Polizei Virus
Hallo liebes Team...
Habe mir heute Vormittag den "Polizei-Virus" eingefangen.
Sobald der Pc eine Internetverbindung aufbaut wird der Bildschirm weiß und es kommt die bekannte Seite + Webcam von mir...
Ich habe OTL schon mal wie beschrieben benutzt...OTL Logfile:
OTL EXTRAS Logfile: Code:
OTL logfile created on: 8/31/2012 3:06:21 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Mano\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.48 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 64.95% Memory free
6.96 Gb Paging File | 5.59 Gb Available in Paging File | 80.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 53.36 Gb Free Space | 37.71% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 140.91 Gb Free Space | 99.59% Space Free | Partition Type: NTFS
Drive F: | 477.11 Mb Total Space | 476.45 Mb Free Space | 99.86% Space Free | Partition Type: FAT
Computer Name: MT | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Mano\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
PRC - C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6\ScriptHelper.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\PROGRA~1\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
PRC - C:\Program Files\Logitech\SetPoint II\SetpointII.exe (Logitech Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
PRC - C:\Windows\System32\Rezip.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6\ScriptHelper.exe ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (vToolbarUpdater12.2.6) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\System32\Rezip.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (nhcDriverDevice) -- C:\Windows\System32\drivers\nhcDriver.sys (Notebook Hardware Control)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ig
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={48F6A216-23B1-4211-9927-3F2385AAE65E}&mid=a016ff37fffb193b7463f4f350f1c4d1-8a2325216bd74743ebe55d84b2c4faf227962e55&lang=de&ds=AVG&pr=fr&d=2012-05-31 19:58:49&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/17 16:24:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/08/29 16:56:36 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Userinit] C:\Users\Mano\AppData\Roaming\appConf32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.33.216.3 193.33.216.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FA2DFDC-D610-43F2-A0F6-461FC7CCBA84}: DhcpNameServer = 193.33.216.3 193.33.216.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5FFB13-942A-4BFE-8062-4E8F59AD1F02}: DhcpNameServer = 193.33.216.3 193.33.216.4 78.46.105.56
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1c3de0f4-3048-11df-9b32-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{1c3de0f4-3048-11df-9b32-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{40f3abb5-2dfb-11df-b380-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{40f3abb5-2dfb-11df-b380-0024545f8488}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{40f3abbc-2dfb-11df-b380-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{40f3abbc-2dfb-11df-b380-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{5c463b88-3d51-11df-b0a4-0024545f8488}\Shell - "" = AutoRun
O33 - MountPoints2\{5c463b88-3d51-11df-b0a4-0024545f8488}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/08/31 15:04:21 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Mano\Desktop\OTL.exe
[2012/08/29 16:56:19 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\windows\System32\drivers\avgtpx86.sys
[2012/08/29 16:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/08/29 16:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/08/29 16:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[1 C:\Users\Mano\AppData\Roaming\*.tmp files -> C:\Users\Mano\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/08/31 15:02:24 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Mano\Desktop\OTL.exe
[2012/08/31 14:21:46 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 14:21:46 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 14:14:36 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/31 14:14:34 | 2804,121,600 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/31 13:03:50 | 004,503,728 | ---- | M] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/08/31 13:03:48 | 000,198,200 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:03:48 | 000,007,424 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/31 13:03:37 | 000,000,017 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\blckdom.res
[2012/08/31 07:11:07 | 105,388,475 | ---- | M] () -- C:\windows\System32\drivers\AVG\incavi.avm
