| Richard86 | 15.05.2013 16:53 |
searchnu.com/406?... in IE Firefox und Chrome
Hallo liebe Experten,
ich hab mir mit einen iLivid Download wohl was eingefangen.
In allen neuen Tabs geht jetzt immer "searchnu.com/406?appid=484&tag=newtab" auf. Kann das aber nicht mehr ändern.
Bitte um eure Hilfe
Hier die Logs:
OTL: Code:
OTL logfile created on: 15.05.2013 16:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free
7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS
Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT
Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe
PRC - [2013.05.13 17:04:27 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.05.08 11:00:23 | 003,364,352 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe
PRC - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
PRC - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.04 16:28:02 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.01.18 16:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.01.18 16:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe
PRC - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () -- C:\Programme\Polar\Daemon\polard.exe
PRC - [2012.07.03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe
PRC - [2011.04.13 15:03:38 | 001,298,320 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe
PRC - [2011.04.13 15:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2011.04.13 15:02:34 | 000,412,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Programme\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.05.11 14:35:56 | 000,020,480 | ---- | M] (Carl Zeiss) -- C:\Programme\Carl Zeiss\MTB 2004 - 1.8.0.7\MTB Server Console\MTBService.exe
PRC - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
PRC - [2009.09.18 17:02:30 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.08.21 09:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\System32\ANIWConnService.exe
PRC - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\hasplms.exe
PRC - [2008.05.20 19:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.08 11:00:25 | 000,474,112 | ---- | M] () -- C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll
MOD - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe
MOD - [2012.08.17 14:43:40 | 000,104,448 | ---- | M] () -- C:\Programme\Polar\WebSync\PTransform.dll
MOD - [2012.08.17 14:42:38 | 003,477,504 | ---- | M] () -- C:\Programme\Polar\WebSync\libpolar.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.14 17:01:02 | 002,142,720 | ---- | M] () -- C:\Programme\Polar\WebSync\QtCore4.dll
MOD - [2011.01.11 01:25:48 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.02.10 19:45:48 | 000,025,600 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qgif4.dll
MOD - [2010.02.10 19:45:40 | 000,119,808 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qjpeg4.dll
MOD - [2010.02.10 17:22:16 | 007,971,840 | ---- | M] () -- C:\Programme\Polar\WebSync\QtGui4.dll
MOD - [2010.02.10 17:07:32 | 000,929,280 | ---- | M] () -- C:\Programme\Polar\WebSync\QtNetwork4.dll
MOD - [2010.02.10 17:06:06 | 000,334,848 | ---- | M] () -- C:\Programme\Polar\WebSync\QtXml4.dll
MOD - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
MOD - [2009.07.07 18:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\System32\wlanapp.dll
MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll
MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\ANI\ANIWZCS2 Service\ANIOApi.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Carl Zeiss\MTB 2004 -- (MTBService_1.8.0.7)
SRV - [2013.05.15 16:29:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.10 20:43:52 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () [Auto | Running] -- C:\Programme\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.07.21 08:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Users\Carina\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2010.05.24 22:46:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ANIWConnService.exe -- (ANIWConnService)
SRV - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2013.04.04 16:28:33 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.04 16:28:33 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.04 16:28:33 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.04 16:28:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.11.02 13:23:15 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.08.23 23:04:28 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.23 23:04:27 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.08.05 21:59:30 | 000,750,592 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.09 14:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009.03.06 18:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf)
DRV - [2009.01.16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008.08.06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.08.17 16:14:44 | 000,891,392 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2006.10.19 05:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.pgv.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406?appid=484
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=484"
FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: toolbar@gmx.net:1.5.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.31 13:05:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.31 13:05:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.19 21:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 22:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.25 12:19:35 | 000,000,000 | ---D | M]
[2009.10.29 14:45:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Extensions
[2013.05.15 16:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions
[2013.05.15 16:13:08 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013.05.15 16:13:04 | 000,000,000 | ---D | M] (New Tab) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}
[2010.10.21 11:27:34 | 000,010,567 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\gmx-suche.xml
[2011.02.14 17:18:01 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-1.xml
[2009.10.28 18:37:56 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-2.xml
[2009.12.16 18:51:37 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-3.xml
[2010.01.07 12:35:08 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-4.xml
[2010.02.19 11:05:38 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-5.xml
[2010.03.13 14:48:32 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-6.xml
