"C:\Windows\SysWOW64" öffnet sich bei Systemstart Und hier die Extras.txt
Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 18.04.2013 19:20:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Adler-Wolf\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 51,95% Memory free
8,00 Gb Paging File | 5,53 Gb Available in Paging File | 69,12% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 19,26 Gb Free Space | 34,52% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 120,22 Gb Free Space | 51,62% Space Free | Partition Type: NTFS
Drive E: | 1171,90 Gb Total Space | 366,19 Gb Free Space | 31,25% Space Free | Partition Type: NTFS
Drive F: | 341,82 Gb Total Space | 249,30 Gb Free Space | 72,93% Space Free | Partition Type: NTFS
Drive G: | 349,17 Gb Total Space | 142,59 Gb Free Space | 40,84% Space Free | Partition Type: NTFS
Computer Name: ADLER-WOLF-PC | User Name: Adler-Wolf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini[@ = Notepad++_file] -- C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = Notepad++_file] -- C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.ini [@ = Notepad++_file] -- C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.txt [@ = Notepad++_file] -- C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008667C0-8C51-4838-8F27-E29BCBFCF9C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D7D4D36-C573-4131-B298-ACF09F63B1BC}" = rport=139 | protocol=6 | dir=out | app=system |
"{34288E6F-245B-4884-BF07-4FD3755B3ECF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50CE03C9-5D79-49E6-92D5-9B585D58FFB5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51CEDB4B-5792-42CD-AC83-077ABCA4FC9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{540C6119-6F44-4122-A67B-2C2471744881}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{58292853-9FE8-442C-9C1A-98BB3080B3D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{6A7FE4BA-8824-4A3C-B024-086175B17D08}" = rport=10243 | protocol=6 | dir=out | app=system |
"{870B7A50-96EA-46AC-8BCC-ECDB6B3F53AA}" = lport=139 | protocol=6 | dir=in | app=system |
"{896BA736-BFEA-4D3F-934F-E06986958845}" = lport=10243 | protocol=6 | dir=in | app=system |
"{899A4433-0F6A-4735-AD0C-63F716197B4D}" = rport=445 | protocol=6 | dir=out | app=system |
"{9514B098-EF30-46DB-B965-DFDA265AC8B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A47DE6DF-53FD-4A6E-A7B4-E55886052C0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC8A2CCC-3C53-4B7E-803E-BC0EC683D170}" = lport=137 | protocol=17 | dir=in | app=system |
"{AE080829-297C-4067-86B6-84C431FFA228}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF2E1CB1-480E-4114-A67A-DE490CB25B7E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AF890367-C85B-47A4-83C1-6098657E43F8}" = lport=445 | protocol=6 | dir=in | app=system |
"{D56DF426-3F44-4BD7-B245-C347EFC2DBF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5590F76-E9E7-4501-8B78-B3F77A53CBB8}" = rport=137 | protocol=17 | dir=out | app=system |
"{EE0840B7-56CF-46E0-A0DA-7CF707B92DFC}" = lport=138 | protocol=17 | dir=in | app=system |
"{F1C003AE-F341-4992-8934-03DD7DFBD6A7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F70C488B-FE48-472E-83E0-32403D1E06D3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9AD9DAA-946A-40EF-8CD6-22C75AEAAB4D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{FD58A967-1479-45C7-9705-029F7C06097F}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0218CE28-4747-4E54-97DC-FBB5C368CE14}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{031BBCCE-9373-4512-96CC-2CF98D5F9AC6}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{033469D7-83EC-40C1-AE05-C62DA81E7611}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftsrv.dll |
"{04B279F4-5DA4-4F39-9220-8A6BC11C3641}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0A7C223B-141F-473A-A4CF-9B8878328C79}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\streaming video recorder.exe |
"{0B9D5F96-6A99-43FA-92A9-C655A44D28BC}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftdump.dll |
"{0BDF4509-3EDB-4CDB-89E7-A8133E3CC773}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{1036DE54-B9AA-47AF-A7A6-8D124F892BD8}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{15C4E164-7A8A-488C-A4ED-FBC14DA7F040}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\dmcr.exe |
"{1786E1E0-ADFF-45B1-820C-B242BBD6ED97}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{19A50441-7CDB-4A86-9929-AA0CBF877DF0}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{1B82681A-E1D3-447E-B995-5D070AF9C67D}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{1C8154F3-58EF-44E9-ADC9-E3E73304228D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20DFFB1C-9847-4D17-9605-27CC2FE8C0B4}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{22846037-B841-451C-B045-F09A3835E6F3}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{2350948B-436C-481D-B03E-9CF12D1A10F0}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{2420580F-413E-49A2-B702-35FC453BA38A}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\rochard\rochard.exe |
