GVU Sperrbildschirm Win7 64bit
Hallo,
auch mich hat gestern der GVU Sperrbildschirm ereilt. Ich poste mal die verschiedenen log-files und hoffe, dass das alles ist, was ihr braucht. Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.07.05.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jan :: JAN-PC [Administrator]
Schutz: Aktiviert
05.07.2012 21:06:34
mbam-log-2012-07-05 (21-06-34).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 508703
Laufzeit: 1 Stunde(n), 4 Minute(n), 43 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
K:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Worm.Autorun) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
K:\ ist übrigens mein USB-Stick Code:
OTL logfile created on: 05.07.2012 22:23:25 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
12,00 Gb Total Physical Memory | 9,70 Gb Available Physical Memory | 80,80% Memory free
24,00 Gb Paging File | 21,46 Gb Available in Paging File | 89,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 20,95 Gb Free Space | 21,46% Space Free | Partition Type: NTFS
Drive E: | 368,10 Gb Total Space | 76,98 Gb Free Space | 20,91% Space Free | Partition Type: NTFS
Drive K: | 3,73 Gb Total Space | 1,64 Gb Free Space | 43,90% Space Free | Partition Type: FAT32
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.05 21:12:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.07.03 18:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\afwServ.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.24 00:38:30 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.06 02:21:56 | 000,288,088 | ---- | M] () -- E:\Hotspot Shield\bin\openvpnas.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.05.27 01:14:40 | 000,329,544 | ---- | M] () -- E:\Hotspot Shield\bin\hsswd.exe
PRC - [2011.05.27 01:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- E:\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- E:\Cisco Systems\cvpnd.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.05 14:59:08 | 000,256,160 | ---- | M] () -- C:\Users\Jan\AppData\Local\Temp\0_0u_l.exe
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 18:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2012.06.23 10:37:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.24 00:38:30 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.21 06:26:30 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- E:\Global Agenda\HiPatchService.exe -- (HiPatchService)
SRV - [2012.02.01 23:59:43 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.10.06 02:24:34 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- E:\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011.10.06 02:21:56 | 000,288,088 | ---- | M] () [Auto | Running] -- E:\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.05.27 01:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- E:\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.05.27 01:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- E:\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.03.04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- E:\Cisco Systems\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.09.17 09:36:18 | 000,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- E:\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012.07.03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.05.17 18:50:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.08.30 15:22:02 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011.08.30 15:22:02 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011.05.25 01:40:12 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2011.04.30 13:59:32 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.07 16:24:46 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2010.09.04 00:24:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010.03.09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.04 13:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.02.08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009.12.27 17:46:16 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.10.10 21:09:35 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.10.10 21:09:33 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.17 13:17:22 | 000,196,096 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008.11.16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008.11.04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (Magic Tune)
DRV:64bit: - [2007.05.01 15:37:06 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiH0464.sys -- (SaiH0464)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.03.07 12:03:40 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- E:\PC Wizard 2009\pcwiz64.sys -- (cpuz132)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F E4 80 F9 AD 5A CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://login.yahoo.com/config/mail?&.src=ym&.intl=de&rl=1"
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: E:\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Jan\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.27 17:19:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.07.05 15:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: E:\Mozilla Firefox 4.0 Beta 7\components [2012.07.05 14:56:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: E:\Mozilla Firefox 4.0 Beta 7\plugins [2012.04.14 11:55:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: E:\Mozilla Firefox\components [2011.11.15 21:05:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: E:\Mozilla Firefox\plugins [2012.04.14 11:55:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: E:\Mozilla Firefox 4.0 Beta 7\components [2012.07.05 14:56:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: E:\Mozilla Firefox 4.0 Beta 7\plugins [2012.04.14 11:55:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: E:\Mozilla Firefox\components [2011.11.15 21:05:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: E:\Mozilla Firefox\plugins [2012.04.14 11:55:37 | 000,000,000 | ---D | M]
