|
TR/TDss.bckj.7' und TR/FraudPack.auiv' gefunden! AntiVir Hallo! da mir mein AntiVir gerade bescheid gegeben hat das ich mir wohl diese zwei Trojaner eingefangen habe (TR/TDss.bckj.7' [trojan] und TR/FraudPack.auiv' [trojan] ), wollte ich mal meine Logs nach dem CCleaner und Malwarebytes checken lassen. Hier meine Logs: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4076 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 08.05.2010 12:28:27 mbam-log-2010-05-08 (12-28-27).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 300618 Laufzeit: 25 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) OTL logfile created on: 08.05.2010 12:32:50 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\****\Downloads 64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ******* Current User Name: ***** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (O&O Defrag) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH) DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (WINUSB) -- C:\Windows\SysNative\DRIVERS\WinUSB.SYS (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (cpuz132) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\Drivers\pcouffin.sys (VSO Software) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ATIAVAIW) -- C:\Windows\SysNative\DRIVERS\atinavt2.sys (ATI Technologies Inc.) DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (ATITool) -- C:\Windows\SysNative\DRIVERS\ATITool64.sys () DRV:64bit: - (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM) -- C:\Windows\SysNative\DRIVERS\s116unic.sys (MCCI Corporation) DRV:64bit: - (s116obex) -- C:\Windows\SysNative\DRIVERS\s116obex.sys (MCCI Corporation) DRV:64bit: - (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s116mgmt.sys (MCCI Corporation) DRV:64bit: - (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS) -- C:\Windows\SysNative\DRIVERS\s116nd5.sys (MCCI Corporation) DRV:64bit: - (s116mdm) -- C:\Windows\SysNative\DRIVERS\s116mdm.sys (MCCI Corporation) DRV:64bit: - (s116mdfl) -- C:\Windows\SysNative\DRIVERS\s116mdfl.sys (MCCI Corporation) DRV:64bit: - (s116bus) Sony Ericsson Device 116 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s116bus.sys (MCCI Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WinRing0_1_1_1) -- C:\C2DtoG15\WinRing0x64.sys (OpenLibSys.org) DRV - (CSC) -- C:\Windows\CSC [2008.06.27 13:03:40 | 000,000,000 | ---D | M] DRV - (FLASHSYS) -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys () DRV - (WINUSB) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (ENTECH64) -- C:\Windows\SysWOW64\drivers\Entech64.sys (EnTech Taiwan) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B3 C4 CA 1E 6B BF C9 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Ask" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.4 FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.02 09:05:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.05.08 10:42:07 | 000,000,000 | ---D | M] [2008.07.14 15:22:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2010.05.08 10:46:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions [2010.05.01 07:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010.05.01 07:08:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.05.01 07:08:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\2b4kc0u7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009.05.28 10:37:58 | 000,000,682 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\ask.xml [2008.07.29 17:40:29 | 000,000,523 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\daemon-search.xml [2009.04.23 07:53:39 | 000,001,744 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\FireFox\Profiles\2b4kc0u7.default\searchplugins\live-search.xml [2010.03.06 08:09:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2008.06.30 23:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npOGAPlugin.dll [2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.01 08:59:56 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MI1933~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a933f0ae-0591-11de-97f7-002185029410}\Shell - "" = AutoRun O33 - MountPoints2\{a933f0ae-0591-11de-97f7-002185029410}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{a933f0d8-0591-11de-97f7-002185029410}\Shell - "" = AutoRun O33 - MountPoints2\{a933f0d8-0591-11de-97f7-002185029410}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found O33 - MountPoints2\{f3982d78-b99f-11de-9f5b-002185029410}\Shell - "" = AutoRun O33 - MountPoints2\{f3982d78-b99f-11de-9f5b-002185029410}\Shell\AutoRun\command - "" = F:\Install.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk /p \??\H:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.08 11:35:39 | 000,000,000 | ---D | C] -- C:\avrescue [2010.05.08 11:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010.05.06 17:29:08 | 000,000,000 | ---D | C] -- C:\84e6b7a912312b6446727437d0 [2010.05.01 09:05:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.05.01 09:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.05.01 08:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group [2010.05.01 08:59:27 | 000,000,000 | ---D | C] -- C:\Windows\61D3AAE1D5214CD7939B37813DE8F955.TMP [2010.05.01 08:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010.05.01 08:09:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\jelbltpcp [2010.04.24 12:42:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\BFBC2 [2010.04.15 06:31:41 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.04.15 06:31:39 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010.04.15 06:31:39 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll [2010.04.15 06:31:33 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm [2010.04.15 06:31:33 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm [2010.04.15 06:31:33 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm [2010.04.15 06:31:33 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm [2010.04.15 06:30:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2010.04.15 06:30:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010.04.15 06:30:39 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2010.04.15 06:30:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010.04.09 16:25:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag [2010.04.09 16:24:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\O&O [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.08 12:34:06 | 004,456,448 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat [2010.05.08 11:33:55 | 000,001,724 | ---- | M] () -- C:\Users\Daniel\Desktop\CCleaner.lnk [2010.05.08 11:31:57 | 001,682,544 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.08 11:31:57 | 000,721,592 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.08 11:31:57 | 000,665,324 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.08 11:31:57 | 000,164,180 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.08 11:31:57 | 000,134,806 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.08 11:26:23 | 000,004,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.08 11:26:23 | 000,004,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.08 11:26:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.08 11:26:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.08 11:26:16 | 4294,225,920 | -HS- | M] () -- C:\hiberfil.sys [2010.05.08 11:26:14 | 002,781,067 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2010.05.08 10:01:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.05.08 10:01:46 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000001.regtrans-ms [2010.05.08 10:01:46 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TM.blf [2010.05.08 10:01:42 | 003,886,453 | -H-- | M] () -- C:\Users\Daniel\AppData\Local\IconCache.db [2010.05.07 16:25:56 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.05.07 