[2009.10.22 20:24:42 | 000,000,955 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin.xml
[2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\Search_Results.xml
[2013.03.13 12:37:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.10.29 14:41:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.09.10 20:43:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.08.18 19:39:54 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.03.10 19:30:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.03 22:04:39 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.10 19:30:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.10 19:30:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.03.10 19:30:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.10 19:30:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search Results ()
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.searchnu.com/406?appid=484
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: iLivid New Tabs = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\
CHR - Extension: Google Mail = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{203359B1-567A-441C-99C6-9D3BC5C51AB0}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF9D0D85-E383-4060-85D9-F202E52D71CE}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\mgrldr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun
O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.15 16:52:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe
[2013.05.15 16:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2013.05.15 16:22:06 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2013.05.15 16:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2013.05.15 16:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013.05.15 16:21:48 | 000,000,000 | ---D | C] -- C:\Users\Carina\AppData\Roaming\TestApp
[2013.05.15 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar
[2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013.05.13 17:05:57 | 000,066,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.04.24 17:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe
[2013.05.15 16:51:17 | 000,000,000 | ---- | M] () -- C:\Users\Carina\defogger_reenable
[2013.05.15 16:49:45 | 000,050,477 | ---- | M] () -- C:\Users\Carina\Desktop\Defogger.exe
[2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.15 16:37:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.15 16:37:31 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Carina-Startup.job
[2013.05.15 16:37:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.15 16:37:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.15 16:37:14 | 2817,875,968 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.15 16:23:49 | 001,971,463 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013.05.15 16:21:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.15 16:17:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000UA.job
[2013.05.15 16:06:47 | 000,416,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.15 08:05:26 | 000,657,660 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.15 08:05:26 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.15 08:05:26 | 000,131,032 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.15 08:05:26 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.13 17:05:19 | 000,066,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.04.24 17:04:26 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.04.24 16:35:49 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000Core.job
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.15 16:51:17 | 000,000,000 | ---- | C] () -- C:\Users\Carina\defogger_reenable
[2013.05.15 16:49:44 | 000,050,477 | ---- | C] () -- C:\Users\Carina\Desktop\Defogger.exe
[2013.05.15 16:22:11 | 001,971,463 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012.12.21 15:22:00 | 000,141,736 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.08.07 19:49:19 | 000,001,936 | ---- | C] () -- C:\Windows\System32\nethasp.ini
[2011.02.27 14:48:41 | 000,004,096 | -H-- | C] () -- C:\Users\Carina\AppData\Local\keyfile3.drm
[2010.10.19 16:30:20 | 000,000,253 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANICONFIG_{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}.ini
[2010.09.20 19:32:41 | 000,003,284 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANIWZCS{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}
[2010.05.18 20:52:35 | 000,000,017 | ---- | C] () -- C:\Users\Carina\AppData\Local\resmon.resmoncfg
[2009.11.09 00:22:47 | 000,007,680 | ---- | C] () -- C:\Users\Carina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.08 23:26:16 | 000,153,157 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\mdbu.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.12.06 02:28:18 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Artweaver
[2012.12.19 21:35:44 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Canon
[2011.08.07 19:56:10 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Carl Zeiss
[2012.12.19 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoft
[2012.01.03 12:53:19 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.18 19:40:52 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Foxit Software
[2011.07.26 16:17:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\go
[2009.10.29 14:45:30 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\ICQ
[2011.01.31 13:05:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Local
[2011.01.14 12:28:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\MAGIX
[2011.11.27 00:55:33 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Need for Speed World
[2011.02.19 23:45:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Opera
[2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Program Files
[2013.01.22 20:55:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TeamViewer
[2013.05.15 16:21:48 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TestApp
[2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Ubisoft
[2010.07.06 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Uniblue
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:C895616B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Extras: Code:
OTL Extras logfile created on: 15.05.2013 16:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free
7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS
Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT
Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BIPA FotoShop] -- "C:\Program Files\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A674FA0-2CB3-4790-9E61-CAE0E15381B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1DAAA982-259B-4CB7-8723-D805EC1AE497}" = lport=137 | protocol=17 | dir=in | app=system |
"{241D5B35-DB2D-4FB6-BBFF-67D1FEEE4D4B}" = lport=10245 | protocol=6 | dir=in | app=system |
"{43E793D7-5991-466A-BE5D-86051A5F0EEA}" = lport=138 | protocol=17 | dir=in | app=system |
"{4900697D-B286-410D-842A-2289735EF935}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53246178-B2CA-45EC-A9B8-1ED427189B24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63AE5D71-7FE3-4743-AB17-5BDB44C54EE5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6638069D-C8E5-4113-85C3-C7BCFD477D77}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2349B29-6BED-447C-BEB3-9E59C5ED5C10}" = rport=137 | protocol=17 | dir=out | app=system |
"{A9CBDC81-D807-4D61-ADA4-68A1ACF6E7BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{AD38B7B9-E403-42B2-9A19-6953B3977E7A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B7CCCE3B-6E57-48B4-9AF3-60794796CEBE}" = lport=445 | protocol=6 | dir=in | app=system |
"{C90BA560-D9FE-4240-9BA0-B70117E97D22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4CD51F5-E50A-4500-8DDB-5D717B2B00BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{F57F109A-BE28-4A6F-A381-F322C6359D26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2C51D6-4885-4C72-B3DE-5B26CA3DA8B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0055E993-3151-4C9E-8F4C-9A512DB5E341}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{0066FA10-ECF1-4866-ACF1-E9EF3606797D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00902EF5-F485-452E-AE3B-55B44C18DD7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00FE3C0A-8AD3-4F8E-891C-5EDF08E343D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0295A833-0A31-4150-8915-AFABA70694E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0300931F-9A95-4F4E-BC5C-0682625F5230}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{04CA7C12-ADE7-4D60-AB94-2859C935EBA4}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{0599EF4E-D327-4FDF-ABC1-5F2EBA9115D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05C4EC9D-3981-4B11-A0E0-AA786DE903C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{07D04CF3-3FE3-418D-A33B-4CEE6BC6A53F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09F3FCDD-97C8-4C1F-8453-F36D6CCB6637}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A7E64A6-34AF-4659-AE7F-5ADC64633E80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DA608B7-DCC0-4B22-B7F5-45394CE520E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E4C447C-9951-4568-92A6-348784D44777}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F7BC9FB-186F-434D-8D86-CA772A90C34E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1216F52D-5DB5-4F0E-A383-B9FCE4639BC4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{122A02E1-F6B1-49B2-8782-93769DD91C93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1388A37C-81BB-4DAB-ACEC-CAE6FC373A26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14342621-622F-4228-8B1B-48DAB66F7347}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14EF03B7-5485-4D8D-8D15-E63DA5015B87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15F5E10F-C1E1-4B62-8321-CF866A04BAB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1621DDC2-20C1-4652-A12F-25F94D661244}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16FE85AC-A99C-4CF8-8F26-8316E2E6B350}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1787B378-1E7C-47E7-9B43-B01DF080DD24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17B2E263-64CC-4F42-BFDA-82E307208097}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17D4375D-9AA1-4FC0-9165-54467803AE41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17F4C7F8-17CF-4BF3-A2B0-F045A12E7DE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{18134A2E-0604-4A3F-B754-0C668638017F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{183F6D06-6EBE-4E4B-B846-310684BBA16B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{192AF08B-616B-4EBC-BDAA-10EBC15AA590}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19830D02-09A8-4E5F-B810-2078D596F4C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A1A2219-CCB7-4BA7-ACBF-90FD8550A1D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1AA71246-3D8D-4719-8E37-D773765E8425}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C0B8EC5-C93B-48B6-AB2E-58586AC861D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E4B8478-7EFB-496C-8AF3-8E7196C441F6}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{202BFE81-F290-4E3A-BB85-4847B8CC3F61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20AC3431-D754-4C04-BFC2-7E567F133471}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{211AB39D-5CB7-461B-B37F-990391226CBF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21CFBBD0-E417-4478-9174-4850A448F268}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{22748D2E-7F4F-40B7-A3EE-CDCF4AA48738}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22DEF94D-6C78-4275-9D23-AF42479D65D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{238E5A4A-909C-4F0C-A53D-125CB1E371CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23E7BE83-14CC-4426-A77F-1BD824BCB39F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24D84CB1-2940-4B8B-89C1-E665942C903F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24EA944C-ECD0-41F1-8BDD-09F4AEA56660}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25104C98-CEB7-4A7E-8ADE-B238F077D6D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{251D1122-2D40-45EA-B0DD-670DA78FFC9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25408085-E7DD-41E8-8BCE-FDFA230948F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{26FA7928-0754-4B48-8E37-B4D8E35AA43B}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{286E0660-D387-43D5-AE02-F324B833D1E8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{28CB70A6-9CA2-4385-860C-2BA80228629A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28D2AA3B-A24A-438A-867F-0A6ABA9322B8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{29207982-271F-4CA0-B7EE-9A7B75ACD827}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{292E6D74-87F5-4A61-B46D-92112FB676A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29DA921F-6453-447F-A9DC-8C1D40AA333C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A84038D-C780-4631-8843-A9D4BEAF