[2009.10.29 11:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions
[2012.05.18 21:28:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions
[2010.04.28 12:29:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 21:28:10 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.03.10 15:53:06 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.11.25 00:08:53 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\battlefieldheroespatcher@ea.com
[2011.04.14 16:36:25 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\battlefieldplay4free@ea.com
[2011.08.12 15:16:59 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\DeviceDetection@logitech.com
[2009.10.29 11:15:09 | 000,000,000 | ---D | M] ("Image Download") -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\imagedownload@whygudu.iblog.cn
[2010.07.30 23:05:07 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\uqp4qoq0.default\extensions\YoutubeDownloader@PeterOlayev.com
[2011.01.09 14:31:13 | 000,001,742 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\uqp4qoq0.default\searchplugins\googlede-pws.xml
[2012.07.05 15:11:16 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.03.24 12:01:37 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\JAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UQP4QOQ0.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - E:\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - E:\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Xvid] E:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - C:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B8DFC33-AC17-4778-83C9-38F3358C7C2B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b21ac3c3-844f-11e0-af39-002421e3d649}\Shell - "" = AutoRun
O33 - MountPoints2\{b21ac3c3-844f-11e0-af39-002421e3d649}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{ffad9f23-a03c-11e1-8453-978914e137ec}\Shell - "" = AutoRun
O33 - MountPoints2\{ffad9f23-a03c-11e1-8453-978914e137ec}\Shell\AutoRun\command - "" = F:\arun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.05 21:12:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012.07.05 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2012.07.05 21:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.05 21:00:18 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.05 21:00:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.05 21:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.03 20:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2012.07.03 20:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks
[2012.07.03 20:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2012.07.03 20:58:47 | 000,000,000 | ---D | C] -- C:\Temp
[2012.07.02 16:17:09 | 000,000,000 | ---D | C] -- C:\Users\Jan\Documents\Electronic Arts
[2012.07.02 16:15:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Electronic Arts
[2012.07.02 11:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.07.01 17:42:18 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.06.16 17:53:51 | 000,000,000 | ---D | C] -- C:\Users\Jan\Documents\Klinische Psychologie Seminar SS12
[2012.06.13 16:52:32 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Macromedia
[2012.06.13 08:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.13 08:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.06.13 08:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2009.09.04 19:12:23 | 052,930,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Users\Jan\9-8_vista32-64_ccc_lang2.exe
[2009.09.04 19:08:27 | 042,859,104 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Users\Jan\9-8_vista64_win7_64_dd.exe
[2 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.05 22:27:10 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.05 22:27:10 | 000,010,896 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.05 22:22:18 | 000,000,020 | ---- | M] () -- C:\Users\Jan\defogger_reenable
[2012.07.05 22:20:02 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.05 22:19:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.05 22:19:34 | 1073,094,654 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.05 22:11:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.05 21:37:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.05 21:12:09 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2012.07.05 21:11:53 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe
[2012.07.05 21:00:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.05 20:52:28 | 004,503,728 | ---- | M] () -- C:\ProgramData\l_u0_0.pad
[2012.07.05 15:29:44 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.05 15:29:44 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.05 15:29:44 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.05 15:29:44 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.05 15:29:44 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.05 15:11:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.07.05 14:59:08 | 000,001,873 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.03 21:00:07 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2012.07.03 20:59:30 | 000,002,591 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012.07.03 20:58:22 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF
[2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.07.03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012.07.03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.07.03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.07.03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.06.19 15:09:09 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.06.19 15:09:09 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.19 15:08:33 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.06.14 10:19:46 | 000,446,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 08:25:11 | 000,001,440 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.11 13:50:46 | 000,187,392 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