16:25:56 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.05.06 20:08:14 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000002.regtrans-ms [2010.05.04 06:48:00 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000001.regtrans-ms [2010.05.04 06:48:00 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TM.blf [2010.05.01 09:23:15 | 000,001,928 | ---- | M] () -- C:\Users\Daniel\Desktop\HijackThis.lnk [2010.05.01 09:05:06 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.04.28 18:33:32 | 000,398,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.04.26 18:57:50 | 000,033,280 | ---- | M] () -- C:\Users\Daniel\Documents\KFW.doc [2010.04.24 12:41:43 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.04.24 12:41:43 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.04.23 19:38:58 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000002.regtrans-ms [2010.04.23 07:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Daniel\NTUSER.DAT{fcfc8c50-9e88-11de-9a6f-002185029410}.TMContainer00000000000000000001.regtrans-ms [2010.04.23 07:51:02 | 000,065,536 | -HS- | M] () -- C:\Users\Daniel\NTUSER.DAT{fcfc8c50-9e88-11de-9a6f-002185029410}.TM.blf [2010.04.17 09:10:18 | 000,010,843 | ---- | M] () -- C:\Users\Daniel\Documents\Einnahman Ausgaben.xlsx [2010.04.09 16:26:34 | 000,123,904 | ---- | M] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.09 16:23:45 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.08 11:33:55 | 000,001,724 | ---- | C] () -- C:\Users\Daniel\Desktop\CCleaner.lnk [2010.05.06 19:53:10 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000002.regtrans-ms [2010.05.06 19:53:10 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TMContainer00000000000000000001.regtrans-ms [2010.05.06 19:53:10 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{24342c1d-5938-11df-8576-002185029410}.TM.blf [2010.05.01 09:18:21 | 000,001,928 | ---- | C] () -- C:\Users\Daniel\Desktop\HijackThis.lnk [2010.05.01 09:05:06 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.26 18:43:41 | 000,033,280 | ---- | C] () -- C:\Users\Daniel\Documents\KFW.doc [2010.04.24 12:42:29 | 000,218,808 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.04.24 12:41:43 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.04.23 18:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000002.regtrans-ms [2010.04.23 18:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TMContainer00000000000000000001.regtrans-ms [2010.04.23 18:11:11 | 000,065,536 | -HS- | C] () -- C:\Users\Daniel\ntuser.dat{bbd8bd67-4ef2-11df-9fb6-002185029410}.TM.blf [2010.04.09 16:23:45 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [2010.01.20 18:57:22 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010.01.20 18:57:22 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009.10.25 12:43:43 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.10.25 12:43:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.08.29 10:34:59 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.08.29 10:34:59 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.07.12 12:06:39 | 000,000,170 | ---- | C] () -- C:\Windows\ODBC.INI [2009.07.10 15:31:17 | 000,000,032 | ---- | C] () -- C:\Windows\CD-Start.INI [2009.03.08 11:33:05 | 000,000,336 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008.07.21 16:12:04 | 000,495,616 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll [2008.07.21 16:12:04 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini [2008.07.11 13:11:21 | 000,000,004 | ---- | C] () -- C:\Windows\info147.sys [2008.07.03 20:07:12 | 001,664,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2008.06.27 17:03:55 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2008.06.27 14:22:25 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2008.01.21 04:48:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 72 bytes -> C:\Windows:76D44167FD72F082 @Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:425D0709 < End of report > |
OTL Extras logfile created on: 08.05.2010 12:32:50 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Daniel\Downloads 64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANIEL-SPIELE Current User Name: Daniel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 62 71 2D 74 DC 5B C8 01 [binary data] "VistaSp2" = F5 BE D2 83 74 55 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00A945D2-B3E3-4D17-8831-62448B64C517}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{01F2872E-7A73-4D9B-9EB2-08A105B6E151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{159B5243-2AF7-42A4-8077-B1CE9A4FA290}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{1A7137A9-F1D2-40BA-8151-E05E3D13FF88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{30B1996E-6A26-43E3-866E-7B9818C92B5C}" = rport=139 | protocol=6 | dir=out | app=system | "{3FACD1E9-1DD5-42B4-9777-168B4AC715CC}" = lport=139 | protocol=6 | dir=in | app=system | "{3FD2DA40-5387-4314-990B-25DF6E4B4BA8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4178A154-A687-44F9-BA49-D070586A0437}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{44C5353C-0A20-44B4-9117-A27ED64D9B34}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{564B0437-5C74-46DF-9D09-E54DC7B31A17}" = lport=445 | protocol=6 | dir=in | app=system | "{5724708B-FA92-427A-86BD-8889B8EE1BDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{59FD94F1-CC94-49FA-B72E-319F78563C79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5A97E134-6964-4EB8-97A2-0CE737E84745}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5D305AF4-0F1D-4FE5-A063-B7F1878B2EF1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{779B7F01-9B9A-4240-A39A-84AB1BA1ECE5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7D42E391-82DA-4DC4-A751-6CF4D8B48123}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{7E0A191B-B878-4152-9D84-8DF4CA900FD7}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{7E1374DC-E8C9-453A-BD89-CC4BE6912B89}" = lport=137 | protocol=17 | dir=in | app=system | "{860EBE5C-9EE2-4755-8DA4-F5DBFE6F81AA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{89B922A4-F4F0-47F0-BC54-89F37A59FAB7}" = rport=445 | protocol=6 | dir=out | app=system | "{8DFBCC2C-85DE-474C-8EEB-95F3A42EAB0B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{95F20670-5086-4121-95D6-3545E647514B}" = rport=138 | protocol=17 | dir=out | app=system | "{97849BE1-D637-4879-9313-E04A31DD82E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{98237B9A-ED0E-4106-836C-2EF1109FE608}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{B417D398-DE67-4584-8675-01D6C53AA0A8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B57C5129-3694-4723-BE0B-369A957B5032}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{CD7FD870-9377-49B5-BDA0-54BD2E4058F4}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{DDD8F22C-F495-4B41-A379-50416552FAD0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E62543D4-0D3D-4DF0-B599-6783811B4028}" = rport=137 | protocol=17 | dir=out | app=system | "{E6CE5DA6-BF98-45C3-B2E4-0A20ADB95F69}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{E794098A-0F71-4F47-88CA-164A15522D25}" = lport=138 | protocol=17 | dir=in | app=system | "{EBB4BD1F-3222-44E9-A817-41C621BCA747}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0576846B-D0EB-4A11-B842-005A74A5A7AD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{07947C16-44B6-49BE-B2DF-65C31785CAD1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{07D35AC0-D272-42DE-B9E0-F9BA61E2601B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0986D7B6-8F1E-48B5-AA57-7F608869BAFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe | "{0C36406C-3B12-4D4F-ADED-BED5BA3FF74A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{0C888B22-21B7-432A-96DA-4C04302ED61B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0CF8E246-F0EC-490E-B123-85A391E8D988}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0D057C31-1FBC-4FB3-8B2A-E3952F1EC21A}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{0D38E943-F40B-4362-9C96-DF29387E384C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{12039BB7-6E59-4183-BA71-B4ADAF7EE83E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{1745BAF2-C829-494B-945D-3F33E928E36E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{18A822EA-1A4E-4170-BD4D-D11504E13925}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{19EEB5DA-5FAD-45F6-B5A3-9E0F75CDDBA7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1E98EBED-8E81-448C-80A3-75D8BD23B24F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{217CE3BA-F2D5-494C-856E-EA0A902F73FC}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe | "{235B1A76-70BE-4BA7-9FAF-3F3B7A0BB605}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{23808F0A-9BF8-4417-A88B-4E4DF4976C45}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe | "{24793580-125B-4D22-9F3E-698DDDBB1A55}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{24C16246-D22F-47AE-9084-5D409AD90B25}" = protocol=6 | dir=in | app=d:\2142\bf2142.exe | "{25D4CFDE-28C5-4790-B63E-88809791A9C9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{287C1004-7419-4105-A114-BB7713B2F3CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{28DA9921-2670-4DE3-8DC2-6094678554ED}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2AC17A61-F0B8-45EE-BD1C-AC79F6E804E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2CA8A229-8796-483F-99CA-FBF8068E990B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2DDFFA27-8A56-4FE5-B2C7-4D7B4D5A9FBF}" = dir=in | app=d:\command\retailexe\1.4\cnc3game.dat | "{2E7ABE2D-2829-4AC1-98CF-2150ECACCD5D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3457B299-656D-4523-98A9-9AE9417935C6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3566C117-9838-4CB0-A18B-DC437D3081FA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{35C64713-8E60-4B5E-961C-D441E01FD281}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{36A74C75-848F-418F-A421-980948F667FF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{37DB583C-2711-4DBE-879A-BA3D99ED49D3}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{38900BC8-DD9E-4A17-8376-E25642DCDEE2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{393544D1-7E02-4A73-B16A-ED40823C2B43}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{398CB8D5-7FDE-4B60-862E-BCC481FF3F6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3A371543-BD0C-4910-BAB9-0C59BE440BC0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3C63D77E-6309-4DBA-9815-5075DFCBEC2D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3CFAD7DE-9BC1-43AC-BCC4-95C07E09C763}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3ED7F78E-E9E2-4A5B-9419-9B248BCC6DE5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe | "{3F9222A3-6D11-4D46-B7E1-AE0FC53ACC15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{40632805-E925-4B38-88B8-4C88AE5BB665}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4072F284-4A68-45AC-A504-E3E07212CAF3}" = protocol=6 | dir=in | app=d:\codwaw\codwawmp.exe | "{4225C9A8-616C-41F2-A0EA-1D568FC7F80E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{44D6D2A8-17B6-4261-BF81-3D45B1BC8EC2}" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe | "{453FABB3-CFBC-48EC-85FE-3C64435D6E80}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{47664A3C-25B2-47FE-B5E0-590220543A5C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{47E8C780-10CF-4BE2-B19B-6E956366E9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{4A011E32-5ACC-4A13-B003-1F64D05C5405}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{4E5A0EB9-6F00-4B7E-8987-0379090FB71C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4EBF4A93-B695-43F9-913E-0B54AA2533A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4FBF52E4-A95E-40F0-B5A9-CC7EA190B270}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{515D5F0C-2926-4CD2-88B0-CD71F75C3B7B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{51694DCE-B710-457C-9B4D-5E85D8D63E49}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{51718FF4-2759-47ED-8449-9FA5D830B2FC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{531DC9D7-89DD-4AED-BB4E-44915A10696B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{5377B5F6-6EFA-4D8B-84DA-48BB99EFC3CB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5688367C-C214-4529-A5FC-798418666CAE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{56FCDEEF-ED6B-45C8-8052-603BCE146969}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe | "{59F4BCE6-391D-4F34-883A-A513EAB7164E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{60015B62-B56E-43CD-8CEA-8061CCB47D2C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{64D2050F-ADF4-43C1-94C3-220D710172BA}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{68AD0357-F4A2-4338-B5C1-18B0D77F6E3B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{690C3A6B-5B95-4B49-A3A3-F883087AA128}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe | "{6EA501C0-00AB-4001-84BD-B7DC3005EE25}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6F1E5993-2839-460B-84E2-2CE218767A21}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6F38B0DA-BA4C-4A28-B37C-AACC11C56D43}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{7104C9AC-54F5-4674-961F-7B6EAD438D4A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7724DB0F-DF4F-4D90-A052-3343A3525C01}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{77A121C9-17CB-4A20-8D94-6094D9FAFA09}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7934CCB1-74AD-4463-B6B8-243094C85513}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{79626726-B305-4009-A311-BB476B0F2379}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe | "{7B23A9D1-3660-441C-87DE-CDB2BCB7E69F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7C9AFF93-423E-404E-B607-A0CEEF7AB817}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7E11A057-FEBC-4F3B-A077-19E9404CDE71}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{7F07A769-CEF3-45F9-A712-D215A690C62E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7F244385-6ADF-4BF0-A1D0-732CE256E52F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{83DA59E8-9E34-4E92-A5AE-DF20F954074C}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{85DC5DEE-817E-44C8-9CC2-7B92007BA880}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe | "{89DC7B80-33E0-4716-B4C0-A7B2CA94D1D3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{8E0B8806-B432-4A17-943B-23CCF1130410}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysis.exe | "{8F804F21-8E21-4829-BF1B-9819F655E2F0}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe | "{8FB29679-B574-4351-A378-E565815B535D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe | "{902BDE15-4D1D-4CC0-A9EA-812B691A51B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{91A477DE-B438-47F1-8DA7-DA80A84925A8}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysis.exe | "{972628CF-9FF5-4F54-AE1F-ED1769B7C029}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{988D0960-5B05-4806-85F9-754CE0926348}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{9AF60067-6946-4295-9FD5-C72E6D2F8300}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A6826213-E56B-4FA5-A53D-8273ADEABF47}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A935EEE8-445E-416B-818A-61E6B03F60B8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A9C7ED12-6A7F-4DE5-BC72-FF2E963DF6AC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AA6F4241-57E5-4F9F-985F-E2FCFF7BDF65}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AD2D6F68-5D16-4BFE-AEBA-3866AA6AF15C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysis.exe | "{AE91FF0E-F0C8-48CA-BF8C-A4200D514C9D}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | "{B047B339-77DC-4301-818C-E542F031FED3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B2931B90-341E-4A1A-8C2C-FA3D363A11B3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B34FCCC1-059D-4916-AC39-717399EB90E9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B36B6EFD-9632-49EE-886D-5E101E116081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{B3DE73FF-A725-46BC-A4D2-67B0E2BC66EE}" = protocol=17 | dir=in | app=d:\2142\bf2142.exe | "{B49D9C9B-06F8-4C01-9C39-654E67701E92}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B61DB972-6B82-47EB-BEC9-76256FBB7F59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B6408A21-0701-4166-BFC1-AAFDC0363CF1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{BBDDD651-9004-40D5-8C12-9D6A158D9B1D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{C0877BE4-F48C-4FBE-8127-31718E7F9C7F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C52FC946-6C36-469A-ADCC-56E947728511}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{C7CC3790-DD18-4800-BA7A-E1E98837D97C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe | "{CF683C53-303F-4995-817B-391A89317ED5}" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe | "{CFBBCE65-F656-43CA-92F7-5FD04DB2A694}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{CFDD3CA9-AEDC-432B-8C8C-BE10B4FD4CD8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D01F6DE5-8E78-4B04-9CBE-3E6D769AD29B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D25A4CA9-6D83-49CD-B53A-1F5EE01E0A64}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{D70F3310-9F3E-48F7-A3CF-4E3296836F12}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe | "{DBA99BA4-EA0E-4753-96D7-C3BF9A21F661}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe | "{DEFE7054-6699-4E61-977C-94111688F7F3}" = protocol=17 | dir=in | app=d:\codwaw\codwawmp.exe | "{E5DF02C1-EE8F-4A55-9FA0-BF942C5ED52D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E6340F84-C446-4B30-874E-01328ECAA4D3}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe | "{E855B351-8E85-435E-AB00-76BD4F291284}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E8D72A3F-8E8F-494C-995C-717E2A0649D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{EB95130A-B1FD-4446-90A5-B03DD48ADC88}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EB9C3D81-7C0A-4601-B9F2-F68E93FC6592}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EBFF26F3-09DA-4C5A-8875-337B15C07A39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{ED3D7540-F509-435E-9391-D5A75364A138}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{EE132866-00E3-44E8-8912-F47DC9DA9427}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EE4E8FB8-4021-44E4-AEA2-432C635186B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{F1B4B0A9-902D-4D8D-86CE-11995503072E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{F406D5B7-A7C3-4837-94DA-C365CB97CCBB}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | "{F42EF7FF-41A6-4EC6-9C0C-A5424572D9A3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F4D82591-0AD4-4822-924D-21B016B3E775}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysis.exe | "{F4EC5F6D-6131-4111-BA81-8C2E2743A38D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{F539D83D-3E1D-4D31-AC6E-0C6379DF995C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe | "{F89787C8-0656-4893-BE63-1FFF751A9E8D}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{FA03DA2D-C600-4571-ACB2-0B407B971D6C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FA4EAFEF-6237-44E5-9D7A-5279844F29EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FE8DCF82-B34E-442F-A980-572CDB15B78D}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe | "{FF25D47E-6838-4DC4-A503-03EAAA967A5C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "TCP Query User{0566C1BA-0C5E-4834-87F7-EBD7D89CAD51}D:\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\der herr der ringe online\lotroclient.exe | "TCP Query User{2673D3B3-94FF-40E3-8F1D-CD47E0727F91}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe | "TCP Query User{28FA41CA-C4ED-4DCD-8DB1-3209B31AC3F4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "TCP Query User{5929217B-929A-4957-8FAF-85108616614E}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | "TCP Query User{65BAD2FB-823A-43FB-9D2D-93BAAB0D89EB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "TCP Query User{6D1FE72D-7AE3-4986-8329-4F26E4E85854}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe | "TCP Query User{7BC0243E-CACC-4EFA-9F57-D382F9565551}D:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\world of warcraft\repair.exe | "TCP Query User{8A4DF1F5-BD2B-4D8C-A684-9F50BA2B81B1}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe | "TCP Query User{99B0D25F-636B-463E-8E0C-2EC73B520DDA}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "TCP Query User{9B013CE1-B8C4-4469-998C-D86598253114}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "TCP Query User{9CC1A83C-4494-4BCA-A323-B8EA96493639}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{A2F5D4DD-CE8B-4067-9152-3F0F2B9655F2}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "TCP Query User{A343CB53-8CBD-41AD-94DD-22C3BEAC7F30}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | "TCP Query User{A4DE5CA4-C47B-4697-8F78-1B3D76A542F1}D:\codwaw\codwaw.exe" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe | "TCP Query User{AAA17FA3-E0F9-4278-B378-C88F529359AD}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{B251ED16-B569-4062-A969-5B205EF01768}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{D3CB2227-D97C-4FF4-B713-CECFD1BD2A4E}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | "UDP Query User{0713CBB8-F1A2-4D9F-93C0-BA842AFB5F91}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe | "UDP Query User{07806BFD-161B-4127-97F4-629CA3D6A1A1}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "UDP Query User{0D9D56FD-AEB7-4156-B5A7-779EC7A62417}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "UDP Query User{22AE314E-35B4-4100-AB0E-EE94B8B0ECD5}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | "UDP Query User{321DD32A-9037-4743-BBB1-7EC893181C2E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{5794B503-A926-4E94-8AC3-ECC7C3E92484}D:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\world of warcraft\repair.exe | "UDP Query User{6C551323-66AC-44A4-B000-012DB8C77353}D:\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\der herr der ringe online\lotroclient.exe | "UDP Query User{75AC708E-A184-409F-A22C-67EA3B0FA954}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{AE0537C2-F154-44E2-B7F1-779C2C730276}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | "UDP Query User{B69E31A7-9CBC-4A25-AA5C-093C52D70DA4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "UDP Query User{C408DF55-E1A1-42F3-87EA-1716697C8862}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | "UDP Query User{E0F7B66F-7D9D-47F0-8907-7A80E57DC815}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{EFCAF346-FB00-4513-BAC2-32651F4CBA15}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe | "UDP Query User{F22CA7D9-1E0E-4247-ABC3-368BC6770747}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "UDP Query User{F46D6087-2FA1-4776-B1D9-1E11EFEB801A}D:\codwaw\codwaw.exe" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe | "UDP Query User{FA403B39-61AE-4573-B5F0-D614CD7D397E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{FB8E9030-4DDF-4208-8B21-EFF253F7592B}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830 "{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{53480360-C6AA-4E73-A4E3-1C4C915E049F}" = O&O Defrag Professional Edition "{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module "CPUID CPU-Z_is1" = CPUID CPU-Z 1.53 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86) "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{2A3C0247-7F29-446D-B418-D17A5256EDA5}" = REWI-Zentrale "{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light "{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing "{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{572DB52C-9A8A-4FAB-B84C-DE82C59F86E1}" = REWI-LV "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full "{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_WebDesignerLPK.