166A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AA8FD77-C961-464F-BBAB-5826946D3B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B6EC0F6-80C1-4454-A486-07ED49319EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BC58168-2A08-4B30-80A4-DD1CB1FB00C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C2346B3-3B4C-49EA-B854-41F9C99369D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C97F895-EF5C-48E0-93EE-63E3B6B2C5E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D2C0EF8-F956-4DFD-90BD-B9907DA84682}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E5B56C3-848A-4394-8B23-9826A8300540}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E96C522-351E-4B53-AA0F-F1E94F455EA0}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{2FF80E26-2F5A-493D-820D-3A24EC82F13D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316F4356-7278-48B8-A89F-9A2DF54B48F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32D19503-AB0D-4E75-9F0C-BBC7B7F3B054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{330126F9-4A37-4165-B26E-ACBD253374E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33CF74E7-DAF1-4378-A1BB-895704E7F576}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3482A9C0-27DA-45AA-BB6B-22673B8943C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34E9A520-6E3C-44F0-AFC3-1EFE33AC34C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{352FCC43-34C6-415E-81F4-A39C103B34C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{353E0AC5-A6FB-41B1-B184-1A4B07722B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3779FB99-2BCF-4F1F-B4E2-48F5EC3EF35B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{378DCAF7-A9BE-44DE-BAA2-4188E67A17AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38EC8E36-BFD6-466D-BDBC-D9DE6F918CAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A74C78B-72E2-46F7-834C-6962B0AC3911}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A77CB52-CB85-49E3-BF99-616BEB421E0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A823DA2-B016-4BFF-8B26-FD07B922AF49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E3BE273-E9D7-4B8C-85DA-CEE235644C8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E776395-9214-4A30-B8E2-C120574693A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E9BF6F4-FE2C-4B4F-951F-0E62F6A66FA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40ADE1D0-AA11-4D0C-9970-4B08D6055EE9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4208B661-4614-4D8D-9076-85DD126F84BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42F4898D-6F42-44BE-A81D-05556328A64F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{430A99B1-051D-4500-9A34-13ACD1B480A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43222A06-75A2-4DFF-A416-1563EA2A08D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44C482F3-803A-4C0B-B3AC-7DA3ACEB2C84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45653639-7EF8-4914-B3F5-BE7E5295F46C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46C97335-D828-4201-9E2C-308AD0AD487B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47A4D707-C0A1-4C30-850C-3E442A343490}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4855E7E8-5DF9-4081-B6DF-66D98C2CAC44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4875D198-FFB7-4496-A8FE-1229AE7D2334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4AD1FCAC-7D08-4BF1-8FE1-76A645376CC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B0CFCA4-6910-4203-9A16-DB3B2647C486}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B314D8F-C804-47C0-846B-803B61E0AACC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B3C2232-4C84-44CD-98EC-3E31C6442573}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B713531-E6E5-416A-B3FA-37F1EFBF9AA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C0ACBED-7965-4BD3-8A6D-8EFE516FDA80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C6564A4-AE75-4E58-8B7C-864FC02349E6}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{4CCCC621-8EDB-4532-8B85-A9143C7B3C37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EC6D45C-E0FF-495C-A5A8-B3D05F29E34F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{4F919B05-F6D1-495B-80B4-1F81C246ED25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4FE4559A-03DA-4D6A-A3DC-4B3C404F7D84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517300F5-BEE1-4E3B-8E3E-FDB7777452F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517D763B-F7AD-451F-BB3D-E66CBC61E342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{519C1745-4AF1-403E-9984-9B3FBC8E2D74}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{51BDF980-9E12-4BA7-B4C4-B58D97F82028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{525496F0-B375-4004-B289-44DC28CF858E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5255970B-2FFD-4283-BCF5-FF0328B8AC9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5284E6AE-DDF6-4A30-9B4B-D49EF6231ED7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5358A823-717B-4222-9FBF-522B056734B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53A107A3-2BE4-47C6-AD35-479922F54C67}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{5484CC9D-5251-43FE-BDD9-5F953492AD34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D84FF3-E1F5-4B9A-BE1D-DAB504E1D47F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{565BED5C-741E-4B94-9B88-0CB6CD4AD9ED}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5772B82D-F84E-4B05-AC81-BC43D17A3D7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59350AF3-B47B-44BA-B645-FC532A09895D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A2817A6-0E6C-4120-8D74-B923C3C0A727}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A39F03B-B7DA-4D98-B782-238C642D18D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A8D1980-74C7-4013-97E3-2BBDBD290B30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A9C8D18-E392-4A12-818A-BD0D45871808}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B41DED6-0319-4C56-8CEE-7714905710D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B7C9111-E680-409C-BEF0-DA37071EBDCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C03DA7B-B420-429E-9572-2B612BCB2B4F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CFDF149-AC61-4BBA-ABAC-1F72793F2AA5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D0FC86A-C34E-49FD-B28C-424CBC892200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E789807-1F18-4326-B355-D82E97404D2A}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{5EC75C26-FDC7-484A-8FE4-658E2E79F71C