| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Smart Fortress 2012 auf Windows 7 Professional (32bit)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.05.2012, 14:27
| #1 |
 |  Smart Fortress 2012 auf Windows 7 Professional (32bit) Hallo zusammen, ich habe mir soeben scheinbar einen "Smart Fortress 2012" Trojaner eingefangen.  Die Anweisungen zum entfernen hier habe ich erfolgreich durchführen können. Zur weitergehenden Prüfung möchte ich mich dennoch nochmal an euch wenden, um sicher zu gehen, dass tatsächlich alles entfernt wurde. Hier die OTL-Logfiles nachdem ich das System bereinigt habe: OTL.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 03.05.2012 14:39:09 - Run 1 OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\***\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 41,89% Memory free 4,00 Gb Paging File | 2,45 Gb Available in Paging File | 61,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 220,87 Gb Total Space | 75,67 Gb Free Space | 34,26% Space Free | Partition Type: NTFS Computer Name: ***-NB | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe () PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files\Squeezebox\SqueezeTray.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (Logitech, Inc.) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\dvd43\DVD43_Tray.exe () PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Windows\System32\spool\drivers\w32x86\3\OPHALDCS.EXE (Oki Data Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\bd5179a413bc0c4b82eedc22c6cab101\re.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\93e7e3d6030f426844228042348210cf\Service.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\eb138ef0e4282611dbf485a302784646\LibYAML.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\e56c61f7248672819579325af3387035\POSIX.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\f233f63b6654362865c7577442edb9e3\Win32.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll () MOD - C:\Users\***\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\4461f48e31bde5c56b31b973b773de09\List.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\c5cce8d16a1bd48692b421dcf46d3396\Util.dll () MOD - C:\Users\***\AppData\Local\Temp\pdk-***-3708\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\USERDA~1\NPAPIF~1\gcswf32.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\avutil-51.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\avformat-53.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\95e261d2660c662aab4306168001f3e7\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\2a1d0ebdb3810bb2926aea930567a3ef\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\bf4d4ad3e86281bc3924d74f4e716322\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\876000568ee47aa4407f0931161adf59\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\ab9feeb2817859457fc06c4c06f32fe1\System.Drawing.ni.dll () MOD - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu () MOD - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b8f323bbcb35543dd68e9dbdd1abe69b\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\15e071596162d504ead0394ec971ad3b\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wgui12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wcore12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\rscorewinapi47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wauff12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wfvie12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wreli12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\wsteu12.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\rsguiwinapi47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\rsodbc47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\rsdcom47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtCLuceners47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\phononrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtWebKitrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtTestrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtScriptrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\Qt3Supportrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtSqlrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtSvgrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtXmlrs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtGuirs47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtCorers47.dll () MOD - C:\Program Files\Buhl finance\tax Steuersoftware 2012\QtNetworkrs47.dll () MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll () MOD - C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files\Notepad++\NppShell_04.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\PROGRA~2\PSPADE~1\PSPADS~1.DLL () MOD - C:\Program Files\dvd43\DVD43_Tray.exe () ========== Win32 Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (Logitech, Inc.) SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (DCSLoader) -- C:\Windows\System32\spool\drivers\w32x86\3\OPHALDCS.EXE (Oki Data Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (iaNvStor) Intel(R) -- C:\Windows\System32\drivers\iaNvStor.sys (Intel Corporation) DRV - (VirtualCam) -- C:\Windows\System32\drivers\VirtualCam.sys (MorningSound Co., Ltd.) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (Windows (R) Codename Longhorn DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 B9 1F BB 9B A7 CC 01 [binary data] IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.6\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{23D7A326-06E9-404D-B48E-A8DB83B24E1E}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.rwe.com:80 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@reiner-sct.com/OWOK,version=2.0.0.4: C:\Program Files\REINER SCT\OWOK\NPAPI-20\nprsct_owok_npapi-2004.dll (REINER Kartengeräte GmbH und Co. KG.