| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: searchnu.com/406?... in IE Firefox und ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
15.05.2013, 16:53
| #1 |
| |  searchnu.com/406?... in IE Firefox und Chrome Hallo liebe Experten, ich hab mir mit einen iLivid Download wohl was eingefangen. In allen neuen Tabs geht jetzt immer "searchnu.com/406?appid=484&tag=newtab" auf. Kann das aber nicht mehr ändern. Bitte um eure Hilfe Hier die Logs: OTL: Code:
ATTFilter OTL logfile created on: 15.05.2013 16:52:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free 7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe PRC - [2013.05.13 17:04:27 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.05.08 11:00:23 | 003,364,352 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe PRC - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe PRC - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.04.04 16:28:02 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.01.18 16:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2013.01.18 16:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe PRC - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () -- C:\Programme\Polar\Daemon\polard.exe PRC - [2012.07.03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe PRC - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe PRC - [2011.04.13 15:03:38 | 001,298,320 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe PRC - [2011.04.13 15:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe PRC - [2011.04.13 15:02:34 | 000,412,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.12.08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Programme\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.05.11 14:35:56 | 000,020,480 | ---- | M] (Carl Zeiss) -- C:\Programme\Carl Zeiss\MTB 2004 - 1.8.0.7\MTB Server Console\MTBService.exe PRC - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE PRC - [2009.09.18 17:02:30 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe PRC - [2009.08.21 09:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\System32\ANIWConnService.exe PRC - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\hasplms.exe PRC - [2008.05.20 19:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe ========== Modules (No Company Name) ========== MOD - [2013.05.08 11:00:25 | 000,474,112 | ---- | M] () -- C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll MOD - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe MOD - [2012.08.17 14:43:40 | 000,104,448 | ---- | M] () -- C:\Programme\Polar\WebSync\PTransform.dll MOD - [2012.08.17 14:42:38 | 003,477,504 | ---- | M] () -- C:\Programme\Polar\WebSync\libpolar.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.01.14 17:01:02 | 002,142,720 | ---- | M] () -- C:\Programme\Polar\WebSync\QtCore4.dll MOD - [2011.01.11 01:25:48 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.02.10 19:45:48 | 000,025,600 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qgif4.dll MOD - [2010.02.10 19:45:40 | 000,119,808 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qjpeg4.dll MOD - [2010.02.10 17:22:16 | 007,971,840 | ---- | M] () -- C:\Programme\Polar\WebSync\QtGui4.dll MOD - [2010.02.10 17:07:32 | 000,929,280 | ---- | M] () -- C:\Programme\Polar\WebSync\QtNetwork4.dll MOD - [2010.02.10 17:06:06 | 000,334,848 | ---- | M] () -- C:\Programme\Polar\WebSync\QtXml4.dll MOD - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE MOD - [2009.07.07 18:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\System32\wlanapp.dll MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\ANI\ANIWZCS2 Service\ANIOApi.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Carl Zeiss\MTB 2004 -- (MTBService_1.8.0.7) SRV - [2013.05.15 16:29:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator) SRV - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.10 20:43:52 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () [Auto | Running] -- C:\Programme\Polar\Daemon\polard.exe -- (Polar Daemon) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.21 08:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Users\Carina\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver) SRV - [2010.05.24 22:46:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ANIWConnService.exe -- (ANIWConnService) SRV - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2013.04.04 16:28:33 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.04 16:28:33 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.04 16:28:33 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.04.04 16:28:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.11.02 13:23:15 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.08.23 23:04:28 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.08.23 23:04:27 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.08.05 21:59:30 | 000,750,592 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u) DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.09 14:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock) DRV - [2009.03.06 18:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf) DRV - [2009.01.16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge) DRV - [2008.08.06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.08.17 16:14:44 | 000,891,392 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2006.10.19 05:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.pgv.at/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406?appid=484 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=484" FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: toolbar@gmx.net:1.5.3 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.31 13:05:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.31 13:05:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.19 21:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 22:56:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.25 12:19:35 | 000,000,000 | ---D | M] [2009.10.29 14:45:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Extensions [2013.05.15 16:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions [2013.05.15 16:13:08 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} [2013.05.15 16:13:04 | 000,000,000 | ---D | M] (New Tab) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF} [2010.10.21 11:27:34 | 000,010,567 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\gmx-suche.xml [2011.02.14 17:18:01 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-1.xml [2009.10.28 18:37:56 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-2.xml [2009.12.16 18:51:37 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-3.xml [2010.01.07 12:35:08 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-4.xml [2010.02.19 11:05:38 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-5.xml [2010.03.13 14:48:32 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-6.xml [2009.10.22 20:24:42 | 000,000,955 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin.xml [2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\Search_Results.xml [2013.03.13 12:37:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.10.29 14:41:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012.09.10 20:43:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.08.18 19:39:54 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2012.03.10 19:30:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.03 22:04:39 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.03.10 19:30:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.03.10 19:30:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2012.03.10 19:30:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.10 19:30:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Search Results () CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.searchnu.com/406?appid=484 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: iLivid New Tabs = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ CHR - Extension: Google Mail = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE () O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{203359B1-567A-441C-99C6-9D3BC5C51AB0}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF9D0D85-E383-4060-85D9-F202E52D71CE}: DhcpNameServer = 212.186.211.21 195.34.133.21 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\mgrldr.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell\AutoRun\command - "" = E:\Setup.exe O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.15 16:52:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe [2013.05.15 16:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools [2013.05.15 16:22:06 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys [2013.05.15 16:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2013.05.15 16:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2013.05.15 16:21:48 | 000,000,000 | ---D | C] -- C:\Users\Carina\AppData\Roaming\TestApp [2013.05.15 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert [2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar [2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr [2013.05.13 17:05:57 | 000,066,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys [2013.04.24 17:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe [2013.05.15 16:51:17 | 000,000,000 | ---- | M] () -- C:\Users\Carina\defogger_reenable [2013.05.15 16:49:45 | 000,050,477 | ---- | M] () -- C:\Users\Carina\Desktop\Defogger.exe [2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 16:37:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.15 16:37:31 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Carina-Startup.job [2013.05.15 16:37:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.15 16:37:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.15 16:37:14 | 2817,875,968 | -HS- | M] () -- C:\hiberfil.sys [2013.05.15 16:23:49 | 001,971,463 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB [2013.05.15 16:21:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.15 16:17:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000UA.job [2013.05.15 16:06:47 | 000,416,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.15 08:05:26 | 000,657,660 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.15 08:05:26 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.15 08:05:26 | 000,131,032 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.15 08:05:26 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.13 17:05:19 | 000,066,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys [2013.04.24 17:04:26 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.04.24 16:35:49 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000Core.job [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.15 16:51:17 | 000,000,000 | ---- | C] () -- C:\Users\Carina\defogger_reenable [2013.05.15 16:49:44 | 000,050,477 | ---- | C] () -- C:\Users\Carina\Desktop\Defogger.exe [2013.05.15 16:22:11 | 001,971,463 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB [2012.12.21 15:22:00 | 000,141,736 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.08.07 19:49:19 | 000,001,936 | ---- | C] () -- C:\Windows\System32\nethasp.ini [2011.02.27 14:48:41 | 000,004,096 | -H-- | C] () -- C:\Users\Carina\AppData\Local\keyfile3.drm [2010.10.19 16:30:20 | 000,000,253 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANICONFIG_{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}.ini [2010.09.20 19:32:41 | 000,003,284 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANIWZCS{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4} [2010.05.18 20:52:35 | 000,000,017 | ---- | C] () -- C:\Users\Carina\AppData\Local\resmon.resmoncfg [2009.11.09 00:22:47 | 000,007,680 | ---- | C] () -- C:\Users\Carina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.08 23:26:16 | 000,153,157 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\mdbu.bin ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.12.06 02:28:18 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Artweaver [2012.12.19 21:35:44 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Canon [2011.08.07 19:56:10 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Carl Zeiss [2012.12.19 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoft [2012.01.03 12:53:19 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.18 19:40:52 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Foxit Software [2011.07.26 16:17:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\go [2009.10.29 14:45:30 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\ICQ [2011.01.31 13:05:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Local [2011.01.14 12:28:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\MAGIX [2011.11.27 00:55:33 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Need for Speed World [2011.02.19 23:45:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Opera [2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Program Files [2013.01.22 20:55:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TeamViewer [2013.05.15 16:21:48 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TestApp [2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Ubisoft [2010.07.06 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Uniblue ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:C895616B @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 15.05.2013 16:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free