========== Files Created - No Company Name ==========
[2012.07.05 22:22:17 | 000,000,020 | ---- | C] () -- C:\Users\Jan\defogger_reenable
[2012.07.05 21:11:52 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe
[2012.07.05 21:00:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.05 14:59:08 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_u0_0.pad
[2012.07.05 14:59:08 | 000,001,873 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.03 20:59:30 | 000,002,591 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012.07.03 20:58:22 | 000,001,594 | ---- | C] () -- C:\Windows\VPNUnInstall.MIF
[2012.06.13 08:25:11 | 000,001,440 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.11 13:50:46 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.29 15:46:14 | 000,035,407 | ---- | C] () -- C:\Users\Jan\.TransferManager.db
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.11 13:05:03 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.08.11 13:05:03 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011.04.22 13:40:30 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.04.22 13:40:30 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.04.22 13:40:26 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.03.05 18:30:23 | 000,007,606 | ---- | C] () -- C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
[2010.10.29 12:59:37 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.10.29 12:59:37 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.10.24 22:09:04 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.04.24 22:07:55 | 000,005,632 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.09 21:33:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.29 11:28:32 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.04 19:22:46 | 037,922,152 | ---- | C] () -- C:\Users\Jan\setupger.exe
========== LOP Check ==========
[2012.01.21 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft
[2012.01.22 00:11:18 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft_xray
[2011.08.17 16:38:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.visualvm
[2009.10.29 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Azureus
[2009.10.29 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Bump Technologies, Inc
[2012.05.17 18:51:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
[2011.12.01 01:00:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft
[2011.11.28 23:22:23 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.02 16:15:57 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Electronic Arts
[2009.12.02 16:05:38 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Foxit
[2011.02.22 01:36:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Hi-Rez Studios
[2011.01.04 00:39:04 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\ICQ
[2009.10.29 11:15:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Leadertech
[2010.12.19 03:10:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient
[2009.12.11 00:00:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010.04.27 23:31:04 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mount&Blade Warband
[2009.10.29 11:15:09 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenOffice.org
[2011.10.26 22:07:44 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin
[2011.03.17 15:54:07 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\PunkBuster
[2012.04.24 22:16:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client
[2011.05.23 00:24:17 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Ubisoft
[2012.01.18 01:26:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Unity
[2012.06.19 14:49:43 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Code:
OTL Extras logfile created on: 05.07.2012 22:23:25 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
12,00 Gb Total Physical Memory | 9,70 Gb Available Physical Memory | 80,80% Memory free
24,00 Gb Paging File | 21,46 Gb Available in Paging File | 89,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 20,95 Gb Free Space | 21,46% Space Free | Partition Type: NTFS
Drive E: | 368,10 Gb Total Space | 76,98 Gb Free Space | 20,91% Space Free | Partition Type: NTFS
Drive K: | 3,73 Gb Total Space | 1,64 Gb Free Space | 43,90% Space Free | Partition Type: FAT32
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Mozilla Firefox 4.0 Beta 7\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ECD0029-747B-44A1-B42F-86A1AB926CF9}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{10114B6B-E924-4445-9B17-F16F57C835D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1FCE04CC-8EFD-490E-8C31-1ECE6872D247}" = lport=3724 | protocol=6 | dir=in | name=blizzard |
"{2379E9EB-7C31-4C7A-89FB-3B434CC82777}" = lport=2869 | protocol=6 | dir=in | app=system |
"{313E3685-22C0-47F2-8393-1A2E28C8D605}" = rport=138 | protocol=17 | dir=out | app=system |
"{33FDD278-5024-4E9E-887F-AABEFCA6987F}" = rport=137 | protocol=17 | dir=out | app=system |
"{349166D8-7849-4378-BA64-F65E0BA47F4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3731AB24-C4F4-488A-90B4-2A28DC7DFC4D}" = lport=6993 | protocol=17 | dir=in | name=league of legends launcher |
"{3903FB2A-8C7D-4800-9604-E8E96480ADF2}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{3B0E206C-8F2A-4CA8-8BC2-6C1D561E63E2}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{3E4511B1-17F9-4721-A8A4-676801202E35}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{4D0B3D67-D465-4398-A299-153360FF0095}" = lport=8398 | protocol=17 | dir=in | name=league of legends launcher |
"{4EB3F8F4-1134-4560-9D88-C286960B51AE}" = lport=6944 | protocol=17 | dir=in | name=league of legends launcher |
"{51F56C72-2EB8-4D20-A83D-D6389B875877}" = lport=10243 | protocol=6 | dir=in | app=system |
"{52467EFE-14D3-47D3-83B5-B3F2DAE9C75D}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{52AE3E79-B87A-44A0-826B-70DCD6DA874E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52D2053C-C7A1-4A36-8419-7D3090EEFF05}" = lport=6993 | protocol=6 | dir=in | name=league of legends launcher |