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\***\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.20 21:03:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.02.11 15:17:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.04.20 13:19:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.04.23 09:41:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.03 12:10:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.25 18:44:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.12.18 21:21:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.04.23 09:41:54 | 000,000,000 | ---D | M] [2011.10.07 18:02:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2012.05.03 12:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ussga7d.default\extensions [2012.05.03 12:15:17 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4ussga7d.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012.05.03 12:10:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions () (No name found) -- C:\Users\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4USSGA7D.DEFAULT\EXTENSIONS\{68836A21-FC7D-4EA1-A065-7EFABD99D414}.XPI () (No name found) -- C:\Users\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4USSGA7D.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI () (No name found) -- C:\Users\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4USSGA7D.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI () (No name found) -- C:\Users\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4USSGA7D.DEFAULT\EXTENSIONS\PIXELZOOMER@MATTHIASSCHUETZ.COM.XPI [2012.05.03 12:10:16 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.11.04 16:05:51 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2011.10.26 20:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.11.26 21:00:06 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml [2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: OWOK (Enabled) = C:\Program Files\REINER SCT\OWOK\NPAPI-20\nprsct_owok_npapi-2004.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Angry Birds = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Ping Pong = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjehnmbocckbifckfegbkieblkipjmp\2.0_0\ CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Paper Toss = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlifoiidlkcpdlchhngenehnhcadakpl\2.3_0\ O1 HOSTS File: ([2011.12.30 12:39:09 | 000,000,847 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 testshop.de O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe () O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.7.0_01) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39D44890-344E-4005-8134-6C067B94A733}: DhcpNameServer = 10.153.194.236 10.153.70.100 10.153.72.236 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDA500EF-216D-4E40-B9F3-6C889750D649}: NameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2ee8cf70-71da-11e1-94aa-00030d87b953}\Shell - "" = AutoRun O33 - MountPoints2\{2ee8cf70-71da-11e1-94aa-00030d87b953}\Shell\AutoRun\command - "" = E:\Autoplay.exe -auto O33 - MountPoints2\{b5b40963-2ae7-11e1-af84-00030d87b953}\Shell - "" = AutoRun O33 - MountPoints2\{b5b40963-2ae7-11e1-af84-00030d87b953}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\StartViewer.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.05.03 12:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.05.03 12:51:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.05.03 12:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.05.03 12:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F170001619A000AE1ADB4EB238B [2012.05.03 12:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.05.03 12:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.05.03 10:13:51 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\TV Welling [2012.05.03 09:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2012.05.03 09:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2012.05.03 09:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar [2012.04.29 12:02:59 | 000,000,000 | ---D | C] -- C:\Users\***\Photoshop [2012.04.29 10:41:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nvu [2012.04.29 10:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu [2012.04.29 10:41:31 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu [2012.04.25 17:19:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\OpenIndex [2012.04.25 17:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenEstate [2012.04.25 17:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\OpenEstate-ImmoTool [2012.04.24 18:24:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Audacity [2012.04.24 18:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity [2012.04.24 18:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2012.04.24 18:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No23 Recorder [2012.04.24 18:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\No23 Recorder [2012.04.23 09:58:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\GHISLER [2012.04.20 13:53:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.04.20 13:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012.04.20 13:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012.04.20 13:29:11 | 000,000,000 | ---D | C] -- C:\Users\***\Adobe Flash Builder 4.5 [2012.04.20 13:24:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Artisteer [2012.04.20 13:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2012.04.20 13:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 3 [2012.04.20 13:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Artisteer 3 [2012.04.20 13:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Web Premium CS5.5 [2012.04.20 10:25:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.04.20 10:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2012.04.13 08:35:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2012.04.13 08:34:56 | 000,000,000 | ---D | C] -- C:\Users\***\.thumbnails [2012.04.12 10:02:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2012.04.12 10:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.04.11 09:04:53 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.04.11 09:04:52 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.04.11 09:04:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.04.11 09:04:51 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.04.11 09:04:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.04.11 09:04:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.04.11 08:59:16 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.04.11 08:59:16 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.04.10 17:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\directx [2012.04.10 17:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2012.04.10 17:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012.04.10 14:32:48 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe [2012.04.09 23:12:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain [2012.04.09 23:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain [2012.04.09 23:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\MP3Gain [2012.04.08 21:57:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\IrfanView [2012.04.08 21:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView [2012.04.08 21:57:42 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView [2012.04.08 18:10:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Windows Live [2012.04.08 18:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012.04.04 07:53:58 | 000,047,512 | ---- | C] (Adobe Systems Inc) -- C:\Windows\System32\AdobePDF.dll [2012.04.04 07:53:56 | 000,022,936 | ---- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.05.03 14:38:11 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.03 14:38:11 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.03 14:35:04 | 000,690,938 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.05.03 14:35:04 | 000,645,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.05.03 14:35:04 | 000,139,904 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.05.03 14:35:04 | 000,114,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.05.03 14:29:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.05.03 14:29:38 | 1609,363,456 | -HS- | M] () -- C:\hiberfil.sys [2012.05.03 12:51:45 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.03 12:13:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.03 11:58:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000UA.job [2012.04.29 17:19:31 | 004,046,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.04.28 19:58:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2451510392-3483582798-355726404-1000Core.job [2012.04.24 11:09:10 | 000,003,412 | ---- | M] () -- C:\Users\***\.recently-used.xbel [2012.04.14 10:13:05 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.04.14 10:13:05 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.04.04 07:53:58 | 000,047,512 | ---- | M] (Adobe Systems Inc) -- C:\Windows\System32\AdobePDF.dll [2012.04.04 07:53:56 | 000,022,936 | ---- | M] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.05.03 12:51:45 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.04.24 18:24:09 | 000,000,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012.04.24 11:09:10 | 000,003,412 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2012.04.23 18:08:11 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012.04.20 13:23:29 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012.04.20 13:23:29 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2012.04.20 13:19:47 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk [2012.04.20 13:15:46 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012.04.20 10:25:04 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012.03.08 10:21:00 | 000,000,536 | ---- | C] () -- C:\Windows\wiso.ini [2012.02.20 17:38:53 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2012.01.30 18:18:52 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND [2011.11.04 12:13:07 | 000,000,017 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg [2011.10.27 17:24:46 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2011.10.15 17:30:02 | 000,000,175 | ---- | C] () -- C:\Windows\OPHA.INI [2011.10.10 22:27:54 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.10.09 10:22:30 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.10.08 11:43:34 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011.10.08 11:43:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2011.10.07 15:19:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll ========== LOP Check ========== [2011.10.29 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AppClient [2012.04.20 13:24:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Artisteer [2012.04.26 21:26:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity [2012.03.08 10:10:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service [2012.03.27 09:59:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service GmbH [2011.10.07 