"{29943552-CE8F-4495-90DD-02475038F6A6}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\cossacks back to war\bin\dmcr.exe |
"{2BF20FC7-AF82-495A-85E9-8FD45B3706B8}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{2DB8E59F-8C36-40B3-8C38-C7ABAF1B5354}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{34AD646E-F874-4458-B01D-CB45D5413715}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{35DB17E3-1E24-4E9B-A567-AAA619BE9AB4}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{396093E6-E54F-4CC7-9EFE-8E15F96B23B5}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{396F2010-1B41-4033-A8C0-7B591AFFEFC8}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{3CA1F445-A3DC-41FA-B473-FAB84BBED6A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E8F5296-2F23-403F-AC86-701045F708D2}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{3EDF2B12-0AD4-4F5E-931E-F8327D01DCDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41212074-2C64-488A-B7D9-69742C238BB8}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{41957B3F-57F1-48D2-94BA-1888EA6BF4B7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41D63AFE-43D1-4739-8C11-D4BA89282102}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{423DD573-E252-40A7-B3B5-C49E993BD41F}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\east india company\eastindia.exe |
"{4290CDF0-3DBA-471E-84B4-45481430868A}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{42BDBD6A-6C34-4BEF-A94E-DAA27BD56224}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{4915C18D-3148-49A0-993F-C0B5C8ABD921}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{4990E8EA-7DCF-4CA4-A0A2-6B9030493E97}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{49DC76FA-8A1A-46EC-8C4D-881E407B4B49}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{4D6A65CB-5BA6-41A2-986A-4C4B1C89DCBD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55A8C526-A706-4414-B8A1-7CF116CC54E8}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{5648C49D-F275-4D78-A371-0CF9BFC1E410}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\rochard\rochard.exe |
"{5A638ADE-B42A-4942-BE9D-0BAA9F66B64D}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{5BF4F525-9F2C-4842-B27F-BF429F620BCC}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{622E7C12-0ADA-402D-A4F7-ED959FA84A7A}" = protocol=6 | dir=in | app=f:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe |
"{674152EC-D4B1-4A3F-ADEC-81E052F3B1CB}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{68EA7190-AD26-4FDA-AEC8-3595D4DB4402}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\crazy machines\crazymachines.exe |
"{6E11D90B-86F0-4F7A-B9F4-D02AB2028673}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{6E9EE935-A350-4657-8125-550928F99D46}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{6F3AF8FF-50C1-4514-9EA3-FF9EA9303FC5}" = protocol=17 | dir=in | app=f:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6F418B60-F05D-40E2-B1F1-CE64178EAC77}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\crazy machines\crazymachines.exe |
"{6F8DD525-5E8F-46CE-8D7F-0D427B9BB10B}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{7172F5F7-9110-40EB-BBE2-391DE0C98D89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77EFD485-7900-43F6-AE71-EAFBD07794CE}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
"{78D10B09-A51B-457B-A37F-4DE71B26609A}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftplayer.dll |
"{7DD754BD-BA14-4756-AA12-F2FD8B45147E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7FE80CD2-F5F8-46E0-B2A1-9B28EAAB2644}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{81E09846-6591-4157-810C-C2C0CDBB91E5}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8820A551-877C-4331-8F85-83444D0E32AA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{8A330054-CFA4-44F8-B779-C479EC0A351D}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{8DD4A367-7463-44EC-8F67-5A11D8381716}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{8F58D332-47BE-4C03-AF6C-C3AB691C882D}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\east india company\eastindia.exe |
"{8FE2AE7A-EEBD-4002-984B-421CB9816E03}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{900BDBDE-0022-44C3-B9BA-FB4A66B05C0B}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{96C59E5F-47BA-4AB5-B25F-86D92C6B22C9}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{96D80E2E-FDCF-4473-9AD7-E4818CCF6C61}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{97DEB3E8-DD4A-4A3A-8C74-B94A1C6AD128}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98C8BAF2-7F60-45A1-BB3D-E12B5B417BDB}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{98DE361B-78EC-44DD-A006-C8B5FADC3306}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{9A7A5DAF-F90B-4840-999D-BED6B648E3F2}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\arnos_the_empero\counter-strike source\hl2.exe |
"{9B91F430-C7EC-4E06-9382-10B7E8C1ED43}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\arnos_the_empero\day of defeat source\hl2.exe |
