TR/ATRAPS.Gen und TR/PSW.Kykymber.ceig in SysWOW64
Avira spuckt mir folgende Funde aus:
Typ: Datei
Quelle: C:\Windows\SysWOW64\d3dybse3i.dll
Status: Infiziert
Quarantäne-Objekt: 4a3d8f14.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.10.42
Virendefinitionsdatei: 7.11.27.144
Meldung: TR/ATRAPS.Gen
Datum/Uhrzeit: 13.04.2012, 15:50
Typ: Datei
Quelle: C:\Windows\SysWOW64\nsp4gkpf.dll
Status: Infiziert
Quarantäne-Objekt: 55b81a4c.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.10.80
Virendefinitionsdatei: 7.11.32.116
Meldung: TR/PSW.Kykymber.ceig
Datum/Uhrzeit: 11.06.2012, 11:29
Den ersten habe ich damals leider ignoriert.
Probleme sind noch keine aufgetreten, fühle mich aber langsam nicht mehr sicher wegen Onlinebanking, Paypal etc. Nutze AVIRA, Ad-Aware und gelegentlich MBAM. Zudem Mozilla mit Noscript und den Windows Defender.
MBAM sagt folgendes: Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.06.11.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bernhard :: BERNHARD-PC [Administrator]
11.06.2012 11:48:13
mbam-log-2012-06-11 (11-48-13).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 482349
Laufzeit: 1 Stunde(n), 18 Minute(n), 2 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Users\Bernhard\Downloads\SoftonicDownloader_fuer_speedupmypc.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
OTL das: Code:
OTL logfile created on: 11.06.2012 13:48:37 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Bernhard\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 42,14% Memory free
9,99 Gb Paging File | 7,59 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): C:\pagefile.sys 6139 6139 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,45 Gb Total Space | 31,08 Gb Free Space | 26,69% Space Free | Partition Type: NTFS
Drive D: | 329,78 Gb Total Space | 153,38 Gb Free Space | 46,51% Space Free | Partition Type: NTFS
Computer Name: BERNHARD-PC | User Name: Bernhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.11 13:39:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bernhard\Desktop\OTL.exe
PRC - [2012.06.06 10:57:26 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.05.25 19:14:40 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012.05.25 19:14:39 | 002,152,720 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012.05.08 18:36:45 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:36:44 | 000,391,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe
PRC - [2012.05.08 18:36:44 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 18:36:44 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.16 14:27:24 | 000,025,464 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
PRC - [2012.04.09 16:15:44 | 000,968,328 | ---- | M] (e-academy Inc.) -- C:\Users\Bernhard\AppData\Local\e-academy Inc\SecureDownloadManager\SecureDownloadManager.exe
PRC - [2012.04.04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.27 16:21:08 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.09.26 22:04:35 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2011.01.24 02:47:44 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2011.01.24 02:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010.11.20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.08.31 21:13:29 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010.02.05 19:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.02.04 23:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.01.05 22:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.06 10:57:26 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.05.17 10:52:51 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011.09.26 22:04:35 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011.01.24 02:47:44 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
MOD - [2011.01.24 02:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010.04.05 12:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL
MOD - [2010.04.05 12:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
MOD - [2010.04.05 12:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL
MOD - [2010.04.05 12:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL
MOD - [2010.04.05 12:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL
MOD - [2010.04.01 19:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll
MOD - [2010.04.01 19:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.06.23 13:11:04 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll
MOD - [2009.06.23 13:10:29 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
MOD - [2009.06.23 13:09:11 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll
MOD - [2009.05.27 14:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
MOD - [2009.04.28 09:56:29 | 000,024,064 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll
MOD - [2009.04.07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
MOD - [2009.03.10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009.03.02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
MOD - [2009.02.20 10:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.06.02 16:59:51 | 000,354,304 | ---- | M] (Parental Solutions Inc.) [Auto | Running] -- C:\Windows\SysNative\poua7stgo.dll -- (Dnscache)
SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.04.14 22:08:30 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device)
SRV:64bit: - [2010.04.14 22:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV:64bit: - [2009.12.08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.05.04 16:47:36 | 000,809,984 | ---- | M] (OptionNV) [Disabled | Stopped] -- C:\Program Files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe -- (GtDetectSc)