16:41:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited [2012.04.20 13:53:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.04.20 10:25:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.10.08 11:24:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.polythink.ups.wda.03EBA0C726630DF115D9764F9B83F5185396D811.1 [2012.03.27 11:15:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.Rhapsody.Napster5 [2012.03.19 18:03:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite [2012.05.03 14:34:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox [2011.11.26 13:36:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2011.11.26 13:36:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers [2012.02.11 15:11:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\e-academy Inc [2012.01.03 09:04:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular [2012.05.03 10:24:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla [2011.10.08 11:43:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreePDF [2012.03.21 20:49:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GHISLER [2012.04.13 12:19:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2012.03.21 17:10:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HandBrake [2012.03.16 14:17:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ImgBurn [2012.04.08 21:57:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView [2012.03.27 11:03:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX [2012.01.07 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mp3DirectCut [2012.03.16 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag [2011.10.30 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MySQL [2011.10.22 17:11:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2012.04.29 10:41:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nvu [2012.03.14 19:57:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenArena [2012.04.25 17:19:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenIndex [2012.01.04 12:22:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OPHA [2012.02.20 18:33:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PDFCreator [2012.02.20 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge [2011.10.10 22:18:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung [2012.04.28 16:24:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify [2012.02.11 17:36:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Swiss Academic Software [2011.12.22 10:17:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2012.04.17 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Temp [2011.10.07 18:02:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2012.04.10 11:53:09 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Extras.txtOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 03.05.2012 14:39:09 - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\***\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 41,89% Memory free
4,00 Gb Paging File | 2,45 Gb Available in Paging File | 61,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,87 Gb Total Space | 75,67 Gb Free Space | 34,26% Space Free | Partition Type: NTFS
Computer Name: ***-NB | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9000:TCP" = 9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)
"9001:TCP" = 9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)
"9002:TCP" = 9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)
"9003:TCP" = 9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)
"9004:TCP" = 9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)
"9005:TCP" = 9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)
"9006:TCP" = 9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)
"9007:TCP" = 9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)
"9008:TCP" = 9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)
"9009:TCP" = 9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)
"9010:TCP" = 9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)
"9100:TCP" = 9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)
"8000:TCP" = 8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)
"10000:TCP" = 10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)
"9090:TCP" = 9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)
"3483:UDP" = 3483:UDP:*:Enabled:Logitech Media Server 3483 udp
"3483:TCP" = 3483:TCP:*:Enabled:Logitech Media Server 3483 tcp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12D1E334-00A3-41C0-9110-E239641CC583}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18D2CA0E-4229-4DBF-90B1-D5E50FC8AFB6}" = lport=137 | protocol=17 | dir=in | app=system |
"{2643F1ED-7DF3-43A7-A080-2B23B44C21F6}" = rport=445 | protocol=6 | dir=out | app=system |
"{2B07572A-873E-46C5-BDA7-36451EB73986}" = lport=445 | protocol=6 | dir=in | app=system |
"{2C9DD68D-D9BC-4919-A93D-80467F673C6F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2FBF2B16-0FA5-40CF-BCB0-F3FB2D290FB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36C1495C-3EEC-4339-8E6F-04794CCAB879}" = rport=137 | protocol=17 | dir=out | app=system |
"{460A6032-07A9-4740-BA0D-C8CB95942D41}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{489B499F-3D3A-415B-A37D-D540471EF195}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{56D88E73-8824-4635-9F59-42CD96579F89}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{59DC2DCE-116B-4C57-9A0D-5F5302619D31}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67018766-41B0-4D7A-ACDC-4B64EAA1B243}" = lport=138 | protocol=17 | dir=in | app=system |