"{9D34CA4B-2A6E-4293-9565-AEA721997EBC}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{9D603D9F-A855-4CB4-97FF-310B75BDED9C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A1C44105-0286-40EB-AA76-DCCBD71EDD4A}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{A34CB27E-366C-47BE-8927-6E17492B8265}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A75D9A21-9198-4299-B066-101347BA81A1}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{AABDB3C3-7B90-4364-9C87-DEEB42E02277}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\dlc quest\dlc.exe |
"{ABE5ACCD-B6BA-49CF-AA7E-4BC6A5FE78E4}" = protocol=17 | dir=in | app=f:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe |
"{ACC274FE-8FA1-4FEB-A84F-E45A128CBF72}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{B1A7CF80-BA93-4934-9481-CF042C447159}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\unreal tournament 3\binaries\ut3.exe |
"{B5F28858-1776-46DD-9AD4-0C84E1660100}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steam.exe |
"{B840EECE-796E-4EB0-9E7F-DCA88CC99C2F}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe |
"{B92FC9D7-E627-41D6-BF2D-B360F6E69337}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{C0F987FE-CBC9-4645-B4C1-7ECDE634FD24}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{C12C4270-ED3D-42AB-84C9-EDAB41790AAA}" = protocol=6 | dir=in | app=d:\users\adler-wolf\appdata\roaming\dropbox\bin\dropbox.exe |
"{C2939DDD-9810-441A-8279-2A44079C7BBF}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{CAD98644-BC42-4F0C-B730-C5B9F1C85BBF}" = protocol=17 | dir=in | app=d:\users\adler-wolf\appdata\roaming\dropbox\bin\dropbox.exe |
"{CD8286E6-D3BF-4FE9-9D71-376E7164B927}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{CFFF2E21-29DD-4C1D-9859-984CDFCCB958}" = protocol=6 | dir=in | app=d:\users\adler-wolf\appdata\roaming\dropbox\bin\dropbox.exe |
"{D0A40A70-5C0A-4F8F-811F-904BEE18256C}" = dir=in | app=c:\program files\apowersoft\streaming video recorder\apowersoftac.dll |
"{D24965F2-2A9E-48CC-855D-BC524B78A93A}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{D3BE184C-DA75-46EC-BE90-F54551D6E3C0}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steam.exe |
"{D3CB1C83-6957-4E36-983E-7B872E1245A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC3EDB03-5C0B-455F-A41B-5322853F785B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC927F07-09A5-44F2-BECD-9649DF2A014A}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\arnos_the_empero\counter-strike source\hl2.exe |
"{DDF5BF52-7B03-4A6D-9D44-675F7DA37FD6}" = protocol=6 | dir=in | app=f:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DE32E104-277B-4FEF-90FA-078F76ED2A5E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DF9FF9B3-53B2-4663-A2F7-C775E0AA4442}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{DFECB480-2EE7-48E4-9D0F-38CFD4C94A53}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E04DD22D-78B3-48A7-955C-AF6FA3926113}" = protocol=17 | dir=in | app=d:\users\adler-wolf\appdata\roaming\dropbox\bin\dropbox.exe |
"{E0B77A26-6F50-4835-9FDD-2A17E8E9B437}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E17626B4-7225-49D1-90AF-5DA8E2727B02}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\arnos_the_empero\day of defeat source\hl2.exe |
"{E2FC9B73-D504-4A03-BD3C-8BD9A359C6DB}" = protocol=17 | dir=in | app=f:\program files (x86)\origin games\darkspore\darksporebin\darkspore.exe |
"{E3137008-A664-4927-AC00-AC918774B156}" = protocol=6 | dir=in | app=f:\program files (x86)\origin games\darkspore\darksporebin\darkspore.exe |
"{E36B2C90-6131-4FE1-9C66-B332457F1D54}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E416A495-2314-4E85-A314-DA6E5148A159}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{EDBCBFDA-9DB5-4268-98F0-73174E7CBCAD}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{EFEA84BE-E04B-4C8B-AF92-85D587FD056D}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{F21156C9-4C3A-40BB-BA40-B422EF755A09}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{F2F03CED-367C-449A-AE37-DB9CA0ADCE03}" = protocol=6 | dir=out | app=system |
"{F6F26387-5DE8-47A0-B54A-5B98F32CA529}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F80C787D-FFDD-4A53-86E2-11C923D36897}" = protocol=17 | dir=in | app=e:\program files (x86)\steam\steamapps\common\unreal tournament 3\binaries\ut3.exe |
"{F9BECDD5-C667-46CD-ACF0-EEA547D5F2EC}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{F9E7A2DD-91F8-4AEA-BA43-F51BFB0ECC53}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FC8F457B-65D6-4062-8BEA-825978E14D07}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FF4D7BBA-4400-4F73-A508-7AF4DF4CC603}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FFD099AA-A487-4723-B871-B2AD21A11EFA}" = protocol=6 | dir=in | app=e:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90150000-007E-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{90150000-008C-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-1000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2B47795-9ABC-37C1-0633-68B1B7104543}" = AMD Drag and Drop Transcoding
"{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProPlusRetail - de-de" = Microsoft Office Professional Plus 2013 - de-de