"{5C4D133F-4537-4F5E-AE20-FD515FBE9F58}" = lport=3724 | protocol=17 | dir=in | name=wow |
"{64335716-B49E-4863-8A90-2BB78FFFCEA0}" = lport=1119 | protocol=17 | dir=in | name=wow |
"{80122AD6-03EB-4250-8252-5C9D178688EE}" = lport=8398 | protocol=6 | dir=in | name=league of legends launcher |
"{84B43CA1-E808-422F-B9E1-D4C42A90E991}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87CA625D-3045-4B88-88A8-8EA5CA5B08B6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8AB1E30B-1077-4305-A17A-AC4D5FCDE01B}" = lport=6004 | protocol=17 | dir=in | app=c:\microsoft office\office14\outlook.exe |
"{8DB379B9-6CEF-41F7-B531-E7A037913362}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{8F2CA56A-668E-4B24-A3AC-7D9CEAFFBBA1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91DE59C7-ACE9-45D9-ABA5-1AC3BE1C0B52}" = lport=6948 | protocol=17 | dir=in | name=league of legends launcher |
"{93E1B5A9-759D-42EA-AA6E-2101585FB13A}" = lport=6948 | protocol=6 | dir=in | name=league of legends launcher |
"{97BE848D-B48E-41BD-9393-196E617C823B}" = rport=445 | protocol=6 | dir=out | app=system |
"{A29C97C5-C7C2-47A5-BF1D-21A8440ADD62}" = lport=1119 | protocol=6 | dir=in | name=wow |
"{A8027A9F-10D3-48D4-A881-A0A99E4F8AB4}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{B23CDA7C-7020-4C6B-8CC8-F10D309D7A28}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B2D9E3DC-49A7-4215-867B-42A05D658A95}" = lport=6944 | protocol=6 | dir=in | name=league of legends launcher |
"{B5B93F40-FD4C-4B7E-B93A-799C454985B1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BADE2AD7-554B-4249-9800-4FAFBBF50769}" = lport=4000 | protocol=6 | dir=in | name=wc3 |
"{BC6494A9-7277-4861-A4D0-3205EBB0C13D}" = lport=137 | protocol=17 | dir=in | app=system |
"{C4B546E4-E6D9-4640-8B2F-2AAA40C2F296}" = lport=139 | protocol=6 | dir=in | app=system |
"{CA4497F4-2BF2-4C1E-A7E6-4A7C87B9B721}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCA013DC-0C31-4982-9474-89EF17A5FFC2}" = lport=138 | protocol=17 | dir=in | app=system |
"{E986D5C4-CDEE-4438-82F9-E8A1B3F8AA44}" = lport=445 | protocol=6 | dir=in | app=system |
"{F2D2697B-F6AE-4F38-BA68-3555CB007ABE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3FEC633-2A78-4E95-8370-76E7E707B6AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{F6AC7B29-8F1C-457C-BA93-D5D60A1DF742}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB3CB45A-D0AE-4140-B9FC-B0A06FCE21B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF29A720-E90C-43D8-8E59-0B76EBEC1316}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01096B37-39A0-4D55-9D90-71BB616FBF5F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0218DB8F-F3B1-475D-B517-8195EBA0C667}" = protocol=6 | dir=in | app=e:\ac 2\assassinscreedii.exe |
"{03BC1D50-EE7F-4159-913F-8774A0BFA04D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{081B42E9-B9BA-41AB-AC1D-27199600F3EA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{0967D264-9E95-4639-AD60-0ADE162E7876}" = protocol=17 | dir=in | app=e:\ac 2\assassinscreedii.exe |
"{09B60185-E465-4348-98B1-B0E83D57966C}" = protocol=17 | dir=in | app=e:\games\world of warcraft\launcher.patch.exe |
"{0AF9FFD7-BDA8-4DD9-A11B-559FB075BE2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0E20B237-A263-4920-AF28-C69A1BAE9E51}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1209DC48-9142-4879-AF2E-FB07F5C6403E}" = protocol=6 | dir=in | app=e:\assassin's creed brotherhood\acbmp.exe |
"{12A4B7FB-4D01-4719-89C0-FCEAD1EF7465}" = protocol=6 | dir=in | app=e:\games\league of legends\game\league of legends.exe |
"{13B1912D-69D9-4A61-98BA-3DAB5A084B87}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{174C43A2-58A7-4BD3-BE15-AFDF971A46A0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{178F090B-B5B6-4512-A627-635F5F39A5EE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{1BB0DD17-3835-4E1F-A79B-A53A8C510B85}" = protocol=6 | dir=in | app=e:\league of legends\air\lolclient.exe |
"{1C0720F0-C462-4646-B320-C5F02BA38C0B}" = protocol=17 | dir=in | app=e:\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{1EF34689-2119-4881-AD09-7C5152DA0824}" = protocol=6 | dir=out | app=system |
"{1F6D4F8A-F768-45AD-AEB0-99A29CB04798}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{23C3D17D-8BDF-43FD-B666-42EF7DE32C6E}" = protocol=17 | dir=in | app=e:\games\lol\air\lolclient.exe |
"{2569B4DF-FEAA-4790-A3F4-47E823E6B411}" = protocol=6 | dir=in | app=e:\anno 1404\tools\anno4web.exe |
"{267611C9-BEB2-4515-99A7-B30AF8EF4EE0}" = protocol=6 | dir=in | app=e:\ac 2\assassinscreediigame.exe |
"{2875CA18-D694-48F2-A899-524C81B145BE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{28C685BE-E8F4-45D4-B2E8-BD01397C9D91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A9F1D63-6F56-4E34-A913-119849A28F43}" = protocol=17 | dir=in | app=e:\assassin's creed brotherhood\uplaybrowser.exe |
"{2C8DE28A-0FFB-4CDA-9C7F-A72110BB884B}" = protocol=17 | dir=in | app=e:\anno 1404\anno4.exe |
"{2FDE20C8-6F05-4469-A753-FE5754C70F59}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{335AA602-1988-41A8-A735-3535C693BDBD}" = protocol=6 | dir=in | app=e:\battlefield 2\bf2.exe |
"{335C255B-507F-489C-A2A9-E55AAE3AC992}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{36DC6640-99CC-4F69-A589-126E19D0121C}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{374EC68D-3A2E-4FAA-81AB-AD28E886E2D7}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{3912B93B-53CB-4E3B-944B-27D3D9480CD0}" = protocol=17 | dir=in | app=e:\assassin's creed brotherhood\acbsp.exe |
"{3941E6AA-E040-4825-B1BB-1271C42E0CE2}" = protocol=6 | dir=in | app=e:\anno 1404\anno4.exe |
"{397A33A2-6BC0-4EF9-B3BF-D41CF81914D9}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{434200E9-A3D2-4EB2-81AE-5B8CA54418F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44390BCE-A5E5-4E6B-BD7B-09A984CA7B51}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