SRV:64bit: - [2007.08.03 13:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2012.06.06 10:57:26 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.25 19:14:39 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012.05.17 10:52:51 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.08 18:36:45 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 18:36:44 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.03.25 23:31:21 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.12 17:07:51 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.09.29 15:08:58 | 000,200,624 | ---- | M] (Telefónica I+D) [Disabled | Stopped] -- C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2010.04.14 22:08:23 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2010.04.14 22:08:12 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeccoms.exe -- (lxec_device)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.04 15:45:06 | 000,111,904 | ---- | M] (Novatel Wireless Inc.) [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe -- (NWHelper)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.11 09:05:08 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.05.08 18:36:46 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 18:36:46 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.12.23 08:12:12 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011.11.05 16:46:43 | 000,117,888 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV:64bit: - [2011.10.27 03:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011.10.27 03:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011.10.27 03:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011.10.27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.10.27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.10.27 03:25:42 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011.10.27 03:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.10.27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011.09.16 17:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.09 08:49:52 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.08.31 12:09:00 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.08.07 11:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.07.27 03:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010.06.19 16:49:14 | 000,012,800 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010.04.19 21:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2010.04.13 12:15:03 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.03.04 11:53:01 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.09 12:19:13 | 001,586,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.02.08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009.12.22 11:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.11.10 16:56:24 | 000,256,000 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2009.10.07 09:13:33 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 09:13:33 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.23 17:48:59 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:15:57 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.05.05 04:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.02.03 18:00:04 | 000,012,800 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2008.12.08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.11.16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.08.03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2012.01.14 22:45:05 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14597
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_deDE459
IE - HKCU\..\SearchScopes\{8A1156F9-A62C-4069-8BBB-432ADD4BC21C}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=2c8ec2c8-d2f1-4de8-bf5b-a0d292ec2703&apn_sauid=9D2FE97D-246E-4C1D-BC91-3CD45A996AFF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: trackmenot@mrl.nyu.edu:0.6.728
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}:0.9.4
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153
FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.1.10
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.10 17:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.06 10:57:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.11 09:20:12 | 000,000,000 | ---D | M]
[2010.11.23 01:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Extensions
[2012.03.19 11:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions
[2012.01.01 18:54:40 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011.08.20 10:23:34 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.21 22:56:19 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010.11.24 18:21:44 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\illimitux@illimitux.net
[2011.07.31 14:01:52 | 000,000,000 | ---D | M] (TrackMeNot) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\trackmenot@mrl.nyu.edu
[2012.02.18 07:57:00 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\53xlmtrd.default\extensions\zotero@chnm.gmu.edu
[2012.06.06 10:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\5oll6geo.Standard-Benutzer\extensions
[2012.05.20 19:04:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\5oll6geo.Standard-Benutzer\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.17 01:34:27 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\5oll6geo.Standard-Benutzer\extensions\ich@maltegoetz.de
[2012.05.05 17:58:03 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Bernhard\AppData\Roaming\mozilla\Firefox\Profiles\5oll6geo.Standard-Benutzer\extensions\zotero@chnm.gmu.edu
[2011.09.10 01:19:30 | 000,002,394 | ---- | M] () -- C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\53xlmtrd.default\searchplugins\askcom.xml
[2012.01.14 01:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.09.22 20:53:07 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.10 17:41:28 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.02.24 14:03:51 | 000,081,156 | ---- | M] () (No name found) -- C:\USERS\BERNHARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\53XLMTRD.DEFAULT\EXTENSIONS\{6D96BB5E-1175-4EBF-8AB5-5F56F1C79F65}.XPI
[2012.03.19 11:32:11 | 000,521,058 | ---- | M] () (No name found) -- C:\USERS\BERNHARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\53XLMTRD.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011.12.08 09:02:06 | 000,061,705 | ---- | M] () (No name found) -- C:\USERS\BERNHARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\53XLMTRD.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI
[2011.12.09 12:10:52 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\BERNHARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\53XLMTRD.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012.06.06 10:57:27 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.20 21:57:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.20 21:57:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.20 21:57:56 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.20 21:57:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.20 21:57:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.20 21:57:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\system32\d3dybse3i.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: imdb.com ([secure] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89287100-6AAE-406B-A4D7-5C0DB236B402}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C80D883-BC3A-4E2A-9DD4-FFC52A9BB3FF}: DhcpNameServer = 10.74.83.22 193.254.160.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{23ee7e75-07bc-11e1-be48-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{23ee7e75-07bc-11e1-be48-485b3998c3f1}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{23ee7ecc-07bc-11e1-be48-c17cf2eba36b}\Shell - "" = AutoRun
O33 - MountPoints2\{23ee7ecc-07bc-11e1-be48-c17cf2eba36b}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{23ee7ef9-07bc-11e1-be48-c17cf2eba36b}\Shell - "" = AutoRun
O33 - MountPoints2\{23ee7ef9-07bc-11e1-be48-c17cf2eba36b}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{2658433d-ac83-11e0-b7c2-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{2658433d-ac83-11e0-b7c2-485b3998c3f1}\Shell\AutoRun\command - "" = G:\OriginInstaller.exe
O33 - MountPoints2\{275ecf27-c66b-11e0-9eee-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{275ecf27-c66b-11e0-9eee-485b3998c3f1}\Shell\AutoRun\command - "" = I:\BALDUR.EXE
O33 - MountPoints2\{3165ec13-090f-11e1-a6b5-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{3165ec13-090f-11e1-a6b5-485b3998c3f1}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{71c62b7c-4dc8-11e1-9c2f-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{71c62b7c-4dc8-11e1-9c2f-485b3998c3f1}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{8ce174fe-087f-11e1-92b6-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{8ce174fe-087f-11e1-92b6-485b3998c3f1}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{8ce175ac-087f-11e1-92b6-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{8ce175ac-087f-11e1-92b6-485b3998c3f1}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{8ce175b7-087f-11e1-92b6-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{8ce175b7-087f-11e1-92b6-485b3998c3f1}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{963db2a9-bf4d-11e0-bb48-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{963db2a9-bf4d-11e0-bb48-485b3998c3f1}\Shell\AutoRun\command - "" = F:\baldur.exe
O33 - MountPoints2\{ac7ffc79-0889-11e1-9c3d-485b3998c3f1}\Shell - "" = AutoRun
O33 - MountPoints2\{ac7ffc79-0889-11e1-9c3d-485b3998c3f1}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.11 13:39:15 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Bernhard\Desktop\OTL.exe
[2012.06.11 13:34:23 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Desktop\Music
[2012.06.11 13:16:56 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Bernhard\Desktop\HiJackThis204.exe
[2012.06.11 12:56:02 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Downloads
[2012.06.11 12:54:17 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\e-academy Inc
[2012.06.11 12:54:17 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Local\e-academy Inc
[2012.06.04 20:47:43 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012.06.02 16:59:51 | 000,354,304 | ---- | C] (Parental Solutions Inc.) -- C:\Windows\SysNative\poua7stgo.dll
[2012.05.30 08:29:18 | 000,071,680 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.05.30 08:29:14 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2012.05.21 14:46:31 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\Mp3tag
[2012.05.21 14:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2012.05.21 14:46:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2012.05.21 14:41:05 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\Hulubulu
[2012.05.21 14:37:12 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.05.20 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Documents\Any Video Converter
[2012.05.20 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\AppData\Roaming\AnvSoft
[2012.05.20 19:17:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012.05.20 19:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2012.05.20 19:04:34 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.05.20 16:03:51 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll
[2012.05.14 20:17:28 | 000,000,000 | ---D | C] -- C:\Users\Bernhard\Documents\Diablo III
[2012.05.14 19:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.05.14 19:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012.05.14 19:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.05.14 19:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012.05.14 13:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.11 13:39:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bernhard\Desktop\OTL.exe
[2012.06.11 13:38:44 | 000,000,168 | ---- | M] () -- C:\Users\Bernhard\defogger_reenable
[2012.06.11 13:38:28 | 000,050,477 | ---- | M] () -- C:\Users\Bernhard\Desktop\Defogger.exe
[2012.06.11 13:17:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Bernhard\Desktop\HiJackThis204.exe
[2012.06.11 12:56:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.11 12:54:17 | 000,003,161 | ---- | M] () -- C:\Users\Bernhard\Desktop\Secure Download Manager.lnk
[2012.06.11 12:52:12 | 000,718,336 | ---- | M] () -- C:\Users\Bernhard\Desktop\SDM_DE.msi
[2012.06.11 12:43:16 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.11 12:43:16 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.11 01:31:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2012.06.11 01:30:06 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.06.11 01:29:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.11 01:29:27 | 3219,513,344 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.10 15:02:26 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012.06.09 12:53:54 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012.06.09 12:53:54 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012.06.07 22:51:30 | 000,015,637 | ---- | M] () -- C:\Users\Bernhard\.recently-used.xbel