[2012/08/31 07:05:02 | 000,001,893 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/08/30 17:01:09 | 000,198,288 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe204.dll
[2012/08/30 06:55:12 | 000,007,600 | ---- | M] () -- C:\Users\Mano\AppData\Local\Resmon.ResmonCfg
[2012/08/29 17:09:29 | 000,246,932 | ---- | M] () -- C:\windows\System32\drivers\AVG\iavichjg.avm
[2012/08/29 17:08:33 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/08/29 16:56:19 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\windows\System32\drivers\avgtpx86.sys
[2012/08/29 16:39:55 | 000,000,600 | ---- | M] () -- C:\Users\Mano\AppData\Local\PUTTY.RND
[2012/08/20 12:09:05 | 000,006,400 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe195.dll
[2012/08/17 17:15:12 | 000,006,400 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe193.dll
[2012/08/14 09:36:25 | 000,000,437 | ---- | M] () -- C:\Users\Mano\AppData\Roaming\urhtps.dat
[2012/08/12 09:34:54 | 000,027,520 | ---- | M] () -- C:\Users\Mano\AppData\Local\dt.dat
[1 C:\Users\Mano\AppData\Roaming\*.tmp files -> C:\Users\Mano\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/08/31 13:03:48 | 000,198,200 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:03:48 | 000,007,424 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/31 07:05:02 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/08/31 07:05:02 | 000,001,893 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012/08/30 17:01:09 | 000,198,288 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\AcroIEHelpe204.dll
[2012/08/29 16:40:39 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/08/24 12:47:21 | 000,000,017 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\blckdom.res
[2012/08/20 12:09:05 | 000,006,400 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe195.dll
[2012/08/17 17:15:12 | 000,006,400 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe193.dll
[2012/08/12 09:34:54 | 000,027,520 | ---- | C] () -- C:\Users\Mano\AppData\Local\dt.dat
[2012/06/24 16:57:00 | 000,007,224 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe148.dll
[2012/06/22 13:24:48 | 000,007,224 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\BAcroIEHelpe147.dll
[2012/06/14 17:23:39 | 000,000,437 | ---- | C] () -- C:\Users\Mano\AppData\Roaming\urhtps.dat
[2012/05/19 18:14:06 | 000,007,600 | ---- | C] () -- C:\Users\Mano\AppData\Local\Resmon.ResmonCfg
[2011/08/05 18:35:07 | 001,456,640 | ---- | C] () -- C:\Program Files\Common Files\Falk Navi-Manager.msi
[2011/06/14 08:52:36 | 000,164,864 | ---- | C] () -- C:\windows\System32\UNWISE32.EXE
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\windows\System32\xlive.dll.cat
[2011/03/07 08:51:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/11 14:52:28 | 000,000,092 | ---- | C] () -- C:\Users\Mano\AppData\Local\fusioncache.dat
[2010/12/06 11:09:34 | 000,000,021 | ---- | C] () -- C:\windows\NP_WSNMP.INI
[2010/09/19 09:27:41 | 000,069,632 | ---- | C] () -- C:\windows\System32\xmltok.dll
[2010/09/19 09:27:41 | 000,036,864 | ---- | C] () -- C:\windows\System32\xmlparse.dll
[2010/09/12 13:15:23 | 000,000,600 | ---- | C] () -- C:\Users\Mano\AppData\Local\PUTTY.RND
[2010/03/08 20:38:51 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2008/12/09 17:23:13 | 000,050,640 | RHS- | C] () -- C:\Users\Mano\AppData\Roaming\appConf32.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >
--- --- ---
--- --- ---OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 8/31/2012 3:06:21 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Mano\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.48 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 64.95% Memory free
6.96 Gb Paging File | 5.59 Gb Available in Paging File | 80.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 53.36 Gb Free Space | 37.71% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 140.91 Gb Free Space | 99.59% Space Free | Partition Type: NTFS
Drive F: | 477.11 Mb Total Space | 476.45 Mb Free Space | 99.86% Space Free | Partition Type: FAT
Computer Name: MT | User Name: Mano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B177F20-CE4F-441A-A0F4-CCF05A4D4759}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C8E486C-9C2A-4A77-BD46-539FBDA22073}" = rport=139 | protocol=6 | dir=out | app=system |
"{1156CA09-7C9C-47BE-882C-29F228C90FF4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{16675751-CA47-4AFC-B953-E704E17060A9}" = lport=139 | protocol=6 | dir=in | app=system |