"{77679A05-3222-49B5-BFD5-8ECC5C5D2382}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7AC8762F-B1FA-4547-99DD-D97F1B3BD5BF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8C1563E5-163A-43F2-BDFF-D4ED8A9C0A14}" = rport=138 | protocol=17 | dir=out | app=system |
"{91344D0F-3ADC-449B-96CE-A3DA0207F674}" = rport=139 | protocol=6 | dir=out | app=system |
"{A1C03D04-35A3-4B42-97B5-22E4F658D9E0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{AFCDE220-424B-41C8-BF9D-A9250B6BCDCA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
"{BAEB47DF-0F72-42C7-9BB9-625ED2C27F5B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD351B04-2E0D-45D5-B83E-EBDC43A238A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE9F50B3-5A50-4623-924C-312946A7A7CB}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{D75055B3-BE09-40FC-8D08-2BDA8790DC2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB8C9CCD-4C5B-4D0F-BA0F-9430F3BE0F02}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE0DB673-238E-4501-B1A8-C41A5E71ACC4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E43F9601-A27F-468D-8BA4-73D4CDF6FDB0}" = lport=139 | protocol=6 | dir=in | app=system |
"{EE9F278B-E58C-495B-83FA-381CD27CEAD9}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0277AFE0-E53D-4B40-9C66-08FA6FADFA79}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{15B8EB5D-BC6A-4326-A68D-753BF0EBADA0}" = protocol=6 | dir=out | app=system |
"{24E7BB5F-1504-4A10-8A38-FF3B2C0A472F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2C746E7C-665F-431D-90B8-ADF3A0802E78}" = protocol=17 | dir=in | app=c:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{3D159141-A9ED-4436-BFC0-17B686765301}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DCAC0E4-3AEA-4DF2-A80B-9695BA94F8A8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{40F114A1-E791-4FB5-BA43-6452056FF176}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41862E03-D9E6-4261-A291-E9C598E54BE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4752E560-3BFA-4809-854E-6DDC27F2AE9D}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{4CB659B8-7FED-4E68-A177-4791D9ED71FE}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{51FB169B-B21D-4696-B041-E7B1CE51708B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{55734C8A-5E2F-4783-A18B-BB8E4EAE4000}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61E69AF6-3997-4C68-9D3F-473A9A2ACF38}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{749FDCB5-315D-4F29-B057-9A77151B098D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CD58ED2-56AA-4614-B991-A2038F82DED8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A7353B2-8B13-407F-A691-813E8F5D51FA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8E5EA689-17D5-4333-ADCA-74533D440BBA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F7B56BE-84FF-49E1-AF32-E1D9924D4135}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{90CF2DA0-F362-4595-8C59-CF66BA173087}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{93043B53-3B93-4417-BC4E-5B2AE1A17BFB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A89A0DC2-524B-40C9-835A-7FA8C4C32CB2}" = protocol=6 | dir=in | app=c:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{A89A5ED0-8D38-416F-8783-9C29299B8929}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC3AA4AB-0167-49D7-B922-ED43A5CE4367}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{B5FA05C1-7510-45D7-BA8F-7CFFEFD685C6}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{B7334F0C-DEFB-496E-8725-5BC67DA2E934}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{BACFB37C-527C-4FE3-AC4D-999011C67C72}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{BB34011A-103C-492C-BBDA-A6CE046E12B0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBA75C41-4A1F-4FE7-B3F9-50C8133D43FF}" = dir=in | app=c:\program files\squeezebox\server\squeezesvr.exe |
"{BE4770BB-5D90-42EC-B95F-96D068EAD477}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C751ADD7-6BCF-4380-9734-FF469C4E9CC9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CEA94DEC-AF29-4A74-8554-2131D7D029C7}" = protocol=17 | dir=in | app=c:\Users\***\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{D4B63564-F1A0-44B8-A9EF-0EE8E7E0A9CE}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{DA44DFBD-EA7C-423A-AB29-8B2C76FB86E2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DE52004C-82DC-47A4-914D-66A41ADDA4FA}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{E4637F05-0A8E-4195-A6E4-218307528B6A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{EFC98F46-77E4-4C48-A2BE-43515DD8A9BE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F1EB4043-80C3-49A3-A1FF-78133DC5E086}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4412FD6-6A96-43A4-8017-71403DD27C2F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F4AFBA61-97B2-4026-B3BC-B856325E1D7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F5E99228-B9A3-4A62-98CB-08633FC235CD}" = protocol=6 | dir=in | app=c:\Users\***\appdata\local\google\google talk plugin\googletalkplugin.exe |
"TCP Query User{0C547764-8A3A-44E5-9577-F836CA1AC6EF}C:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1F506D03-F687-4D0A-8317-96DDC7032233}C:\users\handball\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\handball\appdata\roaming\spotify\spotify.exe |
"TCP Query User{23D9A46A-424B-4E7E-9849-EB9A25A853C2}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{24694A8F-48A2-4A7C-87F7-C17C7F0DFF43}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{29B28870-BD61-4AB4-ABE2-B8D237E6E7E9}C:\Users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\Users\***\appdata\roaming\spotify\spotify.exe |