[2012.06.04 20:47:43 | 000,000,516 | ---- | M] () -- C:\Users\Bernhard\Desktop\Fraps.lnk
[2012.06.02 16:59:51 | 000,354,304 | ---- | M] (Parental Solutions Inc.) -- C:\Windows\SysNative\poua7stgo.dll
[2012.05.30 08:29:18 | 000,071,680 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.05.30 08:29:14 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2012.05.26 13:56:29 | 000,007,607 | ---- | M] () -- C:\Users\Bernhard\AppData\Local\Resmon.ResmonCfg
[2012.05.21 14:46:09 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.05.20 19:17:41 | 000,001,238 | ---- | M] () -- C:\Users\Bernhard\Desktop\Any Video Converter.lnk
[2012.05.17 20:06:15 | 000,001,493 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.05.14 23:12:43 | 000,612,043 | ---- | M] () -- C:\Users\Bernhard\Documents\14-05-2012 23;12;43.PDF
[2012.05.14 19:47:13 | 000,001,209 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.05.14 16:36:43 | 000,609,361 | ---- | M] () -- C:\Users\Bernhard\Documents\14-05-2012 16;36;43.PDF
[2012.05.14 12:27:40 | 001,507,342 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.14 12:27:40 | 000,657,910 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.14 12:27:40 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.14 12:27:40 | 000,131,250 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.14 12:27:40 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.12 15:18:49 | 000,412,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.11 13:38:44 | 000,000,168 | ---- | C] () -- C:\Users\Bernhard\defogger_reenable
[2012.06.11 13:37:59 | 000,050,477 | ---- | C] () -- C:\Users\Bernhard\Desktop\Defogger.exe
[2012.06.11 12:54:17 | 000,003,161 | ---- | C] () -- C:\Users\Bernhard\Desktop\Secure Download Manager.lnk
[2012.06.11 12:51:53 | 000,718,336 | ---- | C] () -- C:\Users\Bernhard\Desktop\SDM_DE.msi
[2012.06.11 01:30:06 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.06.07 22:51:30 | 000,015,637 | ---- | C] () -- C:\Users\Bernhard\.recently-used.xbel
[2012.06.04 20:47:43 | 000,000,516 | ---- | C] () -- C:\Users\Bernhard\Desktop\Fraps.lnk
[2012.05.26 13:56:29 | 000,007,607 | ---- | C] () -- C:\Users\Bernhard\AppData\Local\Resmon.ResmonCfg
[2012.05.21 14:46:09 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2012.05.20 19:17:41 | 000,001,238 | ---- | C] () -- C:\Users\Bernhard\Desktop\Any Video Converter.lnk
[2012.05.17 10:52:55 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.14 23:12:43 | 000,612,043 | ---- | C] () -- C:\Users\Bernhard\Documents\14-05-2012 23;12;43.PDF
[2012.05.14 19:19:24 | 000,001,209 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.05.14 16:36:43 | 000,609,361 | ---- | C] () -- C:\Users\Bernhard\Documents\14-05-2012 16;36;43.PDF
[2012.05.09 14:29:30 | 000,001,867 | ---- | C] () -- C:\Windows\lightworks.ini
[2012.04.06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.12.04 22:56:45 | 000,005,632 | ---- | C] () -- C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 17:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.11.29 17:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.11.29 17:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.11.29 17:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.11.21 22:50:03 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll
[2011.11.21 22:50:02 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011.11.21 22:50:02 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011.11.21 22:50:02 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011.11.21 22:50:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011.11.21 22:50:01 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011.11.21 22:50:01 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011.11.21 22:50:01 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011.11.21 22:50:01 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011.11.21 22:50:01 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011.11.21 22:50:01 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011.11.21 22:50:01 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011.11.21 22:50:00 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011.11.21 22:50:00 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011.11.21 22:50:00 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011.11.21 22:49:59 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011.11.21 22:49:59 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011.11.21 22:49:59 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011.11.21 22:49:59 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011.11.21 22:49:59 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011.11.21 22:49:59 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[2011.11.21 22:48:49 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011.11.21 22:48:49 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011.11.17 19:39:46 | 000,000,600 | ---- | C] () -- C:\Users\Bernhard\AppData\Local\PUTTY.RND
[2011.11.07 12:40:03 | 000,000,421 | ---- | C] () -- C:\Users\Bernhard\AppData\Roaming\sqlite3Explorer.xml
[2011.11.06 18:11:11 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.24 13:13:21 | 000,000,000 | ---- | C] () -- C:\Windows\Net4Switch.INI
[2011.08.15 22:52:50 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011.07.11 18:45:08 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll
[2011.04.21 12:33:31 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.04.21 12:33:31 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010.08.31 21:12:48 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.08.31 21:04:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.31 20:45:52 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== LOP Check ==========
[2012.05.20 19:18:00 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\AnvSoft
[2011.12.04 22:07:07 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\avidemux
[2012.05.11 09:07:22 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\DAEMON Tools Lite
[2011.07.15 01:51:02 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Dropbox
[2012.05.20 19:04:49 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\DVDVideoSoft