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F09312A-3FD8-4205-AF95-0625EAB6F76D}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{5F284DA6-12C2-4335-8144-2C145744E635}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6117CFB4-8682-4C71-84C2-7A98239E9D2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61546535-769C-4BF7-9B6C-25CCC08A9F9C}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{64211715-536E-4854-9819-9880120B12DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{656B9DA3-5976-494F-ABFB-77CF6FA62B17}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{65B04F0D-27E4-4C0B-99BE-E6B5D5BE7289}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{672AF4D4-94C9-4828-8DE0-70F7E9301200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{673E807E-D11B-4FDD-A7FA-C8D96D326BE4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{676F4BB8-30EA-434A-9930-DEE4B8FF8BF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67CF4C29-C48A-4F8C-BE9D-0F4242177937}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{680570CD-F772-44A8-8762-01A7BFE651E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{683BDCA7-0F80-4FC2-9F06-926DB068F941}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{688F7904-E2EF-43B4-978F-9D28953820C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6AE7EB59-9AC5-43F1-91AC-ED773371BB16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6BCE47BE-E88A-4251-883B-84B5156F1EC6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CED7DB6-5D1D-45D4-8595-A75B294A56AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D894EDB-529D-4499-B454-DB75E90195F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E36326D-8651-41FC-8618-8E35522D3531}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{6E814916-09E4-410A-8469-AB2738D4137B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E9557E0-6589-4CC7-86F5-0CE6E15AC6E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7084D282-E9C9-4D72-8D37-3F322175F311}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71D0C10B-B6A6-4CD2-8450-ABA841224464}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7526F5FD-0222-4396-B288-48E1747C0338}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78A47DBA-C959-4D45-A5EC-3F5A7FDB95F8}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{78C62DA8-AEC4-4B9F-A375-8FD2FD422423}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{78F3EFB5-0D6D-4E66-A8D8-A1F6FDDA1DD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A152564-7435-431F-981A-078851FA984F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{7D083521-B7AE-4040-AF5B-E2F7301F6D32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7ECC2243-E41D-432E-BABC-E62C016BD6C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F5E5DBA-EE6D-46C7-A4DC-B12E8CF399D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80F0F764-11F1-4FF3-A28B-A0F5066645A8}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe |
"{80F63964-A01D-40CE-85A7-FBB86D960AD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8131910B-D167-4845-B3C1-F9C4DA804450}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{814B1953-9142-4E30-864A-BDD58CA62AE8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{81AC29F5-A991-4339-9013-EDFCB18CE989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81D0D65D-04F5-4CB2-A53E-4C8EEF89668A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81ECD401-6E23-491D-BDCD-94B926C0BBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81F9BAA8-61C9-423A-B1E9-3BA007DF9285}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8349D6C6-1A13-4971-BAD2-CDE89BC088B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84AC363E-95E2-4425-B582-1C8CD0F0EA0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{857EBEAA-CC55-4C10-BED4-97A5B9F624BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8599F8BB-33DB-4C9C-8C6E-DD1F3FF519EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85D5E65E-CF64-4288-9983-F13BB465DB2D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86AEF994-1355-4704-BA35-A8A39E8EE71D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86EFBDC4-4FBC-4381-B2BE-9EDF39FF8CDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86F8F91D-6EDA-481F-BBCF-EEF834D442BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87F0F8D8-470F-4637-9C50-941C48AF8956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8989AB21-2B3E-4D72-BB2A-83444F18F4A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A436F83-96FB-426F-B824-C53AAE268A29}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A44861C-ABFD-491D-833B-3A8D53CCA978}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B4E8596-0814-403D-9A71-6D847224604D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B50ACA6-E4FB-47E9-BBA8-A3DBB1679A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DEAE656-BA92-4D40-808B-CD8034870CA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EAEE59C-FA47-4E30-9884-64E39E744D04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F64A7A9-0C29-49BD-B49A-ABED491ADF39}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FA5D648-6745-4DB7-89B5-47FD0604BE0D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8FE15D00-EAB5-4955-9E0A-F5FD2046449F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90600480-45E5-4254-A2F6-7F6FFE3D95C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90BD3FDC-1E4E-4623-93E3-905F39D77F5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90F4B81F-E86E-4164-AF22-D369ED341543}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91A6B1E7-395E-4C64-961D-5EFDDAFEE6F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{920518AB-BF44-4B63-A3F1-1CC87180979C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93747CEC-A83A-4652-8146-7BC2B71BF50C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{94F0523A-A87E-401E-840A-C41869897D25}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{94F118D9-5EE5-47D7-9EB9-92795D3FC83F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{95C820C8-7610-4E24-B44C-40E76CE1FD0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96E75D12-AFBF-48E2-A25C-7BD73E364DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{976B6EB1-5468-4A31-BEDF-B9A99B4E168F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9844BE0E-4C55-4856-AA8A-06C9576BA59A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{999D164B-8977-472D-859C-9B266291F1C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9A86F506-08D5-438A-8C8B-DCA59F5B75CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9AB1DC3B-D4E6-40C5-AECA-8D0A55D559FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B698944-6B3F-456E-B398-56FC0C31E4D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CABC77E-0E23-4F71-9012-C344999C2DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CF0C686-6330-421A-9E75-AC25FE419D9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D75FF5F-C5E3-4404-B096-C8A27B2F54C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DD17C98-BFC5-441C-9152-212654D3E356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E738746-8324-481F-BAC6-15CE9223950C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0CC4871-4C8C-4A83-B610-71455693AA93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A15C5149-EA8B-49C0-A96C-33A09ACC47F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2F96852-52C3-40B2-AB31-9C8C6B8164AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A325C812-8E52-4954-9C0A-78607EBDDE62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A44C0A6B-DA06-4843-B4D4-93AF433BE459}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5FFDC9C-71F0-4498-956A-B3B724370AED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A618C747-FA6C-408C-A621-38667A9B5300}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7CFE538-8E6F-4A41-B807-839B21023CA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8351F9D-23D3-48D9-94D3-BB1875D71A7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8D09748-0909-41D7-AF0E-98A0DF829A2B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{A9319D45-80C6-4DBC-9324-7484FF5D82C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA755479-752B-4799-9ADE-98284FB55229}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB4A6D17-2086-4DB0-8E71-63068969028D}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{AC0B4FA2-60E1-43A2-8FE8-7AA409E080DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACB88B41-6396-4DCD-BE93-A58154681327}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{AE3976A0-9923-4747-B41C-9CF93BB79982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE4E3828-0E1B-40CE-9AEE-2B4AEDF16952}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF547FFD-8363-42EF-84B1-92E74A38BBE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFEA6517-409A-41A1-BD0A-D9AB2B070EA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFF3DA96-5DC2-450F-932A-22D14928293E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B20898B0-A82E-40B1-8B49-7D56B702D69D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B33794BE-99BF-4A96-A9C9-6CEF581EAA9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B34D5974-AC2B-4412-8DCF-1C4CA39DDAAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4A2C8C2-AA8E-4E15-AB43-88B7A54BBE63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F4B6A1-5FDC-4EAD-8144-FEC1C00D3C97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8F348F2-A3F0-46E2-AC82-057C80D9CC41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9F2C234-AC1F-4710-B977-8B7EEC2E588A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB35EF20-C1B8-4F0C-83B2-869A4FC0A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB692082-E15D-4953-A7A6-D9F302602D2F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{BBC90554-C0A7-4D3C-857E-BA1E85476C9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC74279A-805B-4A0E-8493-35B96CFF32E2}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{BCCD581C-9136-49B3-AE2F-2A930827C799}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD9DC12C-3595-455F-A7F4-DD9E595C923F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF76E66D-4E85-41AC-ABFE-37BE3397D3AD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BFCDB868-973A-47AE-9F7D-B4678D9472EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C014EC5F-2830-4CE4-BB3E-362F89F0E9E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0EDE5E7-E9E5-4069-990F-1D94250F18AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1E2D1ED-0E0A-4D5E-96CC-D000DC9AA2F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C22A0AB0-1023-4AE7-9F8E-B62EDC979696}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38BB0A1-4BA8-4801-A86F-9E7B0713EA95}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C447F085-6412-43F4-A609-C52B6855900F}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{C5789609-2985-42BA-A4CC-8C9CB9D387EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C65324D3-2173-409F-B9B2-9EAFB9BC7C85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C688B505-13DE-4584-A115-6D8FE0F0521F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C84B7748-7FF2-4616-8ACC-4D58E1D868FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C99DE429-1681-4C96-9A21-608815D76334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9BAD5CF-5D55-46A2-B3C1-C30DAD4332B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAD1F7DB-255F-4CC9-B25A-FC5CE070ACD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CBD9DCF6-0DB8-41E3-99D4-82D6DDB476B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC1E0228-F2C7-46F3-9888-ECFD3E07CEF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD042056-2A99-4BEC-B6E3-B5784ECACCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF18AA71-E583-4A97-8257-FD90876FA02F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFA000AD-4471-4C43-89DB-C383E999FC6B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D04E7D16-BF87-4B36-9815-C7B52607B877}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2E59F70-8065-4FA8-BC77-9D8808088DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D361B41C-8285-4C1A-A564-F22CAEC8235F}" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{D4384AB6-9253-4749-B865-E3E6F5CE41D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4BF1575-501F-44D4-A0DD-021A7A0C3796}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4D69EB0-4718-4FBC-920D-13930CEA41C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4F11F0B-7627-44B7-A9F4-37A4C467D295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D51960D7-4430-4C98-9B1B-798CD3CDE756}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5871AEC-6649-4468-BE8B-FAC42D740DB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5F1B9D9-3685-48DB-AB72-D8172208FC75}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{D719AEC1-4DAF-423F-826A-869447A3FAE1}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{D7324767-CB19-4FE1-A508-9979E9D86340}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D86D77DF-16F0-422C-AF14-5D5FB8274CAB}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe |
"{D91816AC-3692-4C1B-8CA6-BD2527A58088}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D953AC39-D431-4902-ADA7-2424B163856C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA64409D-7BDD-41A8-9A7A-3E257262B0CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCA2DF3C-9C62-44AA-B6E6-BD16382D07E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCE32E5E-58D5-49B6-9D14-1950C4DA6D05}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD7406FC-D436-46D3-A370-FE701B58DABF}" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{DD9B18EF-E7D0-42AE-B328-FA653606F846}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDAACEC5-160C-43E0-AB96-F385ECA00E5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DE11A0A4-D448-4A27-9BD8-080B93A67A1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DE34EDD9-11FA-4A7B-B40F-BA7D9393CC4C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF9C28CE-5290-4FA0-A558-709837F61024}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{DFCC54CA-E166-438F-911F-37745FBF2413}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4780CEC-EBD9-46A6-A116-7092934C59E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5DC6218-E861-4F30-98E6-3D4349F13B0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E63C76CA-1B69-4F12-9B3E-7153A7D6E78D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB00DF19-B60F-4922-9180-16B8B1BE0FB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF7E42CF-2472-4939-AFC6-2E73E499D567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF8F44A1-75F0-4731-A2B8-F65D268863CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F02F7A42-F695-45DA-A647-FADEFBD44668}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0AADB0D-2C4E-4669-95AD-5A6FFAE84341}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0C612DB-2DDF-4064-97C6-6F94150231E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F417D31F-EF8D-4E0D-8DFA-0ECE3CB87DA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4CDE4ED-77F3-46ED-9457-BC70989E682F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F646C45C-53A1-412E-A271-ECBF30ED66A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7E95C23-16E6-417F-8A0A-7AC44D66CDDE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F80DBEF5-4C33-4BBA-BDC9-9DE401CA119D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{FB2889FC-0612-44DE-B800-10EFA48D3A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD40217F-34B1-4C53-B95A-D21236EF2BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDEC9A9E-0A69-413A-A6AE-AC7D3D43C02C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FE6D4125-9524-411A-A59C-A85184AAC94D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FED21B9F-C613-4738-A20B-C5782F6DB01D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF3E28AA-D4F1-49E6-AC49-3BE9A9126D6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF9DCA66-F4CE-4FB6-8007-3A29A800130C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{4CF20855-4AE1-4676-812B-77E4BF34E0BB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{52146F77-6A0A-43E3-9F5E-B3A826CFE536}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"TCP Query User{54EB5727-E238-44CC-B80F-3C731CA98943}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{65E06B44-6FF2-48C0-A6A1-11F98EA47DB8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{74D2C53C-91E2-4A1C-8DD2-13DA2297DEB3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EB38ABBE-3029-4297-A505-D8FDC190A11E}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7EF970AD-4BB1-4FD9-BF14-586025D48CF8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{94178D2D-CAEB-48F7-AC20-0DDAB2E47407}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"UDP Query User{9C2E54DE-F01F-41FD-8E7D-683663434B17}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9ED703EC-1F42-4E0B-BA00-82D2DB095998}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A65CA608-39C9-4965-AE47-17D826173196}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C0BE0C38-343B-446C-8E6D-C4F844CB79AE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series" = Canon MG4100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{41D4A454-9DF4-4299-8C30-1BBA753E83E1}" = Polar WebSync
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWL-G122_DWA-110
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7904C62-0B90-4830-AA5D-5192F88FD6EB}" = Carl Zeiss AxioVision Rel. 4.8.2
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint 2.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BIPA FotoShop" = BIPA FotoShop
"CrossLoop_is1" = CrossLoop 2.81
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"GetASFStream" = GetASFStream
"HappyFoto-Designer_is1" = HappyFoto-Designer
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"ilividtoolbargaw" = Search-Results Toolbar
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.10.1652" = Opera 12.10
"PhotoScape" = PhotoScape
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PROPLUS" = Microsoft Office Professional Plus 2007
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeamViewer 8" = TeamViewer 8
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"START2" = START2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.05.2013 13:37:09 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2013 13:54:31 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.05.2013 01:39:01 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.05.2013 09:47:14 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2013 11:00:30 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.05.2013 13:21:26 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 01:47:45 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:07:36 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:36:04 | Computer Name = Carina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: pctsSvc.exe, Version: 9.1.0.2894,
Zeitstempel: 0x509054e5 Name des fehlerhaften Moduls: rtl100.bpl, Version: 11.0.2902.10471,
Zeitstempel: 0x475fc385 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000a264 ID des fehlerhaften
Prozesses: 0xe08 Startzeit der fehlerhaften Anwendung: 0x01ce51781e68d30f Pfad der
fehlerhaften Anwendung: C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\PC Tools\PC Tools Security\rtl100.bpl
Berichtskennung:
c54c35fa-bd6c-11e2-b38d-00261812d1fc
Error - 15.05.2013 10:38:59 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 04.02.2010 03:33:56 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 08:33:49 - Fehler beim Herstellen der Internetverbindung. 08:33:49
- Serververbindung konnte nicht hergestellt werden..