"{1843E06E-9E8E-436C-88BD-71544FF85B57}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19F56E30-3C5A-4F05-8C86-D40AC14CE5AD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{253792DD-E9B0-453C-ABEA-BDBB0E5E5939}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F2B17C3-26DF-46EE-B281-FEE8B12244ED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{355A8CD2-A7DB-4CED-AD95-BA3D57D3BC2E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41B4E18D-50C1-488B-BA07-A1E1BD0DB0B1}" = rport=138 | protocol=17 | dir=out | app=system |
"{4F76720F-902B-483D-B5D5-135275C88298}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5E5F6BC7-4F52-4A49-9951-7FEB7DC71BAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{603AD2C4-51D2-4BB6-ACB1-C96C7D79A001}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6878F091-C627-4810-BC2F-661B31F1EC89}" = lport=138 | protocol=17 | dir=in | app=system |
"{861B7333-3EA5-4EE3-8185-534BBA08ABA8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8661D5A4-6BD1-4B8C-9E3C-157C8BCFA0F4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9642B528-7F33-48F9-AB59-0D77BE57CA66}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9719780F-68EC-43EE-AFE2-336E92928E11}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98121565-74F0-4844-88CE-9ABE38B6C541}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9B010BB7-348B-4D62-8D47-51EEAEBA9357}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A311DEF6-2A45-4486-BEC2-AD54D6EF8386}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A73D542D-83B9-42CD-A3FB-66912C4EB25C}" = lport=137 | protocol=17 | dir=in | app=system |
"{AD995203-00B5-45E8-A048-3FAD9B2E6E6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AFF46CB4-3ABC-4A38-85D6-38038164D7B1}" = lport=445 | protocol=6 | dir=in | app=system |
"{BBFB6EAC-ACAA-4BB0-B470-9A657A80C8E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF308638-DFFF-4F18-B0AF-80FE1804B9E2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CC18C3CD-B951-42A0-AD04-5D2A77660C27}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D2D46A13-940E-4528-B282-054F5366087F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB36E0FB-32A9-4594-BD5E-0457C9F2A190}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7AA3BDC-F00C-481A-9951-59C4334E612F}" = rport=137 | protocol=17 | dir=out | app=system |
"{FD522306-EC50-4012-BC1C-E78F4B5E9A52}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FD919DB6-D9AA-4E66-8F60-F35919167BD5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FDB0FF1B-98C5-48BE-9D95-0326EB7566C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFB7C89B-1025-4A85-9E65-F1EAB125B96A}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06AA7F40-7EEA-4933-BE49-897B7044C56E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{0AB41913-F339-4F95-82C1-8ED8F9001C6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AD9BAB0-B42E-47E7-8336-0700868E8452}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{12F4A2D0-C0C6-46C7-9F7E-064D380E5A1F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{13DB1F5C-528A-4CAD-96AD-2F9179C1AD03}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{15530102-1E9B-4D89-A156-5F39FE2DB576}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{156DB0DA-BFBB-4302-90DE-748B308DEFB0}" = protocol=6 | dir=out | app=system |
"{1598A42B-853B-4835-B12A-98664CFF42B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15E7C24C-3A65-4C73-90E5-F1672F9CF8F7}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{173EC77C-4C36-473E-B850-9B4E7BA7964F}" = protocol=17 | dir=in | app=c:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{1781821E-4A40-4321-8F06-A69498B6B294}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{19998555-CEE3-4EE3-8920-7EBF8C0C72C1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19F7F675-CBFB-45E8-A750-DF890BF61D6D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{25961FEB-1F9D-4560-8AA2-84783AEFB646}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{28234ADB-BCB7-498B-AAF8-2C26C6B893DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B8E2521-5337-4024-A1D7-983EAB902AD3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2C496415-2025-4A35-8D3B-C9E64629EBDE}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2DF8C9A4-D2A7-4AFB-B08E-A643E67E1CA9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{311F057B-AE0C-4B21-AFD1-9EABFCE1F7E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{322A756C-36EA-4AFA-A881-C7A727790CD3}" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe |
"{35ADF4A4-AA19-45D9-B26B-54E46F7D0012}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{36037549-E306-43D4-9CF2-46821AAE5807}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3ADE7E31-F885-4646-B16E-2AF027B58CD1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{40BFE9AE-7053-4676-8E85-DFD47137B007}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44B8A8A1-F107-4A68-8025-250C450F32A3}" = protocol=6 | dir=in | app=c:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{452BD140-A35F-4223-9C75-58447AB47DF8}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4622D736-CE1F-4612-A073-172BEE4A4DEB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46F99C3B-70FC-4C95-A1CF-D0E6E0F991DA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{492B79A4-6747-4F66-B6C7-358890A51575}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{4E7F0EE7-7F2F-4D4C-A5E6-123A43CB170A}" = protocol=17 | dir=in | app=c:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{4F22453F-4329-4EC3-812E-B64D5BD03102}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{549ACCA2-1EF0-406E-9F3F-22CA0D0A0EE4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{54ECB8E5-2A31-4299-98B7-F7781574306B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55116B90-3269-4773-815E-B6EEF26CDEC2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{5DA0426B-571B-43F9-99E9-CD1A4BFF3D6C}" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe |
"{5F0E149C-36C9-4B23-9806-A4AC0DF1E076}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{5F12DE26-74CB-420B-98AA-9A3B9EAD6CEA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{60681A24-D375-4DE2-88B3-6E93B0B36DDB}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{61BC4060-2AD9-4EBD-BB5F-FB8E769DA461}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{63F1C0A3-73C1-4460-997B-3C02559FA60B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{64606CCC-5BF4-47FB-86DD-A0C3552DA641}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{680B71FE-CFED-4A8B-BE09-46BAC6817974}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6A47EBCA-3517-44C5-83CD-0D4DD5DDF682}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6D88003B-487B-4258-8805-1B183E1C58A3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{806A04CA-B5B5-46AD-80B4-549F069DE125}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{816E28F7-9E3D-4A38-9A77-1ABD716BB74E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{84173137-6164-4C3D-B7CF-5D44E645262B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F9DB655-2476-442F-8C21-3D9BBF49DC61}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{96338F80-9FFB-49F1-A247-85F464C4A83C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{96D3D80F-43B6-42D2-8E48-023003A52D07}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{97AC277F-A562-47E2-B754-1E7456B6B2F1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9F09090A-94BF-48D7-97DC-4861F94DB4F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A24B36EC-8021-4BE7-8B0F-64F33DDB00AB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{A588480F-5486-4941-A565-79F9F4695CBE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{A5E89039-9ED8-4775-8F55-FD126C0F8748}" = protocol=6 | dir=in | app=c:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{A72E64D4-A417-4C65-9844-6062109CD4A1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{A730AF9E-69A5-4FA2-AE7C-B5167E60FACE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{AC9A0804-4F3E-42FD-9944-FBBC49A0DF91}" = protocol=17 | dir=in | app=c:\program files\bob\bob internet zugangssoftware\bob_mobile_installer.exe |
"{AD495218-8767-4419-8981-6F35BCD7A0ED}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{AD719E50-78E8-4E44-B4ED-E1BF02300621}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B415FC0C-B4D1-4BAC-A6E7-D8C8E66378B8}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{B4E77D6C-EAE0-4AE9-B1B5-AC3F339C1EFC}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{BA8676E3-5366-46AC-9927-A1F4A572024C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{BADBDD9D-6661-41C1-9EFE-4FC484E52DED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD81D972-BAA7-4623-A521-F2C19C4459B3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{C18DE0C6-263B-411F-811F-BD063088861C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{C3ADE3DD-6E9A-4EAF-AF1B-AEF4B22B79E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{C5555445-609E-4F03-A256-428FB98E9D32}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C6E51408-C4B7-4346-BDFC-9BC33D65041C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{C9F73088-E29F-44B5-9F2B-A1F19272B702}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CD124D17-0791-405E-8352-AD32026A54A5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDB915F8-9652-4F78-89DA-CA82E279D1A9}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{CF4B27E3-D367-4C76-8AAB-ED73EF1DAD73}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{D46E50F7-B078-4978-B935-E6A4913F957F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{D67C0338-1F11-4EEF-AFA3-2AAC7445DC45}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{DA28D3BB-09E6-43F8-8193-FD49DCEB31E7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{DA3D304B-0C99-498C-8A97-0E5A74054D9D}" = protocol=6 | dir=in | app=c:\program files\bob\bob internet zugangssoftware\bob_mobile_installer.exe |