[2011.11.30 22:43:40 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.11 12:54:17 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\e-academy Inc
[2011.10.24 23:45:36 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Epson
[2012.01.21 16:32:24 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\FileZilla
[2010.11.29 23:13:07 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\FVZilla
[2012.06.07 22:51:30 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\gtk-2.0
[2012.05.21 14:41:05 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Hulubulu
[2010.12.07 20:04:33 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\LolClient
[2012.05.21 14:59:21 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Mp3tag
[2011.11.10 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Notepad++
[2012.01.01 19:06:33 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Samsung
[2012.05.11 09:30:40 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Systweak
[2011.11.05 22:16:56 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Telefónica
[2012.01.29 00:06:11 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\The Creative Assembly
[2012.01.27 21:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Ubisoft
[2012.05.11 09:22:10 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Uniblue
[2011.11.07 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Webocton - Scriptly
[2010.11.26 14:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\WindSolutions
[2010.11.26 15:00:02 | 000,000,000 | ---D | M] -- C:\Users\Bernhard\AppData\Roaming\Xilisoft
[2012.06.11 01:30:06 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.06.10 15:02:26 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012.05.11 09:51:44 | 000,000,290 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012.05.11 09:51:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.11 01:31:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 876 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\View Baldur's Gate: Tales of The Sword Coast Readme.lnk
< End of report >
HijackThis dies: Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:53:53, on 11.06.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\program files (x86)\avira\antivir desktop\avcenter.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bernhard\AppData\Local\e-academy Inc\SecureDownloadManager\SecureDownloadManager.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Bernhard\Desktop\OTL.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Bernhard\Desktop\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14597
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bernhard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\d3dybse3i.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxecCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
O23 - Service: lxec_device - - C:\Windows\system32\lxeccoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Novatel Wireless Device Helper (NWHelper) - Novatel Wireless Inc. - C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 12757 bytes
Extras.txt: Code:
OTL Extras logfile created on: 11.06.2012 13:48:37 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Bernhard\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 42,14% Memory free
9,99 Gb Paging File | 7,59 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): C:\pagefile.sys 6139 6139 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,45 Gb Total Space | 31,08 Gb Free Space | 26,69% Space Free | Partition Type: NTFS
Drive D: | 329,78 Gb Total Space | 153,38 Gb Free Space | 46,51% Space Free | Partition Type: NTFS
Computer Name: BERNHARD-PC | User Name: Bernhard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Free Video Zilla\FVZilla.exe" = C:\Program Files (x86)\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla -- ()
"C:\Program Files (x86)\Free Video Zilla\FVZilla.exe" = C:\Program Files (x86)\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F8DBEE5-BE7D-428C-952E-12ED1DA0BB28}" = lport=8390 | protocol=6 | dir=in | name=league of legends game client |
"{1CF47160-D805-4208-A57A-A3CA0EE7F2F6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E0E8E86-A63E-437A-9972-F3CDD7641590}" = lport=8393 | protocol=17 | dir=in | name=league of legends lobby |
"{210E0FAE-D644-43ED-AEF7-B05DA1E0B672}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{2AC0E576-36AF-4FEB-87A1-315BFAECFB91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{330B7387-A7DC-4641-A14C-34E5165BAC81}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{368B3674-E689-4BBF-870C-6DBB2FBAA666}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3981A4F0-0E6D-4C58-B893-955B18E6A5B1}" = lport=6974 | protocol=17 | dir=in | name=league of legends launcher |
"{3F557EAC-FF22-44A2-9F8F-FE5768500067}" = lport=137 | protocol=17 | dir=in | app=system |
"{40D6B55D-8B0E-4444-9346-4CA7D791E2AF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{414AB295-4610-4B6F-882C-FD893F765FDD}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher |
"{51DEDAD9-55EB-4816-BD35-064DE12DFC82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56406035-E465-49B5-9A51-4AE9C40F82D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{569BF1FD-ED0A-4955-8E6E-75A35095EC2A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DFDE7D4-3160-4C04-90EE-F60E045B5766}" = rport=137 | protocol=17 | dir=out | app=system |
"{6D7E2E50-0259-47C4-8B22-39AAA333A6E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75AA124E-9FC0-406C-8418-ABE01DBE4DAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78E201A1-963A-4E1C-8317-E1F2744EC77E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81B95D49-DDA6-417A-94CE-1611F0FC17F6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82803733-2002-48F5-834B-952C1A348B76}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{94DB8552-7C2F-4E5E-82D9-54F5B50E2D20}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher |
"{95CA8D92-0288-4FE9-9B03-8AA18AF41C67}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{97444878-94D7-42B4-BA5A-507980435ABD}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{9AD80BE5-6929-4F36-8B6A-0A7B5156E86A}" = lport=8390 | protocol=17 | dir=in | name=league of legends game client |