7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS
Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT
Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BIPA FotoShop] -- "C:\Program Files\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A674FA0-2CB3-4790-9E61-CAE0E15381B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1DAAA982-259B-4CB7-8723-D805EC1AE497}" = lport=137 | protocol=17 | dir=in | app=system |
"{241D5B35-DB2D-4FB6-BBFF-67D1FEEE4D4B}" = lport=10245 | protocol=6 | dir=in | app=system |
"{43E793D7-5991-466A-BE5D-86051A5F0EEA}" = lport=138 | protocol=17 | dir=in | app=system |
"{4900697D-B286-410D-842A-2289735EF935}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53246178-B2CA-45EC-A9B8-1ED427189B24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63AE5D71-7FE3-4743-AB17-5BDB44C54EE5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6638069D-C8E5-4113-85C3-C7BCFD477D77}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2349B29-6BED-447C-BEB3-9E59C5ED5C10}" = rport=137 | protocol=17 | dir=out | app=system |
"{A9CBDC81-D807-4D61-ADA4-68A1ACF6E7BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{AD38B7B9-E403-42B2-9A19-6953B3977E7A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B7CCCE3B-6E57-48B4-9AF3-60794796CEBE}" = lport=445 | protocol=6 | dir=in | app=system |
"{C90BA560-D9FE-4240-9BA0-B70117E97D22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4CD51F5-E50A-4500-8DDB-5D717B2B00BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{F57F109A-BE28-4A6F-A381-F322C6359D26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2C51D6-4885-4C72-B3DE-5B26CA3DA8B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0055E993-3151-4C9E-8F4C-9A512DB5E341}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{0066FA10-ECF1-4866-ACF1-E9EF3606797D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00902EF5-F485-452E-AE3B-55B44C18DD7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00FE3C0A-8AD3-4F8E-891C-5EDF08E343D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0295A833-0A31-4150-8915-AFABA70694E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0300931F-9A95-4F4E-BC5C-0682625F5230}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{04CA7C12-ADE7-4D60-AB94-2859C935EBA4}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{0599EF4E-D327-4FDF-ABC1-5F2EBA9115D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05C4EC9D-3981-4B11-A0E0-AA786DE903C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{07D04CF3-3FE3-418D-A33B-4CEE6BC6A53F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09F3FCDD-97C8-4C1F-8453-F36D6CCB6637}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A7E64A6-34AF-4659-AE7F-5ADC64633E80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DA608B7-DCC0-4B22-B7F5-45394CE520E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E4C447C-9951-4568-92A6-348784D44777}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F7BC9FB-186F-434D-8D86-CA772A90C34E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1216F52D-5DB5-4F0E-A383-B9FCE4639BC4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{122A02E1-F6B1-49B2-8782-93769DD91C93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1388A37C-81BB-4DAB-ACEC-CAE6FC373A26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14342621-622F-4228-8B1B-48DAB66F7347}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14EF03B7-5485-4D8D-8D15-E63DA5015B87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15F5E10F-C1E1-4B62-8321-CF866A04BAB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1621DDC2-20C1-4652-A12F-25F94D661244}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16FE85AC-A99C-4CF8-8F26-8316E2E6B350}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1787B378-1E7C-47E7-9B43-B01DF080DD24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17B2E263-64CC-4F42-BFDA-82E307208097}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17D4375D-9AA1-4FC0-9165-54467803AE41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17F4C7F8-17CF-4BF3-A2B0-F045A12E7DE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{18134A2E-0604-4A3F-B754-0C668638017F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{183F6D06-6EBE-4E4B-B846-310684BBA16B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{192AF08B-616B-4EBC-BDAA-10EBC15AA590}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19830D02-09A8-4E5F-B810-2078D596F4C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A1A2219-CCB7-4BA7-ACBF-90FD8550A1D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1AA71246-3D8D-4719-8E37-D773765E8425}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C0B8EC5-C93B-48B6-AB2E-58586AC861D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E4B8478-7EFB-496C-8AF3-8E7196C441F6}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{202BFE81-F290-4E3A-BB85-4847B8CC3F61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20AC3431-D754-4C04-BFC2-7E567F133471}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{211AB39D-5CB7-461B-B37F-990391226CBF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21CFBBD0-E417-4478-9174-4850A448F268}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{22748D2E-7F4F-40B7-A3EE-CDCF4AA48738}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22DEF94D-6C78-4275-9D23-AF42479D65D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{238E5A4A-909C-4F0C-A53D-125CB1E371CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23E7BE83-14CC-4426-A77F-1BD824BCB39F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24D84CB1-2940-4B8B-89C1-E665942C903F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24EA944C-ECD0-41F1-8BDD-09F4AEA56660}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25104C98-CEB7-4A7E-8ADE-B238F077D6D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{251D1122-2D40-45EA-B0DD-670DA78FFC9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25408085-E7DD-41E8-8BCE-FDFA230948F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{26FA7928-0754-4B48-8E37-B4D8E35AA43B}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{286E0660-D387-43D5-AE02-F324B833D1E8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{28CB70A6-9CA2-4385-860C-2BA80228629A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28D2AA3B-A24A-438A-867F-0A