"{45AD8206-F347-4558-B6C7-3600D0B9097B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{4B308AAE-FC80-4827-8E2A-CEFC7D66FE8A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{52355B85-84BA-499E-8205-9F8B41761DF1}" = protocol=17 | dir=in | app=e:\games\world of warcraft\backgrounddownloader.exe |
"{52A8253B-652F-4293-99C4-6EFB18A780F6}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{55EE0D63-457C-47C5-B0B0-9FF845770DDF}" = protocol=17 | dir=in | app=e:\anno 1404\tools\anno4web.exe |
"{593E33B4-E2E1-44C1-B97F-B26DD0EEA93E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{598EF00A-6D32-4CE1-B34C-05B357FCCD12}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{59B17F49-FEFD-40F9-A61D-A87FC1D10BCB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5A3F19CE-8BA5-4C59-855B-4D8D2F1DC645}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5BADCF9A-1B1A-4874-AE6B-281E156B2037}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5BDF4EAE-BDEC-4605-8215-AA4D31D0A0D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5C97A9A9-D9AC-43EE-AA80-E0D395571017}" = protocol=17 | dir=in | app=c:\bluetooth\bluesoleil.exe |
"{5FC49D07-53C9-445D-8585-3E68F3A07045}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{63287CBB-A327-4062-8F98-0FB6A60096C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{638BCDC6-23A8-4B64-869B-0F9B100EF3D8}" = protocol=6 | dir=in | app=e:\games\league of legends\air\lolclient.exe |
"{63A4AFC7-F50F-4D5A-94ED-C6AEDB51EF1C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{65952847-E5CB-4F9E-A01A-B659F4C67F87}" = protocol=17 | dir=in | app=e:\battlefield 2\bf2.exe |
"{66276E9E-3BA7-4805-A618-78FF31E6309E}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{66400829-01A2-4690-BCE0-E44A6261CEDB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6BE3403F-6ADA-40B6-BEE8-E1BF73673DBD}" = protocol=6 | dir=in | app=e:\assassin's creed brotherhood\uplaybrowser.exe |
"{70A8F198-1CE0-4F08-A56D-93132ED4E551}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{735CDBA1-899E-4C45-99FC-ED33E3EE56BC}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe |
"{73E55D7C-0F11-4B7E-BA99-16CA487C722C}" = protocol=17 | dir=in | app=e:\ac 2\assassinscreediigame.exe |
"{743E90EF-A9E4-4B58-96FC-6C6D303E23A6}" = protocol=17 | dir=in | app=e:\assassin's creed brotherhood\acbmp.exe |
"{763850FA-36E2-4EA3-B17E-1F322F656B81}" = protocol=17 | dir=in | app=c:\microsoft office\office14\onenote.exe |
"{7A52E283-C559-4868-8FB5-B92B82E4CF83}" = protocol=6 | dir=in | app=c:\bluetooth\bluesoleil.exe |
"{7B1C9E8D-C26D-4828-B7E2-7A6B8A022A89}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{86551163-F02D-4C9E-9FEF-1CAC8A03053A}" = protocol=6 | dir=in | app=e:\games\world of warcraft\launcher.patch.exe |
"{8A59A1D7-3C2F-4DE3-A45D-8DECC55B8980}" = protocol=17 | dir=in | app=e:\vindictus\vindictus eu\en-eu\nmservice.exe |
"{8F667F4B-6374-4C81-B07E-CBD29F94AE16}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{93919DE2-88B0-43B5-9E24-009061ACC8C3}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{939A6B93-FC26-41DC-8379-3CC68A2080FF}" = protocol=6 | dir=in | app=e:\games\lol\air\lolclient.exe |
"{944B3B11-A1AF-48A1-A0FA-42029FE0A3CF}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe |
"{954F30F6-96DC-4FCF-AB7A-6CCA39E5F5B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{95C708BA-CECA-4102-BC9E-2C9254AD31FF}" = protocol=17 | dir=in | app=e:\games\league of legends\air\lolclient.exe |
"{962955F3-E0FF-49F1-A893-434282F0D2B4}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{993B7061-3A15-4EDE-925A-621275186CC9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9AAA9E79-CE41-4ABD-B42B-0FC0B0EABBD8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9DBC2F26-1642-47B7-BDFC-D70EA1E3D597}" = protocol=6 | dir=in | app=e:\bad company 2\bfbc2updater.exe |
"{9DF522AF-E6AA-4069-9DBF-4AE98C126668}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A255C2EB-2C78-4363-8407-E8057EBF1B79}" = protocol=6 | dir=in | app=e:\anno 1404\anno4.exe |
"{A2AB67A9-08AE-4AC5-9DC3-E7E566656B05}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A2BDB4F1-C10A-419C-8F85-2AB25ABFFF80}" = protocol=6 | dir=in | app=e:\anno 1404\tools\anno4web.exe |
"{A316A9F0-63D7-4511-8BAA-2B2EFE748F8B}" = protocol=17 | dir=in | app=e:\hellgate\hgllauncher.exe |
"{A609792B-26A7-42BE-A8F3-80019654D2FF}" = protocol=17 | dir=in | app=e:\league of legends\game\league of legends.exe |
"{AB29ED1F-3873-4CC4-A4F1-11075D4E3546}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF0DBFDB-8D16-4BEA-9B90-81B112E76EF2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{AFCE6586-BF8D-4682-916B-E04588FA4F21}" = protocol=17 | dir=in | app=e:\league of legends\air\lolclient.exe |
"{B78B3ACD-23CD-42DA-B86F-55EEC203C566}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BC67D613-42E8-40B4-B9CB-4FB9F74A5DA3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BD603000-E755-493D-A4EE-487CFB2C98E6}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{C0300FC9-7261-4172-A4F5-E81C5295DB88}" = protocol=6 | dir=in | app=c:\bluetooth\bluesoleil.exe |
"{C0C9E006-C598-4623-9655-53A596A7E5E9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C10ACA8E-745D-4DC2-9227-B23A25333F6A}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{C3A0E66F-BFD5-4B80-B240-3069B7E9C4F2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C5760FC1-05DA-4109-9B9F-A40F96831573}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C7421A38-3930-480D-AE7F-9A9A4F91FFC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C960FA3B-AA48-4EE8-8151-5F324FDC52D5}" = protocol=17 | dir=in | app=e:\games\lol\game\league of legends.exe |
"{C9A53DDC-86C5-4C3A-AA33-FA8BC92DD5DD}" = protocol=17 | dir=in | app=e:\anno 1404\tools\anno4web.exe |
"{CAAD4758-61C2-4E30-B895-7BAE3684EDD5}" = protocol=6 | dir=in | app=e:\games\starcraft ii\starcraft ii.exe |
"{CD3819B5-5F69-4E29-911C-9C8A6D76C22E}" = protocol=17 | dir=in | app=c:\bluetooth\bluesoleil.exe |