"{AA45A428-13FF-4EC7-A616-0CF85A25F94D}" = lport=6974 | protocol=6 | dir=in | name=league of legends launcher |
"{AF3096CC-48F9-43D8-8E4B-196EE0906877}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B110BECA-96C1-4EFA-9E44-EA9768884C62}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{BDF4B6B7-4EFC-42EE-96CE-CAF15CC4FF26}" = lport=138 | protocol=17 | dir=in | app=system |
"{C0178B87-13D2-4816-8DA4-DB8D9BA17619}" = lport=8393 | protocol=6 | dir=in | name=league of legends lobby |
"{CC0A0779-3BE1-4E07-BFEA-8841FAB251FC}" = rport=139 | protocol=6 | dir=out | app=system |
"{D6CB9A9E-4DBD-49F0-BDB0-D05080D6D10D}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{D7875D61-3106-4192-8386-630ABB96E06A}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{E34F25E8-91BD-4526-A257-1E266C0442BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{E5D46309-B35D-467C-A03E-13F5D6B78AFF}" = rport=138 | protocol=17 | dir=out | app=system |
"{E802DB63-5B1D-459D-A258-98B0B07F144A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFD07297-297C-4135-A954-CE76272131A3}" = lport=139 | protocol=6 | dir=in | app=system |
"{F05E0E4B-F1EE-42B8-AC99-36D16CB595C9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{F07C0D13-D528-4157-8A25-180271C45EB7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7F8D96F-E1CB-4F8E-8465-345A346C92FF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F9869D62-7C98-4D69-B477-8DA8A99B5A5A}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{068B314D-05B1-4EE0-836C-9E6E79C01969}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0CFFB919-EC07-4D4C-ADE1-FC2DE4E148B3}" = protocol=17 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{0F9FAA1E-4DF2-4EB1-BF79-9FB50B863C9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{109011D6-43DB-4C34-97AA-A251A395044B}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{191E46F1-0557-4DB3-AC00-E14F082C043E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{19D0AE5D-D3B9-4205-A590-B9BA36659E6B}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{1EDA03A2-6180-406E-B577-9239C490CC99}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{1FCB7B3E-76F8-4568-B48C-BFC84A9DBBA6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20443C25-EDCF-41DC-982B-7A2EFBFACB45}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22B52D49-B8CF-417E-A526-D78E224C891F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2329B52F-CC74-4FE3-9C9F-33BBDA95F8FA}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{232D5B41-413E-4332-9375-15CA5D81EED1}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{234A125A-29A9-448F-878C-69EBCB1ECCDE}" = protocol=6 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{26911D87-DCFE-4922-BFAD-60F96B329397}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{2AA3FB05-3F10-4B33-810A-E56B0BA7E185}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{31604E84-2514-43A6-9CCE-1ABFECAD9303}" = protocol=6 | dir=in | app=c:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe |
"{34A20449-1BFE-415C-826E-0D90FCFBEEBD}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3BB8248A-3A44-47D3-A90F-6D912E3FF87E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{416D1303-C4FD-415A-9B24-FFCC041D3BFC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{44DE2881-F2EA-4F98-9108-96961DB21CD0}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{473A18D2-2DC7-4D7D-BE63-BFFEE48FFA12}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{47996145-AE7F-41C1-8B92-24355B31C30E}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{47DD9A14-3055-426B-944C-A2F6371D6096}" = protocol=6 | dir=out | app=system |
"{48CA0683-234B-4DF3-AB53-48D7A62FDF70}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{48D76788-A9C9-4396-ADD8-40DFC0A40BC9}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{4986DF78-AB2A-4881-8EBC-F117421A3806}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{4CC3A768-89A3-4E2E-9E37-C16DEF9B3F62}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{50CC6213-3C23-4A53-8E72-DCBCE000C51E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{51035C80-1126-4BF5-BFE2-3A0156A43DAA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{536A941C-AC68-4286-8470-E817ECC7254A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{537ADD56-008B-4CA1-A59B-6D8771BA6612}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54EF4EDD-BD9D-4C6C-B18F-AD216CDAFC08}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{55CAD36D-37C9-4C62-AFCA-6E56000A6BFA}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{576A8951-B2BA-4113-9946-146E9C441141}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{57716A17-9669-4613-B44D-4C983A207D6F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5892272B-EC5A-4048-8EDD-B6D76BFBFBF9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{5ADFCF35-F4D8-4CC2-81AC-F0F409354A8B}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5AE97971-88C2-47E8-95FD-061F568E8C53}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6171C1C7-01AD-4ED3-9BF3-E4758ABF6722}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{642D1D63-0C5F-4C63-901B-3D22491E7396}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{67E17C88-493C-4B93-8FE1-E76E7C1D1BB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A61555E-F5D5-422C-B0E0-7344305EA75D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{767A4D45-472A-4B31-BC13-4900DFA7C259}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{7B46AA27-6A1B-4755-B550-A2CEC000A5D7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{899274AB-2578-4E87-9349-52B60584358A}" = protocol=17 | dir=in | app=c:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe |
"{8A92448F-0C87-4F28-8F22-65838B19C28E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{8E1076F5-A980-47EC-A405-E4FBF3C03F8F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8E33D352-851F-42E8-9F07-45AEB43E1BA4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{98856EB5-B7F6-4215-A71D-AC96C3BF6F27}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{9A17FA2C-A425-4914-8CDE-CA2A2A869263}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9E5A72A6-49D4-4329-86BE-EBB3F7A0F2EB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{9FB8FE3F-0BD4-450A-B3BA-405159F032C8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{A274AF93-CD28-4042-B362-2022EAE25186}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{A2F93524-1EA0-4D83-AE57-8045AB8033C0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{A2FF5C8A-F89D-4BA2-BB46-7DC856C59C52}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A499F9B5-D148-45A2-BE23-FDBE799F500E}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{A49A4BDE-8440-4E5F-8C1F-4AA699BE2B43}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{A54AD496-1555-405B-8811-E8F3871B4667}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{AA7BA9B4-6CD2-4608-B83B-68DF70061A97}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{AA9B916F-60A1-4FF9-9630-E176E6299408}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABF28236-0D6E-4BF4-AD17-F7382A1EEDB4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{AEEBC91F-9EAF-41DD-BF98-7C93F654675D}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{B3B80611-04D5-40E8-8031-BFC1075C5625}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{BA49D4B7-8DDB-43CB-B1B9-312773B7BA46}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{BF7E10F0-50F9-4042-9580-17A49EEFD727}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{BF826C44-9FB5-4EBE-9301-0C2B7319F3A0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C134DD7D-7E6B-42B6-B3CA-75601E997196}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\risen 2\system\risen2.exe |
"{C664B585-A1B2-4F91-894C-A6B43B345546}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{C7B14A49-8C5F-4691-A18C-667774D7A0EE}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CA3A4428-F354-4121-8D17-5BA3FD98974F}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{CCE75252-A425-4670-8E06-5ACB13EB91C1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{CE3E0102-3D54-4E6A-AD9D-03C9988A03C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE85B927-0630-4C9D-A33B-A271744599FD}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{D1CA8D7E-DA1C-4E26-9AB3-41E2C4A587C3}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{D3138D20-8A1C-4326-ADE9-AC5384076516}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4ADEE20-2D52-4F5D-A2B8-1910E9C5A94E}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{D7AE25E2-1FA5-4D6A-8F65-46D8CE35A0D5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D890D46C-D713-4765-9FCB-678D7C95B159}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{DA7C5C96-21AC-4C63-B85F-62C4D60798F6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{DC6AA798-5B77-4236-94D7-5B5D72E838AF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DFF73A27-BD16-4E9E-83B4-F2C4BFDD30BA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{E6D256A1-87CE-445C-A468-893747432855}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{ED2B15E6-211B-4FA3-9F5B-C9612C7E1AA7}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{EF29F835-DCB2-4546-9577-63A7C0E41BB0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2974E51-7E42-4E4C-B198-527454F00D18}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{F3F9438F-0984-44E3-8D5B-EE01F693018D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F742A887-0F89-407A-BB88-024E70CD9FF0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{F8F50270-BC99-433F-A072-5B95F6AC2E2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FA58AE99-32D2-4EB1-A04C-E14205164F6A}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{FB201EB3-13E7-43FA-BF34-BC4D93601D22}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{FF2FFB44-A4CD-40D7-9083-AB4E33C93E2E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\risen 2\system\risen2.exe |
"TCP Query User{11D53D8B-B999-44D8-A747-0613544D12CC}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |
"TCP Query User{3051574A-1681-450B-A3B2-70C412DFDC75}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{3D46D0EC-14AC-4BBE-8004-84F525479A23}D:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"TCP Query User{60F494DD-DD0A-4E97-9DF8-F6C3A52EB4DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{764A2865-471E-45E8-9B2F-AABC45BA506A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{7F2E4B0A-3A13-4D94-B125-85B7463A2890}C:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{C6610C35-13ED-4601-A6B6-0249BE4875F6}C:\program files (x86)\free video zilla\fvzilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\free video zilla\fvzilla.exe |
"TCP Query User{CCBA72FD-CD45-48C3-93ED-47D9E6AAA3E0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{09056D0A-7DDB-4CD4-B658-B395AFF592D6}D:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"UDP Query User{2583C417-8C8B-4C77-8F65-C1A1CFDA131E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{25B1E485-7F00-4112-BD29-C6AD2042DDB0}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{34779C59-0ABA-4B6B-B5EE-9AFD02804F41}C:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\bernhard\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{4F80081E-7EE1-4C61-8CE4-4F4CE1682304}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |
"UDP Query User{5547C8B4-7A09-48A5-9E98-22271B1308A2}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{9F917DC5-0DF3-44F3-85CD-6690399B9523}C:\program files (x86)\free video zilla\fvzilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\free video zilla\fvzilla.exe |
"UDP Query User{C294206D-F425-4A06-957E-54372116C000}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{389D85F6-D005-095E-3C49-3675754B41F8}" = AMD Drag and Drop Transcoding
"{412FF2A0-2E34-436B-8A0A-9E4EF32E913E}" = Option WWAN Driver 5.0.32.0 Installer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5581B78C-609A-4AA0-BFAB-64A847C0A4E6}" = Outlook Sync Db 2010
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5DBC38C9-D776-3050-FD3E-F4B5E99CCDDC}" = AMD Fuel
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{63591AAA-97F0-24A8-3EBD-174B5E35D6BF}" = ccc-utility64
"{63FC1F01-1232-B654-0C07-E1CD91B760E0}" = AMD Media Foundation Decoders
"{727E94E5-584F-4463-B4F5-93D3779C610B}_x" = Option WWAN Driver 5.0.32.0 Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82C9101B-36EC-5821-DD8B-05480074A0B8}" = AMD Catalyst Install Manager