Error - 04.02.2010 16:23:53 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 21:23:52 - Fehler beim Herstellen der Internetverbindung. 21:23:52
- Serververbindung konnte nicht hergestellt werden..
Error - 05.02.2010 04:59:32 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 09:59:29 - Fehler beim Herstellen der Internetverbindung. 09:59:29
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:20 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:19 - Fehler beim Herstellen der Internetverbindung. 23:27:19
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:28 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:25 - Fehler beim Herstellen der Internetverbindung. 23:27:25
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 06:08:07 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 11:08:04 - Fehler beim Herstellen der Internetverbindung. 11:08:04
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:46 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:46 - Fehler beim Herstellen der Internetverbindung. 22:34:46
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:54 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:51 - Fehler beim Herstellen der Internetverbindung. 22:34:51
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:08 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:08 - Fehler beim Herstellen der Internetverbindung. 23:50:08
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:14 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:13 - Fehler beim Herstellen der Internetverbindung. 23:50:13
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 27.02.2011 08:39:21 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.02.2011 10:29:18 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.04.2011 03:31:12 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 14:41:15 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 16:24:06 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.07.2011 07:31:42 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2820
seconds with 2640 seconds of active time. This session ended with a crash.
Error - 31.07.2011 16:59:34 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1285
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 29.12.2011 11:30:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.03.2012 08:20:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6362
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.04.2012 17:20:10 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16657
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.05.2013 11:56:30 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:56:42 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:56:49 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:02 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:57:14 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:21 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:34 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 15.05.2013 10:13:12 | Computer Name = Carina-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Datamngr Coordinator" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
< End of report >
Gmer: Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-15 17:36:36
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-65A7B2 rev.01.03B01 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Carina\AppData\Local\Temp\awlirpod.sys
---- System - GMER 2.1 ----
SSDT 912882A6 ZwCreateSection
SSDT 912882B0 ZwRequestWaitReplyPort
SSDT 912882AB ZwSetContextThread
SSDT 912882B5 ZwSetSecurityObject
SSDT 912882BA ZwSystemDebugControl
SSDT 91288247 ZwTerminateProcess
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FEC] ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwOpenKey [0x83041FF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FF1] ZwOpenKey [0x83041FF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 83041FF6
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 8307EA09 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B81F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 830BF314 3 Bytes [EC, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 830BF34C 4 Bytes [A6, 82, 28, 91] {CMPSB ; SUB BYTE [EAX], 0x91}
.text ntkrnlpa.exe!KeRemoveQueueEx + 137F 830BF4D4 3 Bytes [F1, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 830BF6A8 4 Bytes [B0, 82, 28, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 830BF6EC 4 Bytes [AB, 82, 28, 91] {STOSD ; SUB BYTE [EAX], 0x91}
.text ...
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0xA4206000, 0x47E35, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0xA425A224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0xA425A000, 0x4000, 0xE20000E0]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA425E300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\drivers\hardlock.sys section is writeable [0xA42A1400, 0x6E6E2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820] C:\Windows\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820]
.protectÿÿÿÿhardlockunknown last code section [0xA432B600, 0x512A, 0xE0000020] C:\Windows\system32\drivers\hardlock.sys unknown last code section [0xA432B600, 0x512A, 0xE0000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA4331300, 0x1BEE, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- EOF - GMER 2.1 ----
Danke im Voraus!
LG
Richard |
Bitte lesen:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