6ABA9322B8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{29207982-271F-4CA0-B7EE-9A7B75ACD827}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{292E6D74-87F5-4A61-B46D-92112FB676A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29DA921F-6453-447F-A9DC-8C1D40AA333C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A84038D-C780-4631-8843-A9D4BEAF166A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AA8FD77-C961-464F-BBAB-5826946D3B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B6EC0F6-80C1-4454-A486-07ED49319EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BC58168-2A08-4B30-80A4-DD1CB1FB00C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C2346B3-3B4C-49EA-B854-41F9C99369D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C97F895-EF5C-48E0-93EE-63E3B6B2C5E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D2C0EF8-F956-4DFD-90BD-B9907DA84682}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E5B56C3-848A-4394-8B23-9826A8300540}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E96C522-351E-4B53-AA0F-F1E94F455EA0}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{2FF80E26-2F5A-493D-820D-3A24EC82F13D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316F4356-7278-48B8-A89F-9A2DF54B48F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32D19503-AB0D-4E75-9F0C-BBC7B7F3B054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{330126F9-4A37-4165-B26E-ACBD253374E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33CF74E7-DAF1-4378-A1BB-895704E7F576}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3482A9C0-27DA-45AA-BB6B-22673B8943C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34E9A520-6E3C-44F0-AFC3-1EFE33AC34C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{352FCC43-34C6-415E-81F4-A39C103B34C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{353E0AC5-A6FB-41B1-B184-1A4B07722B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3779FB99-2BCF-4F1F-B4E2-48F5EC3EF35B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{378DCAF7-A9BE-44DE-BAA2-4188E67A17AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38EC8E36-BFD6-466D-BDBC-D9DE6F918CAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A74C78B-72E2-46F7-834C-6962B0AC3911}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A77CB52-CB85-49E3-BF99-616BEB421E0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A823DA2-B016-4BFF-8B26-FD07B922AF49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E3BE273-E9D7-4B8C-85DA-CEE235644C8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E776395-9214-4A30-B8E2-C120574693A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E9BF6F4-FE2C-4B4F-951F-0E62F6A66FA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40ADE1D0-AA11-4D0C-9970-4B08D6055EE9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4208B661-4614-4D8D-9076-85DD126F84BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42F4898D-6F42-44BE-A81D-05556328A64F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{430A99B1-051D-4500-9A34-13ACD1B480A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43222A06-75A2-4DFF-A416-1563EA2A08D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44C482F3-803A-4C0B-B3AC-7DA3ACEB2C84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45653639-7EF8-4914-B3F5-BE7E5295F46C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46C97335-D828-4201-9E2C-308AD0AD487B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47A4D707-C0A1-4C30-850C-3E442A343490}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4855E7E8-5DF9-4081-B6DF-66D98C2CAC44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4875D198-FFB7-4496-A8FE-1229AE7D2334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4AD1FCAC-7D08-4BF1-8FE1-76A645376CC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B0CFCA4-6910-4203-9A16-DB3B2647C486}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B314D8F-C804-47C0-846B-803B61E0AACC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B3C2232-4C84-44CD-98EC-3E31C6442573}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B713531-E6E5-416A-B3FA-37F1EFBF9AA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C0ACBED-7965-4BD3-8A6D-8EFE516FDA80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C6564A4-AE75-4E58-8B7C-864FC02349E6}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{4CCCC621-8EDB-4532-8B85-A9143C7B3C37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EC6D45C-E0FF-495C-A5A8-B3D05F29E34F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{4F919B05-F6D1-495B-80B4-1F81C246ED25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4FE4559A-03DA-4D6A-A3DC-4B3C404F7D84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517300F5-BEE1-4E3B-8E3E-FDB7777452F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517D763B-F7AD-451F-BB3D-E66CBC61E342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{519C1745-4AF1-403E-9984-9B3FBC8E2D74}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{51BDF980-9E12-4BA7-B4C4-B58D97F82028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{525496F0-B375-4004-B289-44DC28CF858E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5255970B-2FFD-4283-BCF5-FF0328B8AC9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5284E6AE-DDF6-4A30-9B4B-D49EF6231ED7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5358A823-717B-4222-9FBF-522B056734B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53A107A3-2BE4-47C6-AD35-479922F54C67}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{5484CC9D-5251-43FE-BDD9-5F953492AD34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D84FF3-E1F5-4B9A-BE1D-DAB504E1D47F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{565BED5C-741E-4B94-9B88-0CB6CD4AD9ED}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5772B82D-F84E-4B05-AC81-BC43D17A3D7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59350AF3-B47B-44BA-B645-FC532A09895D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A2817A6-0E6C-4120-8D74-B923C3C0A727}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A39F03B-B7DA-4D98-B782-238C642D18D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A8D1980-74C7-4013-97E3-2BBDBD290B30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A9C8D18-E392-4A12-818A-BD0D45871808}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B41DED6-0319-4C56-8CEE-7714905710D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B7C9111-E680-409C-BEF0-DA37071EBDCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C03DA7B-B420-429E-9572-2B612BCB2B4F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CFDF149-AC61-4BBA-ABAC-1F72793F2AA5