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F4F0546E-E0F2-5D87-A502-B0B2FBFDD7CD}" = AMD Accelerated Video Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL
"EPSON SX125 Series" = Druckerdeinstallation für EPSON SX125 Series
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"ZTE USB Driver" = ZTE USB Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D0DF6E-BE8D-66B0-3C3F-ED0F395DF765}" = CCC Help Finnish
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{1395B38D-5889-19E5-D02E-BD1A02BF373B}" = CCC Help Spanish
"{13D5F9B6-D70A-DCCA-A00D-E43839CDFA83}" = CCC Help Chinese Standard
"{1410D707-A9C3-2E70-9476-2427EC18134F}" = CCC Help Turkish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46AFD359-AAE9-2843-B7CE-10FB46C76E99}" = CCC Help German
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57D5FAFB-30E8-63EB-D4F7-07298597578F}" = AMD VISION Engine Control Center
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5CAA69CD-9C1B-5604-B14B-8FAC2BC5E228}" = Catalyst Control Center InstallProxy
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7322467B-FAD1-5529-C4EF-7EA4BC17C0A2}" = CCC Help Korean
"{74E4B282-F25A-53A1-BBA5-7A3EFB90FAF4}" = CCC Help Japanese
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AC115AA-27D2-4024-6E7D-D9FCD93D0487}" = CCC Help Portuguese
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91EDBF6E-2260-646A-4D80-CB0802132736}" = Catalyst Control Center Localization All
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9268B41D-6045-4F5F-A14E-3F8E51CD2666}" = Secure Download Manager
"{931AED36-CF8A-F34F-8C13-5C19010DF6C6}" = CCC Help French
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9E75789D-E176-A72B-DE9E-D2AE63FE601B}" = Catalyst Control Center Graphics Previews Common
"{9F711CB6-8E76-63DA-6ABA-C21B7C839CA5}" = CCC Help Russian
"{A0E52598-872B-9E9A-181F-1A80C6AA4493}" = CCC Help Italian
"{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC2BA148-EE9C-4F1A-AFCE-F38C2C71D29B}" = Mobile Broadband Generic Drivers
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BFA7A60F-D018-AF0D-47E9-A13D0219E86A}" = CCC Help Thai
"{C3C35CB3-82B6-F36F-B39A-B2AFAA74F7D2}" = CCC Help Norwegian
"{C47C2F4D-4419-D823-C272-325FD9B92415}" = CCC Help Czech
"{C68C6E34-A103-F7BC-8682-C1C4190BAC1F}" = CCC Help Greek
"{D0251102-442C-6FE0-4FDC-2ACF2AD2A2A5}" = CCC Help English
"{D2A90CAF-AF34-C526-D4C7-AE4FF4547B66}" = CCC Help Polish
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E5C76964-F17B-7FCB-958F-1C067A2D217C}" = CCC Help Swedish
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7E76AEC-266C-C1A0-E39B-21AB97402CA1}" = CCC Help Chinese Traditional
"{E7F12C4C-9932-A039-4FAC-CAD1672EB633}" = CCC Help Hungarian
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{EBE9A607-31AB-696D-5220-5098B61AA9B2}" = CCC Help Dutch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFAF4DB9-943E-97E5-051C-DC6C4E7094C0}" = CCC Help Danish
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Any Video Converter_is1" = Any Video Converter 3.3.8
"Audacity_is1" = Audacity 1.2.6
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series Manual" = EPSON SX125 Series Handbuch
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 2.70
"Fraps" = Fraps
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Free Video Zilla_is1" = Free Video Zilla
"Free YouTube Download_is1" = Free YouTube Download version 3.0.18.1123
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.20.12.00
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader
"JDownloader" = JDownloader
"JPG2PDF_is1" = JPG2PDF 2.2
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mobile Broadband Generic Drivers" = Mobile Broadband Generic Drivers
"Mozilla Firefox 13.0 (x86 de)" = Mozilla Firefox 13.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.51
"Notepad++" = Notepad++
"o2DE" = Mobile Connection Manager
"PokerStars.net" = PokerStars.net
"RealPlayer 12.0" = RealPlayer
"RegClean Pro_is1" = RegClean Pro
"Security Task Manager" = Security Task Manager 1.8d
"SpeedFan" = SpeedFan (remove only)
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 40390" = Risen 2 - Dark Waters
"SubtitleCreator" = SubtitleCreator
"VLC media player" = VLC media player 1.1.5
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.6
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.05.2012 14:14:49 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 23.05.2012 14:30:54 | Computer Name = Bernhard-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 25.05.2012 13:12:39 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 25.05.2012 14:04:41 | Computer Name = Bernhard-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 25.05.2012 21:53:56 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 25.05.2012 22:39:57 | Computer Name = Bernhard-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 26.05.2012 07:19:57 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 26.05.2012 11:53:58 | Computer Name = Bernhard-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 26.05.2012 12:34:11 | Computer Name = Bernhard-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 26.05.2012 14:27:03 | Computer Name = Bernhard-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
[ System Events ]
Error - 11.06.2012 06:23:55 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:38 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:38 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:38 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:38 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:39 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:39 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:39 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:39 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 11.06.2012 07:28:48 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report >
Muss ich das System neu aufsetzen? Habe nämlich keine Windows CD vom Notebookhersteller bekommen und auch keinen Code aufkleben, nur die Garantie und die OS-Bezeichnung. Vor allem traue ich mich nicht, meine persönlichen Daten zu sichern, könnten ja kompromittiert sein.
Zu Kykymber finde ich nichts brauchbares in Google, nur etwa 6 Mrd Virenscanner, die sich mein Geld unter den Nagel reißen wollen.
Bin für jede Hilfe dankbar. |
