| |
| |||||||
Log-Analyse und Auswertung: Aus sicherheitsgründen wurde ihr windowssystem blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.05.2012, 17:22
| #1 |
| |  Aus sicherheitsgründen wurde ihr windowssystem blockiert Ich öffnete heute eine angeblichen Auftragsbestättigung per e-mail. Leider funktionierte seither der PC nicht mehr! Hab schon etwas von OTL gelesen, habe aber wenig Ahnung! Bin jetzt im abgesicherten Modus und bitte um Eure Hilfe! Benutze Incredimail falls das intressant ist! Danke Euch im Voraus Bernhard Winkler .DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Andrea&Berni at 20:05:08 on 2012-05-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.43.1031.18.4095.3422 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=52f3f09900000000000000215d99bb44&tlver=1.4.19.19&affID=17160
uURLSearchHooks: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
uURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
mURLSearchHooks: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
mURLSearchHooks: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
mWinlogon: Userinit=userinit.exe,
BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
BHO: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
TB: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll
TB: IncrediMail MediaBar 2 Toolbar: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files (x86)\IncrediMail_MediaBar_2\tbIncr.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
uRun: [<NO NAME>]
uRun: [52F3F099] C:\Users\Andrea&Berni\AppData\Roaming\Ranlpo\4A47DF7A52F3F099E2E5.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Free YouTube Download - C:\Users\Andrea&Berni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Andrea&Berni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888} : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888}\052435D2833373235453 : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888}\14E64627F696461405 : DhcpNameServer = 192.168.43.1
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888}\4586F6D637F6E6033433837393 : DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888}\465667F6C6F6D2030303243324445373037334 : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{4E1D4AD8-C498-433B-9510-98736ACA0888}\6777073756D696E61627 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ECB685C8-9C63-440C-AD9F-3DEB1F4B8D11} : DhcpNameServer = 10.0.0.138
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{0974BA1E-64EC-11DE-B2A5-E43756D89593}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{2EECD738-5844-4a99-B4B6-146BF802613B}
{64182481-4F71-486b-A045-B233BD0DA8FC}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{0974BA1E-64EC-11DE-B2A5-E43756D89593}
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
{98889811-442D-49dd-99D7-DC866BE87DBC}
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 MTsensor64;PU ACPI UTILITY;C:\Windows\system32\DRIVERS\PuAcpi64.sys --> C:\Windows\system32\DRIVERS\PuAcpi64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-12 661504]
S2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-5-8 86224]
S2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-5-8 110032]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
S2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-13 135952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DevoloNetworkService;devolo Network Service;C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2010-12-23 3304768]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-5 136176]
S2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-17 654408]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-4-9 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-20 378472]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 257696]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\system32\Drivers\ATSwpWDF.sys --> C:\Windows\system32\Drivers\ATSwpWDF.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-5 136176]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-1-4 340240]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys --> C:\Windows\system32\drivers\nmwcdnsucx64.sys [?]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\system32\DRIVERS\s1018bus.sys --> C:\Windows\system32\DRIVERS\s1018bus.sys [?]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s1018mdfl.sys --> C:\Windows\system32\DRIVERS\s1018mdfl.sys [?]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s1018mdm.sys --> C:\Windows\system32\DRIVERS\s1018mdm.sys [?]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s1018mgmt.sys --> C:\Windows\system32\DRIVERS\s1018mgmt.sys [?]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);C:\Windows\system32\DRIVERS\s1018nd5.sys --> C:\Windows\system32\DRIVERS\s1018nd5.sys [?]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s1018obex.sys --> C:\Windows\system32\DRIVERS\s1018obex.sys [?]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);C:\Windows\system32\DRIVERS\s1018unic.sys --> C:\Windows\system32\DRIVERS\s1018unic.sys [?]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-7-17 152064]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
.
=============== Created Last 30 ================
.