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D0FC86A-C34E-49FD-B28C-424CBC892200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E789807-1F18-4326-B355-D82E97404D2A}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{5EC75C26-FDC7-484A-8FE4-658E2E79F71C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F09312A-3FD8-4205-AF95-0625EAB6F76D}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{5F284DA6-12C2-4335-8144-2C145744E635}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6117CFB4-8682-4C71-84C2-7A98239E9D2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61546535-769C-4BF7-9B6C-25CCC08A9F9C}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{64211715-536E-4854-9819-9880120B12DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{656B9DA3-5976-494F-ABFB-77CF6FA62B17}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{65B04F0D-27E4-4C0B-99BE-E6B5D5BE7289}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{672AF4D4-94C9-4828-8DE0-70F7E9301200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{673E807E-D11B-4FDD-A7FA-C8D96D326BE4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{676F4BB8-30EA-434A-9930-DEE4B8FF8BF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67CF4C29-C48A-4F8C-BE9D-0F4242177937}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{680570CD-F772-44A8-8762-01A7BFE651E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{683BDCA7-0F80-4FC2-9F06-926DB068F941}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{688F7904-E2EF-43B4-978F-9D28953820C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6AE7EB59-9AC5-43F1-91AC-ED773371BB16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6BCE47BE-E88A-4251-883B-84B5156F1EC6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CED7DB6-5D1D-45D4-8595-A75B294A56AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D894EDB-529D-4499-B454-DB75E90195F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E36326D-8651-41FC-8618-8E35522D3531}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{6E814916-09E4-410A-8469-AB2738D4137B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E9557E0-6589-4CC7-86F5-0CE6E15AC6E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7084D282-E9C9-4D72-8D37-3F322175F311}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71D0C10B-B6A6-4CD2-8450-ABA841224464}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7526F5FD-0222-4396-B288-48E1747C0338}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78A47DBA-C959-4D45-A5EC-3F5A7FDB95F8}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{78C62DA8-AEC4-4B9F-A375-8FD2FD422423}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{78F3EFB5-0D6D-4E66-A8D8-A1F6FDDA1DD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A152564-7435-431F-981A-078851FA984F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{7D083521-B7AE-4040-AF5B-E2F7301F6D32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7ECC2243-E41D-432E-BABC-E62C016BD6C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F5E5DBA-EE6D-46C7-A4DC-B12E8CF399D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80F0F764-11F1-4FF3-A28B-A0F5066645A8}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe |
"{80F63964-A01D-40CE-85A7-FBB86D960AD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8131910B-D167-4845-B3C1-F9C4DA804450}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{814B1953-9142-4E30-864A-BDD58CA62AE8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{81AC29F5-A991-4339-9013-EDFCB18CE989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81D0D65D-04F5-4CB2-A53E-4C8EEF89668A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81ECD401-6E23-491D-BDCD-94B926C0BBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81F9BAA8-61C9-423A-B1E9-3BA007DF9285}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8349D6C6-1A13-4971-BAD2-CDE89BC088B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84AC363E-95E2-4425-B582-1C8CD0F0EA0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{857EBEAA-CC55-4C10-BED4-97A5B9F624BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8599F8BB-33DB-4C9C-8C6E-DD1F3FF519EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85D5E65E-CF64-4288-9983-F13BB465DB2D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86AEF994-1355-4704-BA35-A8A39E8EE71D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86EFBDC4-4FBC-4381-B2BE-9EDF39FF8CDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86F8F91D-6EDA-481F-BBCF-EEF834D442BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87F0F8D8-470F-4637-9C50-941C48AF8956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8989AB21-2B3E-4D72-BB2A-83444F18F4A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A436F83-96FB-426F-B824-C53AAE268A29}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A44861C-ABFD-491D-833B-3A8D53CCA978}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B4E8596-0814-403D-9A71-6D847224604D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B50ACA6-E4FB-47E9-BBA8-A3DBB1679A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DEAE656-BA92-4D40-808B-CD8034870CA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EAEE59C-FA47-4E30-9884-64E39E744D04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F64A7A9-0C29-49BD-B49A-ABED491ADF39}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FA5D648-6745-4DB7-89B5-47FD0604BE0D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8FE15D00-EAB5-4955-9E0A-F5FD2046449F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90600480-45E5-4254-A2F6-7F6FFE3D95C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90BD3FDC-1E4E-4623-93E3-905F39D77F5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90F4B81F-E86E-4164-AF22-D369ED341543}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91A6B1E7-395E-4C64-961D-5EFDDAFEE6F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{920518AB-BF44-4B63-A3F1-1CC87180979C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93747CEC-A83A-4652-8146-7BC2B71BF50C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{94F0523A-A87E-401E-840A-C41869897D25}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{94F118D9-5EE5-47D7-9EB9-92795D3FC83F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{95C820C8-7610-4E24-B44C-40E76CE1FD0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96E75D12-AFBF-48E2-A25C-7BD73E364DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{976B6EB1-5468-4A31-BEDF-B9A99B4E168F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9844BE0E-4C55-4856-AA8A-06C9576BA59A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{999D164B-8977-472D-859C-9B266291