"TCP Query User{33622CB6-09EE-43DC-B3DC-2A079BE7E3B2}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{42EC8DB0-8413-4452-BE96-117858F532E4}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{68D3D9E3-6C51-47E2-A792-DDE41360F7F6}C:\Users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\Users\***\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7429A717-5610-43CE-A9F9-E42AA56BAAD3}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7798802C-EEB8-4938-B2A8-B849E3541A90}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{867803E0-28ED-4513-8E56-CC0560FFC4CD}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{8ABE8C7C-E855-4B7A-94F6-FF4146AC0BCE}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{A64CC3C5-64C4-40A2-AC68-86935C6AF89D}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{A8E88279-4BCE-4507-8911-C689D71D2D52}C:\users\handball\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\handball\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B7554DBE-F7A7-4A8A-9E40-DACE916AEAE6}C:\program files\openarena-0.8.8\openarena.exe" = protocol=6 | dir=in | app=c:\program files\openarena-0.8.8\openarena.exe |
"TCP Query User{DBEA43DA-5546-4977-A4EB-9338AA325D2C}C:\Users\***\desktop\openarena-0.8.8\openarena.exe" = protocol=6 | dir=in | app=c:\Users\***\desktop\openarena-0.8.8\openarena.exe |
"TCP Query User{E664AC10-2388-4123-9173-94E4B35555ED}C:\program files\napster\napster.exe" = protocol=6 | dir=in | app=c:\program files\napster\napster.exe |
"TCP Query User{F77EA495-F64C-4995-8F3C-A128B8F194C2}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{0843CAD7-BE08-488D-945D-32C7DE340A66}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{121C019E-CF28-4497-BB39-BDE9152EE563}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{13F6A78A-1189-4BAB-BD52-098254BA3F9B}C:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\Users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{195A0948-0CEA-4A61-B2AE-2494B7F4AFA7}C:\program files\openarena-0.8.8\openarena.exe" = protocol=17 | dir=in | app=c:\program files\openarena-0.8.8\openarena.exe |
"UDP Query User{26A1BCD0-82D3-4010-8BDE-FAA2320C20EC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3297708E-F599-49FA-9B19-86404C09E2AC}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{3AB2F504-FC0D-40E3-A616-184389875811}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4F028160-AF8F-419D-ADD5-215277704398}C:\Users\***\desktop\openarena-0.8.8\openarena.exe" = protocol=17 | dir=in | app=c:\Users\***\desktop\openarena-0.8.8\openarena.exe |
"UDP Query User{65F25323-06B1-4DE0-B014-2601DEA7BCFD}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{6C5D760E-39D7-42F3-9CED-9C87738D35FF}C:\Users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\Users\***\appdata\roaming\spotify\spotify.exe |
"UDP Query User{78A3C9F6-3DC9-4D0F-91A5-27A2B2E49331}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{8F05C83A-230E-4B7C-BEF6-AB79F5ED7402}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{92291305-E39C-47E6-B260-23CED849AE94}C:\users\handball\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\handball\appdata\roaming\spotify\spotify.exe |
"UDP Query User{9EC817C9-2DEE-4827-8578-1F4F11FE7FA4}C:\program files\napster\napster.exe" = protocol=17 | dir=in | app=c:\program files\napster\napster.exe |
"UDP Query User{AC23EC3C-F514-4AAF-9E27-475ADBBC0B3B}C:\Users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\Users\***\appdata\roaming\spotify\spotify.exe |
"UDP Query User{C2978CE0-DCE0-4E7E-A576-6C06F28DF216}C:\users\handball\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\handball\appdata\roaming\spotify\spotify.exe |
"UDP Query User{EEF1F265-E58A-4163-B6DE-D8C8E27AA94C}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{F9CA384C-222F-41AC-9F72-FCE12548706B}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D0EB043-73A9-B71E-BA0B-1F6126BD2524}" = Napster 5.0 Beta
"{0E806605-5B82-4A4F-BC31-AA4FADA03C42}" = t@x 2012
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FD60254-35B7-4915-862B-26847C9FE8DE}" = Tunebite
"{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1" = Mein Büro
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C52D6EB-EE7E-45C4-AFB8-1242164A4A44}" = C5150n - C5200n Series GDI Driver from OKI® Printing Solutions for Windows
"{31423F74-36B2-4d24-B10D-CD00BFB7C118}" = Intel® Turbo Memory
"{32A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E2ABE05-B7AD-4D77-8A19-BDA0E4302190}" = Google SketchUp 8
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{818FB39B-1A57-4F1B-A54D-391C33D6C596}" = Tropico
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86FA7865-F1BB-4BDA-B296-4120684A692C}" = WISO Mein Geld 2012 Standard
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager und Intel® Turbo Memory
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{944322AF-5D21-43F7-87DE-06BB30A1C369}" = MySQL Workbench 5.2 CE
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{971CD5D9-FF9E-474F-8364-704DF9B4FCA6}" = pdfforge Toolbar v5.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}" = Secure Download Manager
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4749B38-C5BD-4A02-8E9F-C1EF7CCEA651}" = Adobe Creative Suite 5.5 Web Premium
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB5E57BD-2E5E-4EF4-A7AE-08CB03102E06}" = MAGIX Music Maker Silver
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"2ADF4484850200A062B66ED19240994480D85943" = Windows-Treiberpaket - ITE Tech.Inc. (itecir) HIDClass (01/05/2007 5.0.0003.2)
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Android SDK Tools" = Android SDK Tools
"Artisteer 3" = Artisteer 3
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"com.Rhapsody.Napster5" = Napster 5.0 Beta
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD43_is1" = DVD43 v4.6.0
