| |
| |||||||
Log-Analyse und Auswertung: Ihavenet.com weiterleitungenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
27.10.2013, 15:34
| #1 |
 |  Ihavenet.com weiterleitungen Hallo, jedesmal werde ich im Firefox (über Google) auf die Seite Ihavenet.com oder fastclickblabla.com weitergeleitet und lässt sich nicht ändern. Avira und Malewarebytes zeigen nichts an. Ich hoffe ihr könnt mir helfen: Hier OTL Logs: Code:
ATTFilter OTL logfile created on: 27.10.2013 15:27:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silenia\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 4,66 Gb Available Physical Memory | 77,84% Memory free 11,98 Gb Paging File | 10,53 Gb Available in Paging File | 87,92% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 820,31 Gb Total Space | 569,99 Gb Free Space | 69,48% Space Free | Partition Type: NTFS Drive F: | 111,10 Gb Total Space | 75,44 Gb Free Space | 67,90% Space Free | Partition Type: NTFS Computer Name: SILENIA-PC | User Name: Silenia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.10.27 15:26:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe PRC - [2013.10.17 08:08:29 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe PRC - [2013.09.11 03:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.08.27 22:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ========== Modules (No Company Name) ========== MOD - [2013.09.11 03:26:52 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.01.10 00:06:47 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.10.23 19:33:37 | 000,484,592 | ---- | M] (BitRaider, LLC) [Disabled | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc) SRV - [2013.10.15 15:54:02 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.10.09 14:18:57 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.10.09 03:19:14 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.09.18 09:33:07 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.08.27 22:17:43 | 014,997,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2013.08.27 22:16:03 | 002,155,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.02.08 13:31:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.09.19 11:29:44 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013.08.20 14:33:40 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013.06.16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013.01.10 00:06:47 | 000,478,208 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:64bit: - [2013.01.10 00:06:47 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MCfilt64.sys -- (MCfilt) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2013.10.03 18:12:50 | 000,075,048 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver64.sys -- (BRDriver64) DRV - [2012.09.19 10:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKLM\..\SearchScopes,DefaultScope = {1D4C7998-23E9-2D4C-628E-7707719D555D} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{1D4C7998-23E9-2D4C-628E-7707719D555D}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzutDtDtByEzz0CtByCtAyEtDtA0E0BtD0DtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QtCtDtA&cr=415689567&ir= IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 13:04:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.15 13:04:30 | 000,000,000 | ---D | M] [2013.10.27 12:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\Extensions [2013.10.27 13:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\Firefox\Profiles\fsnkgbki.default\extensions [2013.10.27 13:00:48 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Silenia\AppData\Roaming\mozilla\firefox\profiles\fsnkgbki.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.10.27 12:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.10.27 12:59:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013.10.27 14:18:32 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found. O4 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1754203417-3657258637-1496330785-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBFD6777-58EB-402A-9F0F-D08AFC716A1A}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.10.27 15:26:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe [2013.10.27 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\GHISLER [2013.10.27 14:48:37 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.10.27 14:48:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.10.27 14:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Fix 2013 [2013.10.27 14:12:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.10.27 13:19:46 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\NPE [2013.10.27 13:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013.10.27 13:00:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2013.10.27 12:59:30 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Mozilla [2013.10.27 12:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.10.27 12:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.10.27 12:48:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\BonanzaDealsLive [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\BonanzaDealsLive [2013.10.27 12:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDealsLive [2013.10.27 12:48:03 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Systweak [2013.10.27 12:48:01 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2013.10.27 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\mysearchdial [2013.10.27 12:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BonanzaDeals [2013.10.27 12:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013.10.27 12:06:29 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\ElevatedDiagnostics [2013.10.23 20:04:48 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\Diagnostics [2013.10.23 18:26:35 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.10.23 18:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.10.23 18:17:01 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Anvisoft [2013.10.23 18:09:55 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Local\Anvisoft [2013.10.23 18:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft [2013.10.23 12:47:30 | 000,000,000 | ---D | C] -- C:\Users\Silenia\AppData\Roaming\Malwarebytes [2013.10.22 18:01:28 | 030,344,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.10.22 18:01:28 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.10.22 18:01:28 | 022,933,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.10.22 18:01:28 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.10.22 18:01:28 | 011,415,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.10.22 18:01:28 | 011,362,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.10.22 18:01:28 | 009,516,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.10.22 18:01:28 | 009,472,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.10.22 18:01:28 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.10.22 18:01:28 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.10.22 18:01:28 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.10.22 18:01:28 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.10.22 18:01:28 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll [2013.10.22 18:01:28 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll [2013.10.22 18:01:28 | 001,241,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.10.22 18:01:28 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.10.22 18:01:28 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.10.22 18:01:28 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.10.22 18:01:28 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.10.22 18:01:28 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.10.22 18:01:28 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.10.22 18:01:28 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.10.22 18:01:28 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.10.15 15:54:06 | 000,589,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.10.13 21:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet [2013.10.13 21:02:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon's Prophet [2013.10.11 14:55:05 | 000,000,000 | ---D | C] -- C:\CrashReport [2013.10.10 22:32:27 | 000,000,000 | ---D | C] -- C:\Users\Silenia\Documents\dragoon [2013.10.10 20:52:05 | 000,000,000 | ---D | C] -- C:\Users\Silenia\Desktop\Dragon,prophet [2013.10.10 20:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks [2013.10.09 21:14:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.10.09 21:14:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.10.09 21:14:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.10.09 21:14:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.10.09 21:14:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.10.09 21:14:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.10.09 21:14:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.10.09 21:14:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.10.09 21:14:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.10.09 21:14:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.10.09 21:14:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.10.09 21:14:08 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.10.09 21:14:08 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.10.09 21:14:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.10.09 21:14:07 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.10.09 09:46:17 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2013.10.09 09:46:15 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.10.09 09:46:15 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.10.09 09:46:15 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.10.09 09:46:15 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013.10.09 09:46:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.10.09 09:46:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2013.10.09 09:46:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.10.09 09:46:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2013.10.09 09:46:14 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013.10.09 09:46:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013.10.09 09:46:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2013.10.09 09:46:13 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys [2013.10.09 09:46:05 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2013.10.09 09:46:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2013.10.09 09:46:04 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013.10.09 09:46:04 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.10.27 15:26:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silenia\Desktop\OTL.exe [2013.10.27 15:24:52 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.10.27 15:24:44 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\ugrpfptvte.job [2013.10.27 15:24:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.10.27 