F1C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9A86F506-08D5-438A-8C8B-DCA59F5B75CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9AB1DC3B-D4E6-40C5-AECA-8D0A55D559FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B698944-6B3F-456E-B398-56FC0C31E4D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CABC77E-0E23-4F71-9012-C344999C2DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CF0C686-6330-421A-9E75-AC25FE419D9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D75FF5F-C5E3-4404-B096-C8A27B2F54C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DD17C98-BFC5-441C-9152-212654D3E356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E738746-8324-481F-BAC6-15CE9223950C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0CC4871-4C8C-4A83-B610-71455693AA93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A15C5149-EA8B-49C0-A96C-33A09ACC47F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2F96852-52C3-40B2-AB31-9C8C6B8164AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A325C812-8E52-4954-9C0A-78607EBDDE62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A44C0A6B-DA06-4843-B4D4-93AF433BE459}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5FFDC9C-71F0-4498-956A-B3B724370AED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A618C747-FA6C-408C-A621-38667A9B5300}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7CFE538-8E6F-4A41-B807-839B21023CA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8351F9D-23D3-48D9-94D3-BB1875D71A7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8D09748-0909-41D7-AF0E-98A0DF829A2B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{A9319D45-80C6-4DBC-9324-7484FF5D82C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA755479-752B-4799-9ADE-98284FB55229}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB4A6D17-2086-4DB0-8E71-63068969028D}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{AC0B4FA2-60E1-43A2-8FE8-7AA409E080DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACB88B41-6396-4DCD-BE93-A58154681327}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{AE3976A0-9923-4747-B41C-9CF93BB79982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE4E3828-0E1B-40CE-9AEE-2B4AEDF16952}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF547FFD-8363-42EF-84B1-92E74A38BBE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFEA6517-409A-41A1-BD0A-D9AB2B070EA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFF3DA96-5DC2-450F-932A-22D14928293E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B20898B0-A82E-40B1-8B49-7D56B702D69D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B33794BE-99BF-4A96-A9C9-6CEF581EAA9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B34D5974-AC2B-4412-8DCF-1C4CA39DDAAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4A2C8C2-AA8E-4E15-AB43-88B7A54BBE63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F4B6A1-5FDC-4EAD-8144-FEC1C00D3C97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8F348F2-A3F0-46E2-AC82-057C80D9CC41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9F2C234-AC1F-4710-B977-8B7EEC2E588A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB35EF20-C1B8-4F0C-83B2-869A4FC0A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB692082-E15D-4953-A7A6-D9F302602D2F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{BBC90554-C0A7-4D3C-857E-BA1E85476C9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC74279A-805B-4A0E-8493-35B96CFF32E2}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{BCCD581C-9136-49B3-AE2F-2A930827C799}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD9DC12C-3595-455F-A7F4-DD9E595C923F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF76E66D-4E85-41AC-ABFE-37BE3397D3AD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BFCDB868-973A-47AE-9F7D-B4678D9472EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C014EC5F-2830-4CE4-BB3E-362F89F0E9E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0EDE5E7-E9E5-4069-990F-1D94250F18AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1E2D1ED-0E0A-4D5E-96CC-D000DC9AA2F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C22A0AB0-1023-4AE7-9F8E-B62EDC979696}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38BB0A1-4BA8-4801-A86F-9E7B0713EA95}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C447F085-6412-43F4-A609-C52B6855900F}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{C5789609-2985-42BA-A4CC-8C9CB9D387EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C65324D3-2173-409F-B9B2-9EAFB9BC7C85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C688B505-13DE-4584-A115-6D8FE0F0521F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C84B7748-7FF2-4616-8ACC-4D58E1D868FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C99DE429-1681-4C96-9A21-608815D76334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9BAD5CF-5D55-46A2-B3C1-C30DAD4332B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAD1F7DB-255F-4CC9-B25A-FC5CE070ACD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CBD9DCF6-0DB8-41E3-99D4-82D6DDB476B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC1E0228-F2C7-46F3-9888-ECFD3E07CEF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD042056-2A99-4BEC-B6E3-B5784ECACCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF18AA71-E583-4A97-8257-FD90876FA02F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFA000AD-4471-4C43-89DB-C383E999FC6B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D04E7D16-BF87-4B36-9815-C7B52607B877}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2E59F70-8065-4FA8-BC77-9D8808088DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D361B41C-8285-4C1A-A564-F22CAEC8235F}" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{D4384AB6-9253-4749-B865-E3E6F5CE41D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4BF1575-501F-44D4-A0DD-021A7A0C3796}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4D69EB0-4718-4FBC-920D-13930CEA41C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4F11F0B-7627-44B7-A9F4-37A4C467D295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D51960D7-4430-4C98-9B1B-798CD3CDE756}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5871AEC-6649-4468-BE8B-FAC42D740DB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5F1B9D9-3685-48DB-AB72-D8172208FC75}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{D719AEC1-4DAF-423F-826A-869447A3FAE1}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{D7324767-CB19-4FE1-A508-9979E9D86340}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D86D77DF-16F0-422C-AF14-5D5FB8274CAB}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe |