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_WebDesignerLPK.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}_WebDesignerLPK.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1) "{90120000-0026-0407-0000-0000000FF1CE}" = Microsoft Expression Web MUI (German) "{90120000-0026-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English) "{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0032-0407-0000-0000000FF1CE}" = Microsoft Expression Web Language Pack (German) "{90120000-0032-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B0-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86) "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010 "{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista "{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3 "{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}" = Microsoft Office Outlook SMS Add-in "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Schatten von Angmar v01.04.00.80 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "ENTERPRISE" = Microsoft Office Enterprise 2007 "FLV Player" = FLV Player 2.0, build 24 "HijackThis" = HijackThis 2.0.2 "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "Liveupdate4_is1" = Liveupdate4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mobile Partner" = Mobile Partner "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "MP Navigator 2.2" = Canon MP Navigator 2.2 "PunkBusterSvc" = PunkBuster Services "Steam App 24960" = Battlefield: Bad Company 2 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TuneUp Utilities" = TuneUp Utilities "VLC media player" = VLC media player 0.9.9 "WebDesigner" = Microsoft Expression Web "WebDesignerLPK.de-de" = Microsoft Expression Web Language Pack - German/Deutsch "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft "Xvid_is1" = Xvid 1.1.3 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.1.2 "InstallShield_{20BD3140-16AF-4B5F-BCD6-052B6CD11DE6}" = ROUTE 66 Sync "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11.04.2010 07:06:34 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung WMPSideShowGadget.exe, Version 11.0.6001.7000, Zeitstempel 0x47919dd9, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e041d1, Ausnahmecode 0xc000001d, Fehleroffset 0x00000000000176fd, Prozess-ID 0xec8, Anwendungsstartzeit 01cad9401da6eddb. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 16.04.2010 14:32:54 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 16.04.2010 14:32:55 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 24.04.2010 06:41:36 | Computer Name = Daniel-Spiele | Source = System Restore | ID = 8193 Description = Error - 25.04.2010 01:05:48 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung SilentUpdater.exe, Version 9.0.4030.5, Zeitstempel 0x4b86b7c4, fehlerhaftes Modul rtl120.bpl, Version 6.0.6002.18005, Zeitstempel 0x49e03824, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f04e, Prozess-ID 0x714, Anwendungsstartzeit 01cae434f6972dc2. Error - 25.04.2010 08:51:55 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung BFBC2Game.exe, Version 1.0.1.0, Zeitstempel 0x4bc75d63, fehlerhaftes Modul atiumdva.dll, Version 8.14.10.247, Zeitstempel 0x4b68ef67, Ausnahmecode 0xc0000005, Fehleroffset 0x00001675, Prozess-ID 0x1254, Anwendungsstartzeit 01cae467eb8da652. [ OSession Events ] Error - 24.12.2008 12:32:34 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 87 seconds with 60 seconds of active time. This session ended with a crash. Error - 12.01.2009 03:58:42 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 282 seconds with 180 seconds of active time. This session ended with a crash. Error - 05.05.2009 02:05:12 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71 seconds with 0 seconds of active time. This session ended with a crash. Error - 19.06.2009 14:59:07 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 15.12.2009 13:44:26 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 07.05.2010 09:12:43 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 09:49:05 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 10:19:06 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 07.05.2010 um 16:16:23 unerwartet heruntergefahren. Error - 07.05.2010 10:20:48 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 10:46:36 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 00:36:35 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 04:41:47 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 05:18:58 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 08.05.2010 um 11:15:59 unerwartet heruntergefahren. Error - 08.05.2010 05:26:20 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 08.05.2010 um 11:19:58 unerwartet heruntergefahren. Error - 08.05.2010 05:28:01 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = < End of report > Danke! |
OTL Extras logfile created on: 08.05.2010 12:32:50 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Daniel\Downloads 64bit-Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 98,96 Gb Free Space | 67,56% Space Free | Partition Type: NTFS Drive D: | 151,60 Gb Total Space | 79,16 Gb Free Space | 52,22% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DANIEL-SPIELE Current User Name: Daniel Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MI1933~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 62 71 2D 74 DC 5B C8 01 [binary data] "VistaSp2" = F5 BE D2 83 74 55 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found "C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00A945D2-B3E3-4D17-8831-62448B64C517}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{01F2872E-7A73-4D9B-9EB2-08A105B6E151}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{159B5243-2AF7-42A4-8077-B1CE9A4FA290}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{1A7137A9-F1D2-40BA-8151-E05E3D13FF88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{30B1996E-6A26-43E3-866E-7B9818C92B5C}" = rport=139 | protocol=6 | dir=out | app=system | "{3FACD1E9-1DD5-42B4-9777-168B4AC715CC}" = lport=139 | protocol=6 | dir=in | app=system | "{3FD2DA40-5387-4314-990B-25DF6E4B4BA8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4178A154-A687-44F9-BA49-D070586A0437}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{44C5353C-0A20-44B4-9117-A27ED64D9B34}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{564B0437-5C74-46DF-9D09-E54DC7B31A17}" = lport=445 | protocol=6 | dir=in | app=system | "{5724708B-FA92-427A-86BD-8889B8EE1BDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{59FD94F1-CC94-49FA-B72E-319F78563C79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5A97E134-6964-4EB8-97A2-0CE737E84745}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5D305AF4-0F1D-4FE5-A063-B7F1878B2EF1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{779B7F01-9B9A-4240-A39A-84AB1BA1ECE5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{7D42E391-82DA-4DC4-A751-6CF4D8B48123}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{7E0A191B-B878-4152-9D84-8DF4CA900FD7}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{7E1374DC-E8C9-453A-BD89-CC4BE6912B89}" = lport=137 | protocol=17 | dir=in | app=system | "{860EBE5C-9EE2-4755-8DA4-F5DBFE6F81AA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{89B922A4-F4F0-47F0-BC54-89F37A59FAB7}" = rport=445 | protocol=6 | dir=out | app=system | "{8DFBCC2C-85DE-474C-8EEB-95F3A42EAB0B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{95F20670-5086-4121-95D6-3545E647514B}" = rport=138 | protocol=17 | dir=out | app=system | "{97849BE1-D637-4879-9313-E04A31DD82E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{98237B9A-ED0E-4106-836C-2EF1109FE608}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{B417D398-DE67-4584-8675-01D6C53AA0A8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B57C5129-3694-4723-BE0B-369A957B5032}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{CD7FD870-9377-49B5-BDA0-54BD2E4058F4}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{DDD8F22C-F495-4B41-A379-50416552FAD0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E62543D4-0D3D-4DF0-B599-6783811B4028}" = rport=137 | protocol=17 | dir=out | app=system | "{E6CE5DA6-BF98-45C3-B2E4-0A20ADB95F69}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{E794098A-0F71-4F47-88CA-164A15522D25}" = lport=138 | protocol=17 | dir=in | app=system | "{EBB4BD1F-3222-44E9-A817-41C621BCA747}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0576846B-D0EB-4A11-B842-005A74A5A7AD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{07947C16-44B6-49BE-B2DF-65C31785CAD1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{07D35AC0-D272-42DE-B9E0-F9BA61E2601B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0986D7B6-8F1E-48B5-AA57-7F608869BAFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe | "{0C36406C-3B12-4D4F-ADED-BED5BA3FF74A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{0C888B22-21B7-432A-96DA-4C04302ED61B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0CF8E246-F0EC-490E-B123-85A391E8D988}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0D057C31-1FBC-4FB3-8B2A-E3952F1EC21A}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{0D38E943-F40B-4362-9C96-DF29387E384C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{12039BB7-6E59-4183-BA71-B4ADAF7EE83E}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{1745BAF2-C829-494B-945D-3F33E928E36E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{18A822EA-1A4E-4170-BD4D-D11504E13925}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{19EEB5DA-5FAD-45F6-B5A3-9E0F75CDDBA7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1E98EBED-8E81-448C-80A3-75D8BD23B24F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{217CE3BA-F2D5-494C-856E-EA0A902F73FC}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe | "{235B1A76-70BE-4BA7-9FAF-3F3B7A0BB605}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{23808F0A-9BF8-4417-A88B-4E4DF4976C45}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe | "{24793580-125B-4D22-9F3E-698DDDBB1A55}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{24C16246-D22F-47AE-9084-5D409AD90B25}" = protocol=6 | dir=in | app=d:\2142\bf2142.exe | "{25D4CFDE-28C5-4790-B63E-88809791A9C9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{287C1004-7419-4105-A114-BB7713B2F3CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{28DA9921-2670-4DE3-8DC2-6094678554ED}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2AC17A61-F0B8-45EE-BD1C-AC79F6E804E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2CA8A229-8796-483F-99CA-FBF8068E990B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2DDFFA27-8A56-4FE5-B2C7-4D7B4D5A9FBF}" = dir=in | app=d:\command\retailexe\1.4\cnc3game.dat | "{2E7ABE2D-2829-4AC1-98CF-2150ECACCD5D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3457B299-656D-4523-98A9-9AE9417935C6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3566C117-9838-4CB0-A18B-DC437D3081FA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{35C64713-8E60-4B5E-961C-D441E01FD281}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{36A74C75-848F-418F-A421-980948F667FF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{37DB583C-2711-4DBE-879A-BA3D99ED49D3}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{38900BC8-DD9E-4A17-8376-E25642DCDEE2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{393544D1-7E02-4A73-B16A-ED40823C2B43}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{398CB8D5-7FDE-4B60-862E-BCC481FF3F6C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3A371543-BD0C-4910-BAB9-0C59BE440BC0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3C63D77E-6309-4DBA-9815-5075DFCBEC2D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{3CFAD7DE-9BC1-43AC-BCC4-95C07E09C763}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{3ED7F78E-E9E2-4A5B-9419-9B248BCC6DE5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe | "{3F9222A3-6D11-4D46-B7E1-AE0FC53ACC15}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{40632805-E925-4B38-88B8-4C88AE5BB665}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4072F284-4A68-45AC-A504-E3E07212CAF3}" = protocol=6 | dir=in | app=d:\codwaw\codwawmp.exe | "{4225C9A8-616C-41F2-A0EA-1D568FC7F80E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{44D6D2A8-17B6-4261-BF81-3D45B1BC8EC2}" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe | "{453FABB3-CFBC-48EC-85FE-3C64435D6E80}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{47664A3C-25B2-47FE-B5E0-590220543A5C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{47E8C780-10CF-4BE2-B19B-6E956366E9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{4A011E32-5ACC-4A13-B003-1F64D05C5405}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{4E5A0EB9-6F00-4B7E-8987-0379090FB71C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4EBF4A93-B695-43F9-913E-0B54AA2533A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4FBF52E4-A95E-40F0-B5A9-CC7EA190B270}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{515D5F0C-2926-4CD2-88B0-CD71F75C3B7B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{51694DCE-B710-457C-9B4D-5E85D8D63E49}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{51718FF4-2759-47ED-8449-9FA5D830B2FC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{531DC9D7-89DD-4AED-BB4E-44915A10696B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{5377B5F6-6EFA-4D8B-84DA-48BB99EFC3CB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5688367C-C214-4529-A5FC-798418666CAE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{56FCDEEF-ED6B-45C8-8052-603BCE146969}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx9.exe | "{59F4BCE6-391D-4F34-883A-A513EAB7164E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{60015B62-B56E-43CD-8CEA-8061CCB47D2C}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | "{64D2050F-ADF4-43C1-94C3-220D710172BA}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{68AD0357-F4A2-4338-B5C1-18B0D77F6E3B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{690C3A6B-5B95-4B49-A3A3-F883087AA128}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe | "{6EA501C0-00AB-4001-84BD-B7DC3005EE25}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{6F1E5993-2839-460B-84E2-2CE218767A21}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{6F38B0DA-BA4C-4A28-B37C-AACC11C56D43}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "{7104C9AC-54F5-4674-961F-7B6EAD438D4A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7724DB0F-DF4F-4D90-A052-3343A3525C01}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{77A121C9-17CB-4A20-8D94-6094D9FAFA09}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7934CCB1-74AD-4463-B6B8-243094C85513}" = protocol=6 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{79626726-B305-4009-A311-BB476B0F2379}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe | "{7B23A9D1-3660-441C-87DE-CDB2BCB7E69F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7C9AFF93-423E-404E-B607-A0CEEF7AB817}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7E11A057-FEBC-4F3B-A077-19E9404CDE71}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | "{7F07A769-CEF3-45F9-A712-D215A690C62E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{7F244385-6ADF-4BF0-A1D0-732CE256E52F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{83DA59E8-9E34-4E92-A5AE-DF20F954074C}" = protocol=17 | dir=in | app=c:\program files (x86)\curse\curseclient.exe | "{85DC5DEE-817E-44C8-9CC2-7B92007BA880}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe | "{89DC7B80-33E0-4716-B4C0-A7B2CA94D1D3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{8E0B8806-B432-4A17-943B-23CCF1130410}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysis.exe | "{8F804F21-8E21-4829-BF1B-9819F655E2F0}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe | "{8FB29679-B574-4351-A378-E565815B535D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe | "{902BDE15-4D1D-4CC0-A9EA-812B691A51B7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{91A477DE-B438-47F1-8DA7-DA80A84925A8}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysis.exe | "{972628CF-9FF5-4F54-AE1F-ED1769B7C029}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{988D0960-5B05-4806-85F9-754CE0926348}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{9AF60067-6946-4295-9FD5-C72E6D2F8300}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A6826213-E56B-4FA5-A53D-8273ADEABF47}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A935EEE8-445E-416B-818A-61E6B03F60B8}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{A9C7ED12-6A7F-4DE5-BC72-FF2E963DF6AC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AA6F4241-57E5-4F9F-985F-E2FCFF7BDF65}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{AD2D6F68-5D16-4BFE-AEBA-3866AA6AF15C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysis.exe | "{AE91FF0E-F0C8-48CA-BF8C-A4200D514C9D}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | "{B047B339-77DC-4301-818C-E542F031FED3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B2931B90-341E-4A1A-8C2C-FA3D363A11B3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B34FCCC1-059D-4916-AC39-717399EB90E9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{B36B6EFD-9632-49EE-886D-5E101E116081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{B3DE73FF-A725-46BC-A4D2-67B0E2BC66EE}" = protocol=17 | dir=in | app=d:\2142\bf2142.exe | "{B49D9C9B-06F8-4C01-9C39-654E67701E92}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B61DB972-6B82-47EB-BEC9-76256FBB7F59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{B6408A21-0701-4166-BFC1-AAFDC0363CF1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{BBDDD651-9004-40D5-8C12-9D6A158D9B1D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | "{C0877BE4-F48C-4FBE-8127-31718E7F9C7F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C52FC946-6C36-469A-ADCC-56E947728511}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{C7CC3790-DD18-4800-BA7A-E1E98837D97C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3sp.exe | "{CF683C53-303F-4995-817B-391A89317ED5}" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe | "{CFBBCE65-F656-43CA-92F7-5FD04DB2A694}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{CFDD3CA9-AEDC-432B-8C8C-BE10B4FD4CD8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D01F6DE5-8E78-4B04-9CBE-3E6D769AD29B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{D25A4CA9-6D83-49CD-B53A-1F5EE01E0A64}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{D70F3310-9F3E-48F7-A3CF-4E3296836F12}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty 4\iw3mp.exe | "{DBA99BA4-EA0E-4753-96D7-C3BF9A21F661}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe | "{DEFE7054-6699-4E61-977C-94111688F7F3}" = protocol=17 | dir=in | app=d:\codwaw\codwawmp.exe | "{E5DF02C1-EE8F-4A55-9FA0-BF942C5ED52D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E6340F84-C446-4B30-874E-01328ECAA4D3}" = protocol=6 | dir=in | app=d:\assassin creed\assassinscreed_launcher.exe | "{E855B351-8E85-435E-AB00-76BD4F291284}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E8D72A3F-8E8F-494C-995C-717E2A0649D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{EB95130A-B1FD-4446-90A5-B03DD48ADC88}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EB9C3D81-7C0A-4601-B9F2-F68E93FC6592}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EBFF26F3-09DA-4C5A-8875-337B15C07A39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{ED3D7540-F509-435E-9391-D5A75364A138}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{EE132866-00E3-44E8-8912-F47DC9DA9427}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EE4E8FB8-4021-44E4-AEA2-432C635186B8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | "{F1B4B0A9-902D-4D8D-86CE-11995503072E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{F406D5B7-A7C3-4837-94DA-C365CB97CCBB}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe | "{F42EF7FF-41A6-4EC6-9C0C-A5424572D9A3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{F4D82591-0AD4-4822-924D-21B016B3E775}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysis.exe | "{F4EC5F6D-6131-4111-BA81-8C2E2743A38D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{F539D83D-3E1D-4D31-AC6E-0C6379DF995C}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe | "{F89787C8-0656-4893-BE63-1FFF751A9E8D}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | "{FA03DA2D-C600-4571-ACB2-0B407B971D6C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FA4EAFEF-6237-44E5-9D7A-5279844F29EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{FE8DCF82-B34E-442F-A980-572CDB15B78D}" = protocol=17 | dir=in | app=d:\assassin creed\assassinscreed_dx10.exe | "{FF25D47E-6838-4DC4-A503-03EAAA967A5C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "TCP Query User{0566C1BA-0C5E-4834-87F7-EBD7D89CAD51}D:\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=d:\der herr der ringe online\lotroclient.exe | "TCP Query User{2673D3B3-94FF-40E3-8F1D-CD47E0727F91}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe | "TCP Query User{28FA41CA-C4ED-4DCD-8DB1-3209B31AC3F4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "TCP Query User{5929217B-929A-4957-8FAF-85108616614E}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | "TCP Query User{65BAD2FB-823A-43FB-9D2D-93BAAB0D89EB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "TCP Query User{6D1FE72D-7AE3-4986-8329-4F26E4E85854}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe | "TCP Query User{7BC0243E-CACC-4EFA-9F57-D382F9565551}D:\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\world of warcraft\repair.exe | "TCP Query User{8A4DF1F5-BD2B-4D8C-A684-9F50BA2B81B1}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe | "TCP Query User{99B0D25F-636B-463E-8E0C-2EC73B520DDA}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "TCP Query User{9B013CE1-B8C4-4469-998C-D86598253114}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "TCP Query User{9CC1A83C-4494-4BCA-A323-B8EA96493639}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{A2F5D4DD-CE8B-4067-9152-3F0F2B9655F2}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "TCP Query User{A343CB53-8CBD-41AD-94DD-22C3BEAC7F30}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe | "TCP Query User{A4DE5CA4-C47B-4697-8F78-1B3D76A542F1}D:\codwaw\codwaw.exe" = protocol=6 | dir=in | app=d:\codwaw\codwaw.exe | "TCP Query User{AAA17FA3-E0F9-4278-B378-C88F529359AD}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{B251ED16-B569-4062-A969-5B205EF01768}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{D3CB2227-D97C-4FF4-B713-CECFD1BD2A4E}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | "UDP Query User{0713CBB8-F1A2-4D9F-93C0-BA842AFB5F91}C:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\bin\route66sync.exe | "UDP Query User{07806BFD-161B-4127-97F4-629CA3D6A1A1}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | "UDP Query User{0D9D56FD-AEB7-4156-B5A7-779EC7A62417}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "UDP Query User{22AE314E-35B4-4100-AB0E-EE94B8B0ECD5}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | "UDP Query