15:14:25 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.10.27 15:14:25 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.10.27 15:14:25 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.10.27 15:14:25 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.10.27 15:14:25 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.10.27 14:59:49 | 000,000,632 | ---- | M] () -- C:\Users\Silenia\Desktop\Total Commander.lnk [2013.10.27 14:45:29 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.10.27 14:45:29 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.10.27 14:18:32 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.10.27 14:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.10.27 14:13:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.10.27 13:29:20 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.10.27 12:59:19 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.10.27 12:47:58 | 000,351,112 | ---- | M] () -- C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx [2013.10.23 12:40:24 | 000,208,384 | RHS- | M] () -- C:\Windows\SysWow64\proquotah.dll [2013.10.16 01:48:05 | 030,344,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.10.16 01:48:05 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.10.16 01:48:05 | 022,933,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.10.16 01:48:05 | 018,290,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013.10.16 01:48:05 | 018,243,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013.10.16 01:48:05 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.10.16 01:48:05 | 015,858,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013.10.16 01:48:05 | 015,244,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013.10.16 01:48:05 | 011,415,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.10.16 01:48:05 | 011,362,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.10.16 01:48:05 | 009,516,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.10.16 01:48:05 | 009,472,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.10.16 01:48:05 | 003,131,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.10.16 01:48:05 | 003,124,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.10.16 01:48:05 | 003,067,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013.10.16 01:48:05 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.10.16 01:48:05 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.10.16 01:48:05 | 002,694,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013.10.16 01:48:05 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll [2013.10.16 01:48:05 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll [2013.10.16 01:48:05 | 001,435,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013.10.16 01:48:05 | 001,241,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013.10.16 01:48:05 | 000,696,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013.10.16 01:48:05 | 000,655,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013.10.16 01:48:05 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013.10.16 01:48:05 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013.10.16 01:48:05 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013.10.16 01:48:05 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013.10.16 01:48:05 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013.10.16 01:48:05 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013.10.16 01:48:05 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.10.16 01:48:05 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.10.16 01:48:05 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013.10.15 22:47:39 | 006,665,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013.10.15 22:47:39 | 003,489,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013.10.15 22:47:36 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013.10.15 22:47:36 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013.10.15 22:47:36 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013.10.15 15:54:06 | 000,589,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe [2013.10.13 21:10:37 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Dragon's Prophet.lnk [2013.10.10 10:16:12 | 002,343,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.10.09 21:13:42 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.10.09 14:18:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.10.09 14:18:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.10.08 20:14:15 | 003,398,914 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.10.27 14:59:49 | 000,000,632 | ---- | C] () -- C:\Users\Silenia\Desktop\Total Commander.lnk [2013.10.27 13:29:20 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.10.27 12:59:19 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.10.27 12:59:19 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.10.27 12:47:59 | 000,351,112 | ---- | C] () -- C:\Users\Silenia\AppData\Local\mysearchdial-speeddial.crx [2013.10.23 12:40:24 | 000,208,384 | RHS- | C] () -- C:\Windows\SysWow64\proquotah.dll [2013.10.23 12:40:24 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\ugrpfptvte.job [2013.10.13 21:10:37 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Dragon's Prophet.lnk [2013.10.12 16:51:53 | 000,675,988 | ---- | C] () -- C:\Users\Silenia\Desktop\Minecraft.exe [2013.10.09 09:46:14 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.09.14 13:53:49 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.08.25 