"{D91816AC-3692-4C1B-8CA6-BD2527A58088}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D953AC39-D431-4902-ADA7-2424B163856C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA64409D-7BDD-41A8-9A7A-3E257262B0CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCA2DF3C-9C62-44AA-B6E6-BD16382D07E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCE32E5E-58D5-49B6-9D14-1950C4DA6D05}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD7406FC-D436-46D3-A370-FE701B58DABF}" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{DD9B18EF-E7D0-42AE-B328-FA653606F846}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDAACEC5-160C-43E0-AB96-F385ECA00E5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DE11A0A4-D448-4A27-9BD8-080B93A67A1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DE34EDD9-11FA-4A7B-B40F-BA7D9393CC4C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF9C28CE-5290-4FA0-A558-709837F61024}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{DFCC54CA-E166-438F-911F-37745FBF2413}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4780CEC-EBD9-46A6-A116-7092934C59E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5DC6218-E861-4F30-98E6-3D4349F13B0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E63C76CA-1B69-4F12-9B3E-7153A7D6E78D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB00DF19-B60F-4922-9180-16B8B1BE0FB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF7E42CF-2472-4939-AFC6-2E73E499D567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF8F44A1-75F0-4731-A2B8-F65D268863CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F02F7A42-F695-45DA-A647-FADEFBD44668}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0AADB0D-2C4E-4669-95AD-5A6FFAE84341}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0C612DB-2DDF-4064-97C6-6F94150231E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F417D31F-EF8D-4E0D-8DFA-0ECE3CB87DA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4CDE4ED-77F3-46ED-9457-BC70989E682F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F646C45C-53A1-412E-A271-ECBF30ED66A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7E95C23-16E6-417F-8A0A-7AC44D66CDDE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F80DBEF5-4C33-4BBA-BDC9-9DE401CA119D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{FB2889FC-0612-44DE-B800-10EFA48D3A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD40217F-34B1-4C53-B95A-D21236EF2BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDEC9A9E-0A69-413A-A6AE-AC7D3D43C02C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FE6D4125-9524-411A-A59C-A85184AAC94D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FED21B9F-C613-4738-A20B-C5782F6DB01D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF3E28AA-D4F1-49E6-AC49-3BE9A9126D6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF9DCA66-F4CE-4FB6-8007-3A29A800130C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{4CF20855-4AE1-4676-812B-77E4BF34E0BB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{52146F77-6A0A-43E3-9F5E-B3A826CFE536}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"TCP Query User{54EB5727-E238-44CC-B80F-3C731CA98943}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{65E06B44-6FF2-48C0-A6A1-11F98EA47DB8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{74D2C53C-91E2-4A1C-8DD2-13DA2297DEB3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EB38ABBE-3029-4297-A505-D8FDC190A11E}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7EF970AD-4BB1-4FD9-BF14-586025D48CF8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{94178D2D-CAEB-48F7-AC20-0DDAB2E47407}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"UDP Query User{9C2E54DE-F01F-41FD-8E7D-683663434B17}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9ED703EC-1F42-4E0B-BA00-82D2DB095998}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A65CA608-39C9-4965-AE47-17D826173196}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C0BE0C38-343B-446C-8E6D-C4F844CB79AE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series" = Canon MG4100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{41D4A454-9DF4-4299-8C30-1BBA753E83E1}" = Polar WebSync
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWL-G122_DWA-110
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7904C62-0B90-4830-AA5D-5192F88FD6EB}" = Carl Zeiss AxioVision Rel. 4.8.2
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint 2.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BIPA FotoShop" = BIPA FotoShop
"CrossLoop_is1" = CrossLoop 2.81
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"GetASFStream" = GetASFStream
"HappyFoto-Designer_is1" = HappyFoto-Designer
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"ilividtoolbargaw" = Search-Results Toolbar
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.10.1652" = Opera 12.10
"PhotoScape" = PhotoScape
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PROPLUS" = Microsoft Office Professional Plus 2007
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeamViewer 8" = TeamViewer 8
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"START2" = START2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.05.2013 13:37:09 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2013 13:54:31 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.05.2013 01:39:01 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.05.2013 09:47:14 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2013 11:00:30 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.05.2013 13:21:26 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 01:47:45 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:07:36 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:36:04 | Computer Name = Carina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: pctsSvc.exe, Version: 9.1.0.2894,
Zeitstempel: 0x509054e5 Name des fehlerhaften Moduls: rtl100.bpl, Version: 11.0.2902.10471,
Zeitstempel: 0x475fc385 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000a264 ID des fehlerhaften
Prozesses: 0xe08 Startzeit der fehlerhaften Anwendung: 0x01ce51781e68d30f Pfad der
fehlerhaften Anwendung: C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\PC Tools\PC Tools Security\rtl100.bpl
Berichtskennung:
c54c35fa-bd6c-11e2-b38d-00261812d1fc
Error - 15.05.2013 10:38:59 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 04.02.2010 03:33:56 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 08:33:49 - Fehler beim Herstellen der Internetverbindung. 08:33:49
- Serververbindung konnte nicht hergestellt werden..