2012-05-17 15:07:30 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\Malwarebytes
2012-05-17 15:07:23 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-17 15:07:23 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-17 15:07:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-17 09:57:22 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\Ranlpo
2012-05-11 18:54:39 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-11 18:54:38 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-11 18:54:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-11 18:54:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-11 18:54:34 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-11 18:54:34 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-11 18:53:18 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-11 18:53:17 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-11 18:53:11 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-11 18:53:11 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:53:10 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 18:53:10 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-11 18:53:10 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-08 07:53:36 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\Avira
2012-05-08 07:50:14 98848 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-05-08 07:50:14 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-05-08 07:50:08 -------- d-----w- C:\ProgramData\Avira
2012-05-08 07:50:08 -------- d-----w- C:\Program Files (x86)\Avira
2012-05-08 07:41:02 -------- d-----w- C:\Users\Andrea&Berni\AppData\Local\Logishrd
2012-05-08 07:32:03 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\Logishrd
2012-05-08 07:29:48 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-05-08 07:29:48 676968 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-05-07 20:28:20 19572 ----a-w- C:\Windows\SysWow64\drivers\FNETDEVI.SYS
2012-05-07 20:28:20 -------- d-----w- C:\Program Files (x86)\FAT32 Format
2012-05-06 22:09:12 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-05-06 22:07:55 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-05-06 22:07:21 -------- d-----w- C:\Users\Andrea&Berni\AppData\Local\Hewlett-Packard
2012-05-06 21:59:56 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\Intel
2012-05-06 21:59:44 -------- d-----w- C:\Users\Andrea&Berni\Roaming
2012-05-06 21:59:36 15880 ----a-w- C:\Windows\System32\drivers\PuAcpi64.sys
2012-05-06 21:57:18 -------- d-----w- C:\Program Files\Common Files\Intel
2012-05-06 21:57:18 -------- d-----w- C:\Program Files (x86)\Cisco
2012-05-06 21:56:59 -------- d-----w- C:\ProgramData\Sony Corporation
2012-05-06 21:56:27 21504 ----a-w- C:\Windows\System32\drivers\PS2.sys
2012-05-06 21:55:01 67072 ----a-w- C:\Windows\System32\drivers\rimmpx64.sys
2012-05-06 21:55:01 57856 ----a-w- C:\Windows\System32\drivers\rixdpx64.sys
2012-05-06 21:55:01 54784 ----a-w- C:\Windows\System32\drivers\rimspx64.sys
2012-05-06 21:54:32 -------- d-----w- C:\DRIVERS
2012-05-05 15:31:14 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 17:30:23 -------- d-----w- C:\ProgramData\mquadr.at
2012-05-04 16:01:34 -------- d-----w- C:\Users\Andrea&Berni\AppData\Roaming\XLink Kai
2012-05-04 16:00:45 -------- d-----w- C:\Program Files (x86)\XLink Kai
2012-05-03 17:11:54 -------- d-----w- C:\games
2012-05-03 16:38:19 15920 ----a-w- C:\Windows\System32\drivers\NBVolUp.sys
2012-05-03 16:38:12 72240 ----a-w- C:\Windows\System32\drivers\NBVol.sys
2012-04-26 15:25:50 -------- d-----w- C:\Program Files (x86)\devolo
2012-04-25 07:09:09 -------- d-----w- C:\ProgramData\Lexmark S300-S400 Series
2012-04-22 10:46:56 -------- d-----w- C:\Program Files (x86)\Microsoft
.
==================== Find3M ====================
.
2012-05-05 15:31:21 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 15:31:21 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-27 15:03:36 4015592 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2012-03-21 13:55:16 2886656 ----a-w- C:\Windows\System32\RCoRes64.dat
2012-03-20 08:47:20 3608680 ----a-w- C:\Windows\System32\RtkAPO64.dll
2012-03-19 17:01:20 102504 ----a-w- C:\Windows\System32\RCoInstII64.dll
2012-03-16 14:25:58 2670696 ----a-w- C:\Windows\System32\RtPgEx64.dll
2012-03-13 09:21:10 1251432 ----a-w- C:\Windows\System32\RTCOM64.dll
2012-03-08 09:47:24 108640 ----a-w- C:\Windows\System32\AERTAR64.dll
2012-03-08 09:47:08 202336 ----a-w- C:\Windows\System32\AERTAC64.dll
2012-03-07 09:09:28 824424 ----a-w- C:\Windows\System32\RtkApi64.dll
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-21 17:45:40 2605400 ----a-w- C:\Windows\System32\WavesGUILib.dll
2012-02-21 12:26:00 2528832 ----a-w- C:\Windows\System32\FMAPO64.dll
.