"{DC84AC89-D39B-43A3-AC83-0C4F65ADCCFC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{DEDAE390-F568-4D2C-BE39-777F8BC51C34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E1067D43-6534-49D1-B406-A0B7480DD97D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E30DB952-C163-48FA-8125-CCAC1F5DEB7D}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{F4D65990-29E5-4018-A843-52FDE7AC9B8C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{F9A0EC24-58F4-42E0-8A50-85FB808E4999}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{FA9FC128-ADFD-4FB9-8A57-411E418D0F5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{FEC2D295-AFCB-4CDF-B9E4-AB1BF861F96F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0B2887BE-51FB-4C38-863E-A50093E9A4A4}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{1492EE8A-FE11-4371-A16C-C2F5AED4B5EF}C:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe |
"TCP Query User{18C265B0-02D0-4ADC-8510-A041107EB9A3}C:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"TCP Query User{1D3DF479-ED71-42E7-8EAD-C1250EBDA052}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{1D8127B6-D9AC-4CBF-97A3-133878D09629}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{30276F48-1B11-4F76-A4D0-B70538B0CDCA}C:\program files\3com\cable management system\camgr.exe" = protocol=6 | dir=in | app=c:\program files\3com\cable management system\camgr.exe |
"TCP Query User{3C249382-77A6-4556-A11F-B14C6D43D394}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{3D489E41-B2AF-4162-8789-28D027636847}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{42B6C5D2-C270-4BA5-95A7-1E7D0D9639BD}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"TCP Query User{51F8CD7C-F710-4812-B97F-27FED9017908}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"TCP Query User{53CDCD7D-755E-47DC-BA29-E6089A88F468}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{5494A950-019F-4F19-931E-A53617FB1DDC}C:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe |
"TCP Query User{54FB0080-94C4-44B6-8A59-E9293903B945}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"TCP Query User{5C4B192B-E161-480F-98C0-323B4D2A3421}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{6B25D714-90E3-4DE5-80AD-025BC6C4D1F1}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"TCP Query User{7124A7C0-69EE-49DD-8547-2DD6538FBB69}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe |
"TCP Query User{76695CD8-B9D1-4737-9085-4B7386FF0A84}C:\program files\3com\cable management system\camgr.exe" = protocol=6 | dir=in | app=c:\program files\3com\cable management system\camgr.exe |
"TCP Query User{7CFE63DE-CD0A-46A3-BF69-2A810F56C2B3}C:\program files\loxone\loxplan\loxplan.exe" = protocol=6 | dir=in | app=c:\program files\loxone\loxplan\loxplan.exe |
"TCP Query User{894DC13A-7442-423E-9572-867CBDBFEAED}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe |
"TCP Query User{9AAFE5C0-F9A2-40F1-A4AE-FD17F8845BE0}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe |
"TCP Query User{9EB08299-C913-4648-A201-F271D2981E05}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe |
"TCP Query User{A3AA06F7-5EBA-4850-B320-30073197128E}I:\spiele\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=i:\spiele\dragon age\bin_ship\daorigins.exe |
"TCP Query User{A645B2BD-EF6B-471E-85D0-A990B1549428}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe |
"TCP Query User{A8E70533-A550-462B-A52B-119E25CF719B}C:\users\mano\desktop\world of warcraft original\launcher.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe |
"TCP Query User{ACBA0F0E-BD5A-466D-A77D-120D54C43B93}C:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe |
"TCP Query User{ACE299A0-3579-469C-A215-FF648346876E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{B4119D20-ED33-4F71-80CA-0C0A29A33D79}I:\spiele\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=i:\spiele\anno 1404\tools\anno4web.exe |
"TCP Query User{B589E429-C81B-4629-9DCB-AE10A3CCA0FC}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe |
"TCP Query User{B5ECF582-0F35-4E6B-AA62-3113D8DC68C2}C:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe |
"TCP Query User{BA1F02CE-E61D-46CD-9C60-4D0A26474387}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"TCP Query User{BB4D74DF-801A-4096-B810-FEA16856F1FF}C:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe |
"TCP Query User{C6F187FF-96AD-40AA-A740-5A7308EFDD6E}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{CC260E19-F5BA-4A91-A47D-A89C63AF7035}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"TCP Query User{CEC75B6F-40DF-4A67-8AD3-A09C2D3C8940}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe |
"TCP Query User{D300014B-BEBD-4060-AC9A-31B5AF221AFF}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{D62BFF9D-7FE4-4D29-8D60-C09B787A663B}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{D973CA0E-3076-4DAB-9615-8A201F5A9A4E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{EC374A3D-8AB9-4251-A2AB-C0164F707831}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"TCP Query User{F8F5E9E1-1C50-41B4-9E11-24C875383AEB}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{FA38C9AB-2EC0-47FF-85D3-73E9B2CF546E}I:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=i:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{0CB84179-358B-4DCE-BB2B-C4CFE1044C28}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{0E30C8E5-B9A6-4D17-ABAB-81336A22BDB5}C:\program files\loxone\loxplan\loxplan.exe" = protocol=17 | dir=in | app=c:\program files\loxone\loxplan\loxplan.exe |
"UDP Query User{16CB2727-3479-400D-BC73-7F0C58DF0C44}C:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\backgrounddownloader.exe |
"UDP Query User{1DD6A5A6-2612-47AE-8032-4095C158E408}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{1E2D7EE3-3EE9-4890-BC36-8100B866D7D3}C:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.patch.exe |
"UDP Query User{24C8FFCA-4B1C-450F-B8CD-C2C795A7DBBF}C:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\firma\stormwatch-ii\stormwatch_ii.exe |
"UDP Query User{2761F93C-1F97-42AB-BF6A-348674C7AB6D}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe |
"UDP Query User{2D375A07-FE18-48D3-A920-2AFB68B2C380}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe |
"UDP Query User{2EAA2744-1270-4AFB-AA0A-C48035181480}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{45DBE427-4CF1-41A0-82FB-8021417D3671}C:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"UDP Query User{486B953B-AF86-444E-805E-459EAD76BC5E}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
"UDP Query User{48ECBA98-E2FB-4CE6-BB03-3082B58ABCBB}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{4D608D77-8CA8-4026-864E-A8F04747E2FC}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{51643AB6-213D-4859-A61A-6E6F741167E3}C:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\firma\catv\stormwatch-ii\stormwatch_ii.exe |
"UDP Query User{55C4BCF3-7C3C-4AAB-A644-44409B9DB24F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{59F8F501-2C2A-4182-8C3B-EEB1B27681ED}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe |
"UDP Query User{6035EE26-221E-41DE-B46C-1E17094F64E5}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"UDP Query User{7481357F-7B06-44D5-ADE8-1176793391B4}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"UDP Query User{77C0EF74-9948-492C-8C74-F94B5761EE9F}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{782C4274-C03D-4D2F-BA8B-AE67B0FCB51D}C:\program files\3com\cable management system\camgr.exe" = protocol=17 | dir=in | app=c:\program files\3com\cable management system\camgr.exe |
"UDP Query User{79B10DB6-6248-4B68-A488-797F65B7B8F0}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{84A8F41F-F1C3-48E9-8E9A-8F8E03A7EF01}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"UDP Query User{8EB6A658-2106-42BF-8C52-55F4EC9B988E}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{99882702-AF97-4A5A-8B5E-2A6824300C5D}C:\users\mano\desktop\world of warcraft original\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.patch.exe |
"UDP Query User{A33FF4B7-BDAD-486E-AAFF-448AB6BFFA0A}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{AFB99FFB-5F95-467E-A801-064FE5BFA97F}I:\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=i:\spiele\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{BAA67BB4-D69C-4472-9568-968301E9B01B}C:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\backgrounddownloader.exe |
"UDP Query User{D3627676-6726-42DC-ADB0-F73D05BF767E}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"UDP Query User{D8410846-A92A-48E2-BFFB-44EFC0D3559C}C:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\spiele\counter-strike 1.6 v35\hl.exe |
"UDP Query User{DB5F268F-3A62-4283-B64A-8A3195BD8B55}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{E28BC0A0-0EFD-48DB-9D50-562EF6A87DDE}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"UDP Query User{E28E6165-A7D1-42A2-8B74-A52C8352180E}I:\spiele\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=i:\spiele\anno 1404\tools\anno4web.exe |