Error - 04.02.2010 16:23:53 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 21:23:52 - Fehler beim Herstellen der Internetverbindung. 21:23:52
- Serververbindung konnte nicht hergestellt werden..
Error - 05.02.2010 04:59:32 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 09:59:29 - Fehler beim Herstellen der Internetverbindung. 09:59:29
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:20 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:19 - Fehler beim Herstellen der Internetverbindung. 23:27:19
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:28 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:25 - Fehler beim Herstellen der Internetverbindung. 23:27:25
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 06:08:07 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 11:08:04 - Fehler beim Herstellen der Internetverbindung. 11:08:04
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:46 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:46 - Fehler beim Herstellen der Internetverbindung. 22:34:46
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:54 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:51 - Fehler beim Herstellen der Internetverbindung. 22:34:51
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:08 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:08 - Fehler beim Herstellen der Internetverbindung. 23:50:08
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:14 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:13 - Fehler beim Herstellen der Internetverbindung. 23:50:13
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 27.02.2011 08:39:21 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.02.2011 10:29:18 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.04.2011 03:31:12 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 14:41:15 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 16:24:06 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.07.2011 07:31:42 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2820
seconds with 2640 seconds of active time. This session ended with a crash.
Error - 31.07.2011 16:59:34 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1285
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 29.12.2011 11:30:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.03.2012 08:20:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6362
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.04.2012 17:20:10 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16657
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.05.2013 11:56:30 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:56:42 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:56:49 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:02 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:57:14 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:21 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:34 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 15.05.2013 10:13:12 | Computer Name = Carina-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Datamngr Coordinator" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-15 17:36:36
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-65A7B2 rev.01.03B01 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Carina\AppData\Local\Temp\awlirpod.sys
---- System - GMER 2.1 ----
SSDT 912882A6 ZwCreateSection
SSDT 912882B0 ZwRequestWaitReplyPort
SSDT 912882AB ZwSetContextThread
SSDT 912882B5 ZwSetSecurityObject
SSDT 912882BA ZwSystemDebugControl
SSDT 91288247 ZwTerminateProcess
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FEC] ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwOpenKey [0x83041FF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FF1] ZwOpenKey [0x83041FF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 83041FF6
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 8307EA09 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B81F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 830BF314 3 Bytes [EC, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 830BF34C 4 Bytes [A6, 82, 28, 91] {CMPSB ; SUB BYTE [EAX], 0x91}
.text ntkrnlpa.exe!KeRemoveQueueEx + 137F 830BF4D4 3 Bytes [F1, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 830BF6A8 4 Bytes [B0, 82, 28, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 830BF6EC 4 Bytes [AB, 82, 28, 91] {STOSD ; SUB BYTE [EAX], 0x91}
.text ...
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0xA4206000, 0x47E35, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0xA425A224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0xA425A000, 0x4000, 0xE20000E0]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA425E300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\drivers\hardlock.sys section is writeable [0xA42A1400, 0x6E6E2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820] C:\Windows\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820]
.protectÿÿÿÿhardlockunknown last code section [0xA432B600, 0x512A, 0xE0000020] C:\Windows\system32\drivers\hardlock.sys unknown last code section [0xA432B600, 0x512A, 0xE0000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA4331300, 0x1BEE, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- EOF - GMER 2.1 ----
LG Richard |
| Themen zu searchnu.com/406?... in IE Firefox und Chrome |
| antivir, avira, bandoo, bho, bonjour, canon, converter, error, firefox, flash player, format, gmx.net, helper, home, install.exe, logfile, mozilla, mp3, newtab, plug-in, realtek, registry, rundll, scan, search results toolbar, security, senden, server, software, svchost.exe, udp, windows |
Baum-Darstellung