20:14:21 | 000,039,874 | ---- | C] () -- C:\Windows\DIIUnin.dat [2013.06.28 16:47:19 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll [2013.01.10 17:24:51 | 000,007,611 | ---- | C] () -- C:\Users\Silenia\AppData\Local\Resmon.ResmonCfg [2013.01.10 00:06:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013.01.09 23:31:56 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.01.09 23:31:56 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.10.13 14:05:11 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\.minecraft [2013.10.23 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Anvisoft [2013.04.26 18:49:17 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\ftblauncher [2013.05.09 18:17:02 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\GetRightToGo [2013.10.27 15:25:36 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\GHISLER [2013.10.27 12:48:02 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\mysearchdial [2013.09.05 22:26:59 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Origin [2013.06.15 12:13:44 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\RIFT [2013.10.27 12:57:35 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Samsung [2013.10.27 12:54:48 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Systweak [2013.04.26 19:47:20 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TERA [2013.01.10 00:19:08 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\Thunderbird [2013.10.27 14:25:23 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TS3Client [2013.01.17 00:37:41 | 000,000,000 | ---D | M] -- C:\Users\Silenia\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.10.2013 15:27:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silenia\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 4,66 Gb Available Physical Memory | 77,84% Memory free
11,98 Gb Paging File | 10,53 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 820,31 Gb Total Space | 569,99 Gb Free Space | 69,48% Space Free | Partition Type: NTFS
Drive F: | 111,10 Gb Total Space | 75,44 Gb Free Space | 67,90% Space Free | Partition Type: NTFS
Computer Name: SILENIA-PC | User Name: Silenia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1754203417-3657258637-1496330785-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C0E382-9FEA-4C33-830A-E2471DAC6597}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{07E0AC19-2715-4247-B62B-2B4037C0683E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{07FAD35C-7436-443D-BD25-5A4821657A62}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{08795592-E215-4102-A7F1-744EFFFC5602}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{108C5904-BA14-4B4B-848E-19BE5260DA79}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16890A8C-DC50-41AB-9C4F-AFB688931868}" = lport=138 | protocol=17 | dir=in | app=system |
"{193F3429-B302-420C-8751-025BCE3DA767}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DE7BF52-1EB0-4C3B-97A2-0CBA0363C71F}" = rport=138 | protocol=17 | dir=out | app=system |
"{24A34666-2B79-4F7C-AF58-8AE89F506928}" = lport=2869 | protocol=6 | dir=in | app=system |
"{463F9728-E1A7-4014-8F8D-13FC3F082B93}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53E611FD-2138-4492-BD8D-C494840FD080}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{555BD095-B187-4853-869D-F1193B22C51A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{59D5764F-B939-4451-967F-4FA4A6784505}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5CE02984-27DD-4CD7-93EC-815B596DB2A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{659B487D-66B2-432F-9E8A-59D59239C1C6}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AEA62A9-38A2-46CC-9A0F-5DD5DBD8FF55}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83AF6823-5F3B-48D5-B49B-DA2565085932}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88B628EC-4020-4308-A6A6-5503D47B41DB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8953B8D7-E9F6-4D27-A51D-D8D90A50FFDE}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{8AAEE3DE-184B-48E4-BE58-254F367D4801}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8DC38D75-D593-45FC-80FE-559EACE141CD}" = rport=137 | protocol=17 | dir=out | app=system |
"{9098A4D4-2DE7-4270-A503-52CF37823FAD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{95AD3E99-0D7C-40FD-9B7D-D6E3F60D9D39}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ADA85D6-D822-4188-88DA-BD930571B173}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A96F9750-2ECE-4CCE-93E9-1895FC396FF0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AE6D561C-6EE3-4026-BE23-62B9FBA23F24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8DB5C06-5894-4195-87E2-5B5CFE7E7E85}" = lport=445 | protocol=6 | dir=in | app=system |
"{C12EB78C-6670-49F3-A4E4-7E35B1C7AE77}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C288BE73-C6F0-4E43-9BE9-ADA6333E6C81}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C81BE1F8-AEB3-43A8-AD36-70D0D4008603}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C8EAE21F-64E3-4D9D-92DE-EE9B634B5039}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C99E3AA4-5DCC-417B-9FC7-6720FB40CD12}" = rport=445 | protocol=6 | dir=out | app=system |
"{CB27A5AC-98A2-4604-AE93-D83669641BCA}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{CECFB405-ADBA-4B8D-96BF-6A4320D3ED8C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC723150-06B4-40C7-B4A6-75723D43B280}" = lport=137 | protocol=17 | dir=in | app=system |