"UDP Query User{EC62F5BD-6388-4672-8A71-7D472A9A1457}C:\users\mano\desktop\manuel\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\launcher.exe |
"UDP Query User{ECE29540-7CE9-4226-862E-7BFB20EAD25D}C:\program files\3com\cable management system\camgr.exe" = protocol=17 | dir=in | app=c:\program files\3com\cable management system\camgr.exe |
"UDP Query User{EEB009AF-F249-47BE-A238-BC1F69FE5144}C:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\manuel\world of warcraft original\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"UDP Query User{F9BB2FE5-33FB-4C6F-8D0A-E8180BA892A9}I:\spiele\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=i:\spiele\dragon age\bin_ship\daorigins.exe |
"UDP Query User{FA6B5988-6CCF-42B4-8ECF-2DE1F3C6405F}C:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"UDP Query User{FB4DF65C-327D-4F20-A3CB-FCE386BB791D}C:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\temp\wow-4.2.1.2683-enus-tools-downloader.exe |
"UDP Query User{FBEB93FD-3DBF-4259-AEAB-3794ED480E01}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe |
"UDP Query User{FC4B3A14-6DE4-4028-AFDE-F9016F33DF93}C:\users\mano\desktop\world of warcraft original\launcher.exe" = protocol=17 | dir=in | app=c:\users\mano\desktop\world of warcraft original\launcher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3EED7541-55F8-4DC6-B9CD-28762D71310E}" = Samsung R-Series
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44BC30A3-B5F1-4CAF-8B06-BB7D26991FDC}" = Falk Navi-Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B39C475A-77A7-446D-B423-8051E976D910}" = USB CDC Device Driver
"{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}" = User's Guides
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}" = Easy Network Manager
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{D0EB6586-8330-11D4-AE23-00C04FA30170}" = Cable Management System
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F868BD32-1CD0-42A8-A813-A53CEA8882CD}" = Falk Navi-Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2012
"EAGLE 6.2.0" = EAGLE 6.2.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LoxPLAN_is1" = LoxPLAN 1.7
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSW1000_is1" = PSW1000 V.42
"Software Informer_is1" = Software Informer 1.0 BETA
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/13/2012 6:07:00 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/13/2012 10:48:16 AM | Computer Name = MT | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 8ba4 Startzeit: 01cd79628eec8205 Endzeit: 10 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 8/13/2012 10:49:54 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/13/2012 11:01:31 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/13/2012 12:12:59 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/13/2012 1:06:58 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/13/2012 2:09:08 PM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/14/2012 3:23:05 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 8/14/2012 3:26:48 AM | Computer Name = MT | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.8.0.158, Zeitstempel:
0x4f4de709 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
0x4cc7ab44 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000c35e3 ID des fehlerhaften Prozesses:
0x24a0 Startzeit der fehlerhaften Anwendung: 0x01cd72e1b6348a42 Pfad der fehlerhaften
Anwendung: C:\Program Files\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\windows\SYSTEM32\ntdll.dll Berichtskennung: 682b7f03-e5e1-11e1-9944-c8f108209363
Error - 8/14/2012 4:12:38 AM | Computer Name = MT | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ OSession Events ]
Error - 12/7/2010 2:10:57 PM | Computer Name = MT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/17/2011 1:44:41 AM | Computer Name = MT | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1140
seconds with 720 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "Ancillary
Function Driver for Winsock" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst
"NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "TCP/IP-Protokolltreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 8/31/2012 7:46:54 AM | Computer Name = MT | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP Registry Compatibility" ist vom Dienst "TCP/IP-Protokolltreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 8/31/2012 7:46:55 AM | Computer Name = MT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD Avgldx86 Avgmfx86 Avgtdix DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SABI spldr Tcpip
tdx
vwififlt
Wanarpv6
WfpLwf
< End of report >
--- --- ---
bitte euch um Hilfe |