"ElsterFormular 12.4.1.7699k" = ElsterFormular
"facemoods" = Facemoods Toolbar
"FileZilla Client" = FileZilla Client 3.5.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HandBrake" = HandBrake 0.9.6
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InvelosDVDProfiler_is1" = DVD Profiler Version 3.7.2
"IrfanView" = IrfanView (remove only)
"Jingle Palette" = Jingle Palette 4.4.5
"Logitech Media Server_is1" = Logitech Media Server 7.7.0
"MAGIX_{BB5E57BD-2E5E-4EF4-A7AE-08CB03102E06}" = MAGIX Music Maker Silver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49a
"No23 Recorder" = No23 Recorder
"Notepad++" = Notepad++
"Nvu_is1" = Nvu 1.0
"Office14.SingleImage" = Microsoft Office Professional 2010
"OWOK-NPAPI-20" = OWOK 2.0.0.4 NPAPI
"PSPad editor_is1" = PSPad editor
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"RemoteControl for Winamp1.00" = RemoteControl for Winamp
"SopCast" = SopCast 3.4.8
"sp6" = Logitech SetPoint 6.32
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.1
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WISO Mein Geld 2012 Standard" = WISO Mein Geld 2012 Standard
"xampp" = XAMPP 1.7.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.04.2012 10:50:40 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 02.04.2012 10:50:40 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1029
Error - 02.04.2012 10:50:40 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1029
Error - 02.04.2012 10:50:41 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 02.04.2012 10:50:41 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2028
Error - 02.04.2012 10:50:41 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2028
Error - 02.04.2012 10:50:42 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 02.04.2012 10:50:42 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3026
Error - 02.04.2012 10:50:42 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3026
Error - 02.04.2012 10:50:43 | Computer Name = ***-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
[ Media Center Events ]
Error - 21.01.2012 15:58:11 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 20:58:11 - Fehler beim Herstellen der Internetverbindung. 20:58:11
- Serververbindung konnte nicht hergestellt werden..
Error - 21.01.2012 15:58:19 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 20:58:16 - Fehler beim Herstellen der Internetverbindung. 20:58:16
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 12:54:06 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 17:54:06 - Fehler beim Herstellen der Internetverbindung. 17:54:06
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 12:54:14 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 17:54:11 - Fehler beim Herstellen der Internetverbindung. 17:54:11
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 13:54:18 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 18:54:18 - Fehler beim Herstellen der Internetverbindung. 18:54:18
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 13:54:23 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 18:54:23 - Fehler beim Herstellen der Internetverbindung. 18:54:23
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 14:54:58 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 19:54:57 - Fehler beim Herstellen der Internetverbindung. 19:54:58
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 14:55:27 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 19:55:27 - Fehler beim Herstellen der Internetverbindung. 19:55:27
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 15:56:02 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 20:56:02 - Fehler beim Herstellen der Internetverbindung. 20:56:02
- Serververbindung konnte nicht hergestellt werden..
Error - 28.01.2012 15:56:31 | Computer Name = ***-NB | Source = MCUpdate | ID = 0
Description = 20:56:31 - Fehler beim Herstellen der Internetverbindung. 20:56:31
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 26.02.2012 03:30:42 | Computer Name = ***-NB | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?02.?2012 um 21:13:06 unerwartet heruntergefahren.
Error - 26.02.2012 05:57:41 | Computer Name = ***-NB | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 26.02.2012 05:57:41 | Computer Name = ***-NB | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 26.02.2012 08:50:51 | Computer Name = ***-NB | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 26.02.2012 08:50:51 | Computer Name = ***-NB | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 27.02.2012 06:30:40 | Computer Name = ***-NB | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 27.02.2012 06:30:40 | Computer Name = ***-NB | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 27.02.2012 06:41:10 | Computer Name = ***-NB | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 27.02.2012 07:31:04 | Computer Name = ***-NB | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 27.02.2012 07:31:04 | Computer Name = ***-NB | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
Ist mein System jetzt wieder sauber? |
| Themen zu Smart Fortress 2012 auf Windows 7 Professional (32bit) |
| 7-zip, adobe after effects, antivir, application/pdf, application/pdf:, avira, bho, bonjour, converter, decrypter, desktop, device driver, document, entfernen, fehler, firefox, flash player, geld, google, helper, home, install.exe, jdownloader, karte, langs, microsoft office word, mp3, object, pdfforge toolbar, plug-in, remote control, scan, searchscopes, security, senden, sketchup, svchost.exe, system, taskhost.exe, total commander, tracker, trojaner, usb, version=1.0, windows |
Baum-Darstellung