"{E518DE6F-ACE9-4BAA-9966-2D06BA0BABB9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E595ACFC-D70D-4C94-9B7C-2ABA9FA6D46C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F29273A0-FD6F-4600-AFA3-1A7EF214C35D}" = lport=139 | protocol=6 | dir=in | app=system |
"{FD69FE19-F774-43A3-95C9-24C5C85FE05F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ECAC529-B006-4E97-B01F-22925D13FD4D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22AFD0BB-0868-4788-83C2-286E35E7AA6A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{29152DAD-957C-4CD0-BAB9-FA771A935050}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D7CB14C-1E1E-47AE-B303-25BF39381A94}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3054AF1F-53EC-47BE-A759-EC1FF5D047EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30619D5E-31E0-478A-BD3D-6CFBE7908285}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{3147B0D5-3069-408C-9C0A-6157C8BCF04B}" = dir=out | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{34F0867E-E94E-476E-A5B9-FD5045007785}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3522EFAD-DC5E-4A1C-900F-DD8C094901C6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{39C259B1-9858-4D36-8DC3-1D32CA732EB9}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4894DBA6-4D06-4EDD-8596-2F18ACC03B07}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{489BD8BF-DC5E-45F7-9F82-1DE9920DD51F}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{50F52B39-3E1F-4433-BE2B-E442B371A0EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5619B1E9-AD53-4ED9-881E-7E105B2BA562}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{5994A883-99E8-4058-8841-CF532F57DA70}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{5FDB7C20-1D99-4128-AF65-CB58D66B9A7E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6091777A-EB34-4345-8E5D-C859FE5B9890}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{60B8CF3E-DC05-4328-A694-D24A7730BC3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6928A12D-1433-4F60-ABF9-53FDAEAEED22}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{6E5BF00C-4D1F-4B8D-8BAB-F4E4D384092A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{745342C5-7680-44FB-8F45-0A0789458F51}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7567578A-2081-41E9-9506-B37E341D47B8}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{762359EF-A18B-4831-AA25-9ACB9C71DE45}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{7B4A510D-4191-4A7A-8BC6-10B1513499C8}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{7C181101-5BC0-4FE0-8936-296922DDDDBA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7DB3C7D2-3C35-40B7-BBC3-FB0C3CF1046E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{822DF890-091D-4D1A-9B30-47F3033FCAC5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{83999BEB-68F3-4474-98EE-1AB762E48789}" = protocol=6 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\sacred2.exe |
"{88A86E8F-C078-45ED-834B-8379F9C38235}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"{8AC56702-C98C-453F-B139-FEB0C9632067}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing.exe |
"{8BE3006B-8732-49A0-8088-64A1820E0703}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{8BE30CC3-3E6F-49C7-9DB0-E821E37CD828}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{9228AF95-665F-4E8A-9438-8B3B6C453667}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{9A1144E1-1FC7-45DA-B68C-E096A305E251}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A13FB861-14F3-436D-8B97-7952B9B8FD87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2C6FB99-2C7F-4C09-BB32-E723C1CF6A1E}" = protocol=6 | dir=out | app=system |
"{A4D9638F-475F-49F2-BDD5-909B64F7C078}" = protocol=17 | dir=in | app=c:\program files (x86)\ascaron entertainment\sacred 2 - fallen angel\system\s2gs.exe |
"{AB4C2B71-ABFD-4800-A438-0C9A187E78FC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B28CF4A3-11F5-4577-94E1-88B9A38DDDB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B55A8570-F6BA-4909-895D-982CFFAAE18A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B5E56D2F-2191-4112-B419-41EF2EFBDC36}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BB932E14-3D8F-427A-88CD-7E52FBB3C159}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{C5307741-151A-412D-8BFF-EE678C59A526}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C74AAE2F-F943-49D0-BA3A-C8FF9AD1EFA0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C7CB48B2-567B-4008-9D50-3CDC86DD0BEB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CC4A92CD-FECC-4AC4-B1D4-871FF3F118DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD3BBAD7-735B-47BD-BA07-D9138C11C2D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D16568F5-E67F-4C81-BCA8-44707CC4DBF9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D637E70E-721B-4426-8E7B-EBFD2DD04C20}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{D8C329B3-050E-4D98-B6DE-465D1D5EC654}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing.exe |
"{D9473716-C0C6-452F-BF0E-F16BF8F18BEB}" = dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{D9717880-BC39-4985-BD17-71E24F58325B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F405A91C-938B-4E0F-B2DB-E2759D15E538}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FF770E77-FB92-4774-AAE0-7BBEB5B4D937}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"TCP Query User{33F6036C-CB74-43E9-8860-BC571EB3FA81}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe |
"TCP Query User{36081A30-7FDC-47FE-8604-F4DD010C259A}C:\program files (x86)\dragon's prophet\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"TCP Query User{45916E02-E494-4E6C-8DC3-1739308B274E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{46DE5ACC-9D12-4715-A942-8BD5318B0042}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"TCP Query User{7CDD4FA2-E8F5-4361-A50B-70FE70C6CFB7}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{7F4E99DD-F770-4474-9292-4227F4059E72}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\titan quest immortal throne\tqit.exe |
"TCP Query User{A43EEC2D-5F9B-420F-ABD3-91841C31B58C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E585BA35-E317-4135-B50E-72821B7D8707}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{05BBDCDC-6A05-4490-8F84-69F754916AFA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{2AEC6A6D-1ABB-437F-9394-082DA176E8AB}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{502A271A-1E5C-43C5-BD62-41F4941B4250}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe |
"UDP Query User{8344BE64-ED60-407B-85CD-01605F758EB8}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{C38D0482-9BEB-4445-A4E8-F2E80F2AE10B}C:\program files (x86)\dragon's prophet\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"UDP Query User{E3A9B75A-B379-4717-9803-41B872F63879}C:\program files (x86)\thq\titan quest immortal throne\tqit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\titan quest immortal throne\tqit.exe |
"UDP Query User{EC774901-667F-4623-8BE9-1A78CA33127D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{F6FE9F9C-78F4-4BE5-B14B-5F8CC16325E4}C:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the incredible adventures of van helsing\vanhelsing_x64.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = Die Sims™ 3 Jahreszeiten
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1" = Game Dev Tycoon Version 1.3.9
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = Die Sims™ 3 Supernatural
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C31556D7-F2B9-4787-B223-F7A035067E89}_is1" = Dragon's Prophet
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = Die Sims™ 3 Inselparadies
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EDEE71DB-99FD-4672-8E6A-B314865D0D4C}" = roomeon 3D-Planer
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"BitRaider Web Client" = BitRaider Web Client
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"Mozilla Firefox 24.0 (x86 de)" = Mozilla Firefox 24.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Steam App 215530" = The Incredible Adventures of Van Helsing
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 9900" = Star Trek Online
"swtor_swtor" = Star Wars The Old Republic
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR Archivierer
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2013 16:14:33 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:14:44 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:14:44 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:14:57 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:14:57 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 09.10.2013 16:15:10 | Computer Name = Silenia-PC | Source = VSS | ID = 13
Description =
Error - 09.10.2013 16:15:10 | Computer Name = Silenia-PC | Source = VSS | ID = 12292
Description =
Error - 10.10.2013 17:44:38 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 10.0.9200.16720 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1128 Startzeit: 01cec601cba42749 Endzeit: 0 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Berichts-ID:
Error - 11.10.2013 04:32:15 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm dp_x64.exe, Version 1.0.0.42 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: dbc Startzeit:
01cec6561d9adda1 Endzeit: 27 Anwendungspfad: C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
Berichts-ID:
88f938e7-324f-11e3-bf82-00248c263403
Error - 11.10.2013 09:25:57 | Computer Name = Silenia-PC | Source = Application Hang | ID = 1002
Description = Programm dp_x64.exe, Version 1.0.0.42 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c54 Startzeit:
01cec684f6b835f9 Endzeit: 29 Anwendungspfad: C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe
Berichts-ID:
a7db15b1-3278-11e3-bf82-00248c263403
[ System Events ]
Error - 24.10.2013 10:40:22 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Spybot-S&D 2 Scanner Service erreicht.
Error - 24.10.2013 10:40:22 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.10.2013 10:55:55 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 10:55:55 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:26:24 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:26:30 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:26:45 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:29:41 | Computer Name = Silenia-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 24.10.2013 11:29:49 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 24.10.2013 11:29:57 | Computer Name = Silenia-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
Geändert von Niduin (27.10.2013 um 15:51 Uhr) |
| Themen zu Ihavenet.com weiterleitungen |
| .com, adobe flash player, adobe reader xi, battle.net, bho, browser, clean, flash player, helper, install.exe, microsoft, mozilla, nodrives, plug-in, programme, pup.optional.funmoods.a, pup.optional.mysearchdial.a, safer networking, senden, spyhunter, spyhunter entfernen, super, winlogon |
Baum-Darstellung