"Sandboxie" = Sandboxie 3.76 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{022BC727-ACB7-4C1D-109C-177515714A32}" = Catalyst Control Center
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{0CC21836-A5D6-4641-B4AE-6FA01D021E41}" = Die Sims Mittelalter Piraten und Edelleute
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.4.8
"{4AA62353-C8D9-4A05-A425-D9DFC4646B99}_is1" = FFsplit version Alpha
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{63DEADD1-C032-4F1F-AF76-26B166D6AC30}" = G Data TotalProtection 2014
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6E839820-0BBA-4310-9D06-4463BAEA6641}" = Secure Download Manager
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{793FCE60-DE5E-4977-A942-A7B69A45B17D}" = MainConcept DTV Decoder Pro
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die Sims Mittelalter
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F0F5689-6900-425B-A8C2-0DBD10DAB694}" = Command & Conquer™: Generals and Zero Hour
"{8FDBE1E8-2922-4750-9E4B-6B28CA67DBBB}" = Unreal
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.VISIOR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.VISIOR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.VISIOR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.VISIOR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}" = Darkspore™
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{D032A7F0-8B5C-4603-8B46-235025D5F9C1}" = TechniSat DVB-PC TV Star
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{DA47ABC4-52DF-468D-988D-B9E768A3DF52}" = Pizza Connection 2
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132000C-1CBA-458F-BF2F-FD43D59410F9}" = LightScribe System Software
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"4578-0181-0549-1546" = Altitude
"5513-1208-7298-9440" = JDownloader 0.9
"AC3Filter_is1" = AC3Filter 2.5b
"Activision_StarTrekArmadaUninstallKey" = Star Trek: Armada
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.3.1
"AIMP3" = AIMP3
"ALchemy" = Creative ALchemy
"Armagetron Advanced" = Armagetron Advanced 0.2.8.3.2
"AudioCS" = Creative Audio-Systemsteuerung
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battlelog Web Plugins" = Battlelog Web Plugins
"Console Launcher" = Creative Konsole Starter
"Creative AutoMode Switcher" = Creative AutoMode Switcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Creative Volume Panel" = Lautstärkefenster
"DEMONWORLD" = DEMONWORLD
"DVBViewer Pro_is1" = DVBViewer Pro
"DVBViewer TE2_is1" = DVBViewer TE2
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.6.0.2
"Free Download Manager_is1" = Free Download Manager 3.9.2
"GOGPACKRCT2_is1" = RollerCoaster Tycoon 2 Triple Thrill Pack
"GOGPACKSTRONGHOLDCRUSADERHD_is1" = Stronghold Crusader Extreme HD
"GOGPACKSTRONGHOLDHD_is1" = Stronghold HD
"Halo" = Microsoft Halo
"Inno Setup 5_is1" = Inno Setup Version 5.5.3
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"Juniper Network Connect 7.1.0" = Juniper Networks Network Connect 7.1.0
"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client Activex Control
"KKND Krossfire" = KKND Krossfire
"lavfilters_is1" = LAV Filters 0.55.3
"Mozilla Firefox 20.0 (x86 de)" = Mozilla Firefox 20.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nGlide" = nGlide 0.97
"Notepad++" = Notepad++
"NSIS" = Nullsoft Install System
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Star Trek Armada II" = Star Trek Armada II
"Steam App 105600" = Terraria
"Steam App 18420" = Crazy Machines
"Steam App 203850" = Microsoft Flight
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 230050" = DLC Quest
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 41700" = S.T.A.L.K.E.R.: Call of Pripyat
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 570" = Dota 2
"Super Castle Attack" = Super Castle Attack
"TechnoMage" = TechnoMage
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"THX_Console_Unicode" = THX-Einrichtungskonsole
"ToshibaEdit" = ToshibaEdit (remove only)
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"VMware_Player" = VMware Player
"Warcraft III" = Warcraft III
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2013 06:30:05 | Computer Name = Adler-Wolf-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.04.2013 06:32:18 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Users\Adler-Wolf\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 16.04.2013 06:32:20 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Users\Adler-Wolf\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 17.04.2013 08:06:39 | Computer Name = Adler-Wolf-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.04.2013 11:41:15 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 17.04.2013 12:04:25 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.04.2013 08:11:49 | Computer Name = Adler-Wolf-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.04.2013 08:30:26 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 18.04.2013 13:17:03 | Computer Name = Adler-Wolf-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.04.2013 13:20:09 | Computer Name = Adler-Wolf-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\Users\Adler-Wolf\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 