkadresse
0022436B3F31 wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 17.03.2013 10:59:07 | Computer Name = juki-PC | Source = DCOM | ID = 10010
Description =
< End of report >
| Schritt 3 ging nicht, da blablabla
Danke für eure Hilfe
|
19.03.2013, 19:51
Linear-Darstellung