"{CDB494FE-7BFA-42C2-A8DB-ECDA75345A80}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CF13117F-78D7-49F0-8745-D00906715002}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{D06F79C4-3E88-429D-AA2C-F0C244D0E3F6}" = protocol=6 | dir=in | app=e:\ac 2\uplaybrowser.exe |
"{D1B9C84E-7314-4781-B84D-B15D0D973AE1}" = protocol=17 | dir=in | app=e:\games\starcraft ii\starcraft ii.exe |
"{D26B6A97-E005-4122-A388-E390DDE0E7CD}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{D4A98EA2-4456-4AA2-B54B-558E038081D2}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe |
"{D626A120-4B89-4B56-8547-7B6906AB14BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D9D2433C-B16B-49E1-B118-D18EAD77D69E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{DA7F8796-BBC8-4044-9099-49E30B6F63C7}" = protocol=17 | dir=in | app=e:\ac 2\uplaybrowser.exe |
"{DCACD27A-BF05-4237-B2D0-97E757BFBCE0}" = protocol=17 | dir=in | app=e:\games\league of legends\game\league of legends.exe |
"{DE42FA76-5EF7-4726-B4E5-52113499AFC4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E118AB05-B17D-401C-B587-B39CE56B619E}" = protocol=6 | dir=in | app=c:\microsoft office\office14\onenote.exe |
"{E1880CF9-6A59-41B1-BAFD-AC2A83500CEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E32F0EAF-16B7-4021-B484-F7B12EC0C61F}" = protocol=6 | dir=in | app=e:\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{E3742938-E19B-4DFC-A8FD-C57A508634E9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E41973A9-638A-409C-BC5E-0026C7913238}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{E43C4262-A5C2-49FA-B579-1C52E7E0A57D}" = protocol=17 | dir=in | app=e:\anno 1404\anno4.exe |
"{E50F92FA-1537-4314-86CA-846B853412A5}" = protocol=6 | dir=in | app=e:\assassin's creed brotherhood\acbsp.exe |
"{E732B888-EDFB-4DF9-9220-F1C534CB2E65}" = protocol=6 | dir=in | app=e:\games\lol\game\league of legends.exe |
"{EC0F9933-33EA-4701-B1A6-95BC782543CE}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{F16EC508-58D8-4387-9F94-33750DAD5EE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F214F0A5-D5AC-4C7E-9EFB-E4648F200515}" = protocol=6 | dir=in | app=e:\vindictus\vindictus eu\en-eu\nmservice.exe |
"{F68E0405-2218-4666-962E-7D65CAB740A4}" = protocol=17 | dir=in | app=e:\bad company 2\bfbc2updater.exe |
"{F8648142-39C7-49AC-B29A-4949670379EE}" = protocol=6 | dir=in | app=e:\games\world of warcraft\backgrounddownloader.exe |
"{FA0331C6-6256-48AA-830C-8FC071C20BAC}" = protocol=6 | dir=in | app=e:\league of legends\game\league of legends.exe |
"{FB89542C-5110-49A0-B919-83DDBAF1FFC5}" = protocol=6 | dir=in | app=e:\hellgate\hgllauncher.exe |
"{FC6E4F64-9576-4D0E-9BF9-A5E572FED142}" = dir=in | app=e:\itunes\itunes.exe |
"{FE0E4A62-BAE0-4728-8544-608502961ACA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{04C8EC21-0CBA-4D5F-BDDD-D6D1ED5C4403}C:\program files (x86)\sony\station\launchpad\_aunchpad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\station\launchpad\_aunchpad.exe |
"TCP Query User{0FBA6E35-C421-4A69-8362-C935B5337760}E:\games\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=e:\games\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{14557225-88D7-42D6-92B8-3CB2AACFA746}E:\games\war_trial_downloader.exe" = protocol=6 | dir=in | app=e:\games\war_trial_downloader.exe |
"TCP Query User{17B3C0FE-5261-4890-AA37-978A139DA0BC}E:\games\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=e:\games\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{1BA2510C-5221-4911-BAEE-164CCB2C3ED7}E:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\games\world of warcraft\launcher.exe |
"TCP Query User{1DBFE5F6-AEAE-497E-A67E-D55831E7EED5}E:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\games\warcraft iii\war3.exe |
"TCP Query User{34BDC3D8-F609-439F-8277-667DB3C331B0}E:\java\jdk1.7.0\bin\java.exe" = protocol=6 | dir=in | app=e:\java\jdk1.7.0\bin\java.exe |
"TCP Query User{3526CFBA-348D-4484-B9E5-5E88900D3F24}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{37201149-7303-4202-A0F1-C1629A6F2EC2}E:\age of conan\conanpatcher.exe" = protocol=6 | dir=in | app=e:\age of conan\conanpatcher.exe |
"TCP Query User{3AB6F258-5AA2-4852-87AA-61D85F16CCB0}E:\bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=e:\bad company 2\bfbc2game.exe |
"TCP Query User{4612B421-1D70-47E5-8488-277F6C9EDBE0}E:\steam\steamapps\dr_grftjx\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\dr_grftjx\team fortress 2\hl2.exe |
"TCP Query User{48655786-E425-4932-B532-120E0807A176}E:\eve\bin\exefile.exe" = protocol=6 | dir=in | app=e:\eve\bin\exefile.exe |
"TCP Query User{48B97985-3C93-4B1D-8114-DA32208D8D29}E:\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{4AAB5F62-1EC9-4A53-B274-DD3534167875}E:\gw2 beta\gw2.exe" = protocol=6 | dir=in | app=e:\gw2 beta\gw2.exe |
"TCP Query User{4B7E3A10-0E2C-4154-B351-EB2AA2C0E7F4}E:\games\anarchyonline_18.1.1-large.exe" = protocol=6 | dir=in | app=e:\games\anarchyonline_18.1.1-large.exe |
"TCP Query User{4FDEC4A8-A9E1-4EE3-AAEC-D3CCACE1419A}E:\emule\emule.exe" = protocol=6 | dir=in | app=e:\emule\emule.exe |
"TCP Query User{52EDE5DC-8C17-4DAA-AC26-6A84354EAB7C}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{53EE0D91-A6AC-42B2-A75B-50254A1047AF}E:\age of conan\ageofconan.exe" = protocol=6 | dir=in | app=e:\age of conan\ageofconan.exe |
"TCP Query User{54E2BE7C-ECAF-473E-8B59-B95EBB8371B1}E:\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=e:\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{6366966E-6629-467F-B9E8-DFF86A532E80}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe |
"TCP Query User{6BA5B67B-1731-4F6A-9210-1B6D5A09BB8F}E:\loleudownloader.exe" = protocol=6 | dir=in | app=e:\loleudownloader.exe |
"TCP Query User{74124F36-F579-4E51-8C2F-7E2491759768}E:\games\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=e:\games\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{8FDCDB3C-11A1-46EC-A62F-5ED9C8DF89BB}E:\programme\azureus.exe" = protocol=6 | dir=in | app=e:\programme\azureus.exe |