16.04.2013 07:13:49 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 16.04.2013 07:14:23 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 16.04.2013 07:23:56 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 16.04.2013 07:24:11 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 16.04.2013 07:46:40 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 17.04.2013 08:05:11 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 17.04.2013 08:06:07 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 18.04.2013 08:10:36 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 18.04.2013 08:10:57 | Computer Name = Adler-Wolf-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 18.04.2013 13:14:16 | Computer Name = Adler-Wolf-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Und gemer.txt
Code:
Alles auswählen Aufklappen ATTFilter
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-04-18 19:57:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 OCZ-VERTEX2 rev.1.37 55,90GB
Running: gmer_2.1.19163.exe; Driver: D:\Users\Adler-Wolf\AppData\Local\Temp\kgldipob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80002ffe000 63 bytes [00, 00, 1C, 02, 4D, 49, 63, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 624 fffff80002ffe040 22 bytes [98, F7, 15, 07, 80, FA, FF, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000074031a22 2 bytes [03, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000074031ad0 2 bytes [03, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000074031b08 2 bytes [03, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000074031bba 2 bytes [03, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000074031bda 2 bytes [03, 74]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2200] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26 0000000071d713c6 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74 0000000071d713f6 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257 0000000071d714ad 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303 0000000071d714db 2 bytes [D7, 71]
.text ... * 2
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79 0000000071d71577 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175 0000000071d715d7 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620 0000000071d71794 2 bytes [D7, 71]
.text C:\Windows\SysWOW64\vmnat.exe[2260] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921 0000000071d718c1 2 bytes [D7, 71]
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[2360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[5260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[5260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text E:\Program Files (x86)\Steam\Steam.exe[5232] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000074f9549c 5 bytes JMP 0000000100080800
.text C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe[4656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe[4656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[7172] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate 0000000074f9549c 5 bytes JMP 00000001000f0800
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[7172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[7172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe[4596] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text D:\Users\Adler-Wolf\AppData\Roaming\Dropbox\bin\Dropbox.exe[4596] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
---- User IAT/EAT - GMER 2.1 ----
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamDWord] [7fef83f741c] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSet] [7fef83f5f10] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmEndSession] [7fef83f5674] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartSession] [7fef83f5e2c] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartUpload] [7fef83f7f48] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppVersion] [7fef83f6a38] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetMachineId] [7fef83f6ee8] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmWriteSharedMachineId] [7fef83f7b58] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmCreateNewId] [7fef83f7ea0] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmReadSharedMachineId] [7fef83f78b0] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmGetSession] [7fef83f4fb4] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppId] [7fef83f5d38] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2292] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamString] [7fef83f7584] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xDE 0x4F 0x69 0x68 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x60 0xC7 0xD7 0xE6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xBB 0xAD 0x38 0xCD ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xDE 0x4F 0x69 0x68 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x60 0xC7 0xD7 0xE6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xBB 0xAD 0x38 0xCD ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
18.04.2013, 18:42
Baum-Darstellung