User{321DD32A-9037-4743-BBB1-7EC893181C2E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{5794B503-A926-4E94-8AC3-ECC7C3E92484}D:\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\world of warcraft\repair.exe | "UDP Query User{6C551323-66AC-44A4-B000-012DB8C77353}D:\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=d:\der herr der ringe online\lotroclient.exe | "UDP Query User{75AC708E-A184-409F-A22C-67EA3B0FA954}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{AE0537C2-F154-44E2-B7F1-779C2C730276}C:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe | "UDP Query User{B69E31A7-9CBC-4A25-AA5C-093C52D70DA4}C:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\daniel\desktop\my mobile\mymobiler\mymobiler.exe | "UDP Query User{C408DF55-E1A1-42F3-87EA-1716697C8862}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe | "UDP Query User{E0F7B66F-7D9D-47F0-8907-7A80E57DC815}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{EFCAF346-FB00-4513-BAC2-32651F4CBA15}C:\users\daniel\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\daniel\program files (x86)\dna\btdna.exe | "UDP Query User{F22CA7D9-1E0E-4247-ABC3-368BC6770747}D:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | "UDP Query User{F46D6087-2FA1-4776-B1D9-1E11EFEB801A}D:\codwaw\codwaw.exe" = protocol=17 | dir=in | app=d:\codwaw\codwaw.exe | "UDP Query User{FA403B39-61AE-4573-B5F0-D614CD7D397E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{FB8E9030-4DDF-4208-8B21-EFF253F7592B}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830 "{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{53480360-C6AA-4E73-A4E3-1C4C915E049F}" = O&O Defrag Professional Edition "{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BC84C1E9-F4D4-4B8E-B35C-C88EEA0A5201}" = O&O Defrag Professional "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module "CPUID CPU-Z_is1" = CPUID CPU-Z 1.53 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86) "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{2A3C0247-7F29-446D-B418-D17A5256EDA5}" = REWI-Zentrale "{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK "{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light "{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing "{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{572DB52C-9A8A-4FAB-B84C-DE82C59F86E1}" = REWI-LV "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English "{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full "{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_WebDesignerLPK.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_WebDesignerLPK.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}_WebDesignerLPK.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1) "{90120000-0026-0407-0000-0000000FF1CE}" = Microsoft Expression Web MUI (German) "{90120000-0026-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English) "{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0032-0407-0000-0000000FF1CE}" = Microsoft Expression Web Language Pack (German) "{90120000-0032-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B0-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_WebDesignerLPK.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86) "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010 "{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista "{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3 "{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}" = Microsoft Office Outlook SMS Add-in "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Schatten von Angmar v01.04.00.80 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "ENTERPRISE" = Microsoft Office Enterprise 2007 "FLV Player" = FLV Player 2.0, build 24 "HijackThis" = HijackThis 2.0.2 "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "Liveupdate4_is1" = Liveupdate4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mobile Partner" = Mobile Partner "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "MP Navigator 2.2" = Canon MP Navigator 2.2 "PunkBusterSvc" = PunkBuster Services "Steam App 24960" = Battlefield: Bad Company 2 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TuneUp Utilities" = TuneUp Utilities "VLC media player" = VLC media player 0.9.9 "WebDesigner" = Microsoft Expression Web "WebDesignerLPK.de-de" = Microsoft Expression Web Language Pack - German/Deutsch "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft "Xvid_is1" = Xvid 1.1.3 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FileZilla Client" = FileZilla Client 3.1.2 "InstallShield_{20BD3140-16AF-4B5F-BCD6-052B6CD11DE6}" = ROUTE 66 Sync "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11.04.2010 07:06:34 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung WMPSideShowGadget.exe, Version 11.0.6001.7000, Zeitstempel 0x47919dd9, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e041d1, Ausnahmecode 0xc000001d, Fehleroffset 0x00000000000176fd, Prozess-ID 0xec8, Anwendungsstartzeit 01cad9401da6eddb. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 11.04.2010 07:07:42 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 16.04.2010 14:32:54 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Error - 16.04.2010 14:32:55 | Computer Name = Daniel-Spiele | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest. Error - 24.04.2010 06:41:36 | Computer Name = Daniel-Spiele | Source = System Restore | ID = 8193 Description = Error - 25.04.2010 01:05:48 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung SilentUpdater.exe, Version 9.0.4030.5, Zeitstempel 0x4b86b7c4, fehlerhaftes Modul rtl120.bpl, Version 6.0.6002.18005, Zeitstempel 0x49e03824, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f04e, Prozess-ID 0x714, Anwendungsstartzeit 01cae434f6972dc2. Error - 25.04.2010 08:51:55 | Computer Name = Daniel-Spiele | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung BFBC2Game.exe, Version 1.0.1.0, Zeitstempel 0x4bc75d63, fehlerhaftes Modul atiumdva.dll, Version 8.14.10.247, Zeitstempel 0x4b68ef67, Ausnahmecode 0xc0000005, Fehleroffset 0x00001675, Prozess-ID 0x1254, Anwendungsstartzeit 01cae467eb8da652. [ OSession Events ] Error - 24.12.2008 12:32:34 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 87 seconds with 60 seconds of active time. This session ended with a crash. Error - 12.01.2009 03:58:42 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 282 seconds with 180 seconds of active time. This session ended with a crash. Error - 05.05.2009 02:05:12 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 71 seconds with 0 seconds of active time. This session ended with a crash. Error - 19.06.2009 14:59:07 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 15.12.2009 13:44:26 | Computer Name = Daniel-Spiele | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 07.05.2010 09:12:43 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 09:49:05 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 10:19:06 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 07.05.2010 um 16:16:23 unerwartet heruntergefahren. Error - 07.05.2010 10:20:48 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 07.05.2010 10:46:36 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 00:36:35 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 04:41:47 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = Error - 08.05.2010 05:18:58 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 08.05.2010 um 11:15:59 unerwartet heruntergefahren. Error - 08.05.2010 05:26:20 | Computer Name = Daniel-Spiele | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 08.05.2010 um 11:19:58 unerwartet heruntergefahren. Error - 08.05.2010 05:28:01 | Computer Name = Daniel-Spiele | Source = Service Control Manager | ID = 7000 Description = < End of report > Danke! |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 01:08 Uhr. |
Copyright ©2000-2025, Trojaner-Board