"TCP Query User{929A0E5F-6395-453F-AB2D-4B858519530E}E:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"TCP Query User{A0DC9AC0-A3E0-42C8-96DB-9473900BC41F}E:\age of conan\ageofconandx10.exe" = protocol=6 | dir=in | app=e:\age of conan\ageofconandx10.exe |
"TCP Query User{C3A810F0-7FB3-4FA7-8401-D77BCACC551F}E:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\games\world of warcraft\launcher.exe |
"TCP Query User{C3C54E3D-85A8-40AF-8404-99FEC8E89649}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{C3D496C6-1818-498C-8193-BAA411B03B6B}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"TCP Query User{CE269316-48E9-47D2-A28F-9267EFB2A868}E:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\games\warcraft iii\war3.exe |
"TCP Query User{DE6F404D-9892-4BDE-8604-AD3D4AAA5CD2}C:\users\jan\downloads\anarchyonline_18.1.1-large.exe" = protocol=6 | dir=in | app=c:\users\jan\downloads\anarchyonline_18.1.1-large.exe |
"TCP Query User{EB53FBDD-2487-4B8B-9AA5-64CED18B51E6}E:\games\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=e:\games\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{F1A9B97A-FA5B-4CD2-95E6-F15CB253A691}E:\bf play4free\bfp4f.exe" = protocol=6 | dir=in | app=e:\bf play4free\bfp4f.exe |
"TCP Query User{F9275379-404F-4309-A154-05F7A6DFC850}E:\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=e:\battlefield 2\bf2.exe |
"TCP Query User{FACE66CC-A104-4AA5-B377-F5862F8EB1F9}E:\global agenda\games\global agenda live\binaries\globalagenda.exe" = protocol=6 | dir=in | app=e:\global agenda\games\global agenda live\binaries\globalagenda.exe |
"UDP Query User{0E4A821C-5450-44A9-8B2E-982433B1DAA2}E:\games\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=e:\games\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{106F429C-867A-4F07-AD9A-9B7EE209F315}E:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\games\warcraft iii\war3.exe |
"UDP Query User{16D5F74A-1699-4725-B086-DB298A289CBC}E:\loleudownloader.exe" = protocol=17 | dir=in | app=e:\loleudownloader.exe |
"UDP Query User{20E08F46-4CEF-4AF9-B6BE-9CEE35D211A5}E:\gw2 beta\gw2.exe" = protocol=17 | dir=in | app=e:\gw2 beta\gw2.exe |
"UDP Query User{2316560A-CC4A-4229-A73E-0EA9562AC39D}E:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\games\warcraft iii\war3.exe |
"UDP Query User{2F413A2D-7312-471A-858C-0A2E3DEBDF70}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{4158F0E4-7206-4A4F-9F34-D21307FC1488}E:\games\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=e:\games\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{467C4D95-F54B-4F95-A8F9-E7351F5BBCE7}E:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\games\world of warcraft\launcher.exe |
"UDP Query User{55034E3F-B7A2-48F9-BA8E-4EEE6F625824}E:\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\games\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{58028835-07E3-4710-B9D8-AD06B81E61C1}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"UDP Query User{5E76A491-0EBD-4864-809E-DABE670D5969}C:\program files (x86)\sony\station\launchpad\_aunchpad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\station\launchpad\_aunchpad.exe |
"UDP Query User{6ADFBAFD-D150-4179-904A-7F4D483B9F4A}E:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\global agenda live\binaries\globalagenda.exe |
"UDP Query User{6C60A872-57A0-430C-A4CF-208A839764F5}E:\emule\emule.exe" = protocol=17 | dir=in | app=e:\emule\emule.exe |
"UDP Query User{701495AF-F271-4C0A-B31C-6CF9F453774F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{74311317-421A-48B9-88C3-B0C26A72AA88}E:\global agenda\games\global agenda live\binaries\globalagenda.exe" = protocol=17 | dir=in | app=e:\global agenda\games\global agenda live\binaries\globalagenda.exe |
"UDP Query User{84F371FE-9CE6-4633-BCB5-22D4E493D24B}E:\programme\azureus.exe" = protocol=17 | dir=in | app=e:\programme\azureus.exe |
"UDP Query User{87DC811E-DDBE-41B5-808A-2782C4B64373}E:\eve\bin\exefile.exe" = protocol=17 | dir=in | app=e:\eve\bin\exefile.exe |
"UDP Query User{8DFCDCF4-A261-40D2-B5F6-DA405E9AD9C8}E:\games\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=e:\games\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{8EDEA2E3-BF0C-4842-A49E-9AB7AB04238D}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe |
"UDP Query User{93A8F3FD-3274-4C4A-880F-FEDD1F6F0C52}E:\steam\steamapps\dr_grftjx\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\dr_grftjx\team fortress 2\hl2.exe |
"UDP Query User{ADAF48E8-ED49-41E9-9BCE-EABE82F8A46D}E:\games\war_trial_downloader.exe" = protocol=17 | dir=in | app=e:\games\war_trial_downloader.exe |
"UDP Query User{B079F691-E87D-4F93-8174-2F3B9169D7EB}E:\bf play4free\bfp4f.exe" = protocol=17 | dir=in | app=e:\bf play4free\bfp4f.exe |
"UDP Query User{B1832AEF-043B-4EDB-B8EE-B7A38D1A563F}E:\age of conan\ageofconan.exe" = protocol=17 | dir=in | app=e:\age of conan\ageofconan.exe |
"UDP Query User{BFEFE293-1E81-4456-B2E8-0486FDD080EA}E:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\games\world of warcraft\launcher.exe |
"UDP Query User{CD1CBAC4-1286-4F6C-B31B-9F45F44AB490}E:\games\anarchyonline_18.1.1-large.exe" = protocol=17 | dir=in | app=e:\games\anarchyonline_18.1.1-large.exe |
"UDP Query User{CD4F7A74-8D01-42B6-A5F1-C7E097434B31}E:\bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=e:\bad company 2\bfbc2game.exe |
"UDP Query User{CEBECEEA-215D-41F3-BCA5-B2BF5DBB6C7A}E:\games\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=e:\games\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{D0083876-E3CB-4D8A-8250-AFEABFE40FDD}E:\java\jdk1.7.0\bin\java.exe" = protocol=17 | dir=in | app=e:\java\jdk1.7.0\bin\java.exe |
"UDP Query User{D01C5DE8-7F15-4208-84F3-C2F9D7EE4511}E:\age of conan\ageofconandx10.exe" = protocol=17 | dir=in | app=e:\age of conan\ageofconandx10.exe |
"UDP Query User{D161F12E-F876-4251-AE7E-FFF4FB99E829}C:\users\jan\downloads\anarchyonline_18.1.1-large.exe" = protocol=17 | dir=in | app=c:\users\jan\downloads\anarchyonline_18.1.1-large.exe |
"UDP Query User{D3779FF6-6840-47BB-85A9-97883B6E34AA}E:\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=e:\battlefield 2\bf2.exe |
"UDP Query User{DD3C84E2-78D2-4273-BFC7-2B73DD9DECF9}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{F454277E-1109-4884-B078-C9699E343EBB}E:\age of conan\conanpatcher.exe" = protocol=17 | dir=in | app=e:\age of conan\conanpatcher.exe |
"UDP Query User{F4E95B8A-B53C-4127-B960-054F3D4325D8}E:\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=e:\games\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CB2E2BC-A312-5821-C5C7-A295A1BEFD08}" = AMD Catalyst Install Manager
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{225FA1E8-372F-BBFF-F488-E79D78A5180E}" = AMD AVIVO64 Codecs
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 8.01
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}" = AMD Drag and Drop Transcoding
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C25215FC-5900-48B0-B93C-8D3379027312}" = PASW Statistics 18
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"sp6" = Logitech SetPoint 6.30
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0E6C1531-9546-4153-9D88-689519385319}" = Haushaltsbuch 5.0
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{26A39957-0BE3-449B-BA6F-922C8713AB2B}" = G*Power 3.1.3
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{32A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF001}" = Global Agenda Live
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{45B3A3BD-F90D-48FE-A147-D74878A51031}" = Nero 7 Essentials
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}" = Global Agenda Launcher
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EED52BE-2247-D8E2-2196-492D03ABF276}" = HydraVision
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BE90CE58-41DE-4708-9291-A9D1D49B1031}" = SecurDisc Viewer
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Conan_is1" = Age of Conan: Unchained
"Anarchy Online_is1" = Anarchy Online
"avast" = avast! Internet Security
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor 4_is1" = AVS Video Editor 4
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"CamSpy_is1" = CamSpy V.4.2.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark Age of Camelot" = Dark Age of Camelot
"DesignWorkshop Lite" = DesignWorkshop Lite
"DivX Setup" = DivX-Setup
"DotAzilla" = DotAzilla
"eMule" = eMule
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download version 3.0.18.1123
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"Gpower_2.0i" = Gpower 2.0i
"HotspotShield" = Hotspot Shield 2.09
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"Office14.SingleImage" = Microsoft Office Professional 2010
"Origin" = Origin
"PC Wizard 2009_is1" = PC Wizard 2009.1.90
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"StarCraft II" = StarCraft II
"Steam App 17050" = Global Agenda - Demo
"Steam App 440" = Team Fortress 2
"Steam App 48700" = Mount and Blade: Warband
"Steam App 620" = Portal 2
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.16.0.0b
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"XMind" = XMind
"Xvid Video Codec 1.3.1" = Xvid Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Firefox 14.0 (x86 de)" = Mozilla Firefox 14.0 (x86 de)
"UnityWebPlayer" = Unity Web Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 20 Event Log Errors ==========
[ Antivirus Events ]
Error - 16.09.2009 19:21:33 | Computer Name = Jan-PC | Source = avast! | ID = 33554522
Description =
Error - 17.09.2009 05:00:11 | Computer Name = Jan-PC | Source = avast! | ID = 33554522
Description =
Error - 17.09.2009 05:56:22 | Computer Name = Jan-PC | Source = avast! | ID = 33554522
Description =
Error - 22.10.2009 07:03:02 | Computer Name = Jan-PC | Source = avast! | ID = 33554522
Description =
Error - 27.12.2009 11:32:26 | Computer Name = Jan-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 04.07.2012 12:18:52 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 08:52:55 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 09:23:59 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 09:26:41 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 09:27:19 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.0.4562 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f1c Startzeit:
01cd5ab1a71174d4 Endzeit: 0 Anwendungspfad: E:\Mozilla Firefox 4.0 Beta 7\firefox.exe
Berichts-ID:
21441f2d-c6a5-11e1-8387-f9c70f5bdb96
Error - 05.07.2012 09:37:27 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 09:41:35 | Computer Name = Jan-PC | Source = Application Hang | ID = 1002
Description = Programm rescue2usb.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 16c8 Startzeit:
01cd5ab37b82985e Endzeit: 60000 Anwendungspfad: K:\rescue2usb.exe Berichts-ID: f50278e2-c6a6-11e1-aeea-cfd931ad8d8f
Error - 05.07.2012 14:32:14 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 14:53:25 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.07.2012 16:21:28 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 05.07.2012 14:38:24 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:38:32 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:38:40 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:38:48 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:38:57 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:39:05 | Computer Name = Jan-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 05.07.2012 14:51:27 | Computer Name = Jan-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 05.07.2012 14:51:59 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BTHidMgr sptd
Error - 05.07.2012 16:19:25 | Computer Name = Jan-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 05.07.2012 16:20:05 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BTHidMgr sptd
< End of report >
Hoffe ihr könnt mir helfen. Beim Neustart wurde der Sperrbildschirm zwar von Malwarebytes blockiert, aber ich hätte das Ding schon gerne ganz weg.
Gruß |