============= FINISH: 20:06:22,95 ===============
Code:
ATTFilter OTL Extras logfile created on: 17.05.2012 20:10:57 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Andrea&Berni\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,88 Gb Available Physical Memory | 71,92% Memory free
8,00 Gb Paging File | 6,88 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,11 Gb Total Space | 19,79 Gb Free Space | 17,05% Space Free | Partition Type: NTFS
Drive D: | 115,70 Gb Total Space | 64,76 Gb Free Space | 55,97% Space Free | Partition Type: NTFS
Drive E: | 117,19 Gb Total Space | 41,04 Gb Free Space | 35,02% Space Free | Partition Type: NTFS
Drive F: | 116,67 Gb Total Space | 105,54 Gb Free Space | 90,46% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: Andrea&Berni | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OnlineFotoservice] -- "C:\Program Files (x86)\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [BIPA FotoShop] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OnlineFotoservice] -- "C:\Program Files (x86)\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{155011CC-2887-47D7-B82A-E82725C29D4D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1930EBDA-91BB-4BDB-A1A4-4ED23E6315D8}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1D587989-CE9B-4EAB-80C4-CB0DEEA0BDCF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1EF55C76-A79E-4134-9F55-8A21C743CBA6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{293A1673-E91B-48D6-A7B3-01500F30BA29}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2BC47FB4-989B-4A1B-9954-D2E92E7CC281}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2CCDD46D-9DBC-4A0D-B5FF-6809A906EDDA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3243873A-B9CC-46AD-B20C-EDBBFABA28EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{336655F9-A805-4985-9E91-BDBDAC1F01D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{338E6891-78A2-47C5-9DCB-FEE0A2E1E07D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3B986E31-1FB2-47C6-925B-B840D0E0F49D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3FEAA475-15A0-4EEF-A38D-1D37E117300C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{46BBE506-A44D-415D-BBB0-80CF5B7DE9DD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{48A53B49-340C-4C3B-8F59-BAD7CFDF2B20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4CC8C2C7-C987-421C-B794-3490B69EC94F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E01786F-2FAE-4199-AB9C-49C98B568260}" = rport=139 | protocol=6 | dir=out | app=system |
"{50156754-759B-4381-9E19-BF44E20620D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{566933D0-B880-4BB5-8FFD-6482856A6D40}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{62C77B54-A342-49D4-AB7F-1CAB6CDE8F14}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{646DEDA9-759D-4438-A2D6-42C6286B6C1C}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
"{71CF9747-C9C7-4FB5-9FE5-092E8D1D5D86}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73EB1C44-C3B7-4E99-98B3-B299CFDC63E6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{752D1340-A949-420C-8B5D-1A009CDE8FF2}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B1EB835-6A3D-477A-ACC8-42843B78FC0C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{92C0CCDB-AB30-4344-8291-900C51159C8A}" = rport=445 | protocol=6 | dir=out | app=system |
"{945113BE-E881-466F-A7EC-9095E76D835E}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
"{A7294437-CEEB-4599-9D2A-DA1720CBA8B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4CE6BC4-D51E-46A1-B8A8-5C1B7CB58040}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B99954CD-420C-4FA2-ACE4-360A1527213A}" = rport=2869 | protocol=6 | dir=out | app=system |
"{BDD8B3B2-7FD7-4C5D-A272-C506F850A474}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C054589A-00B5-4969-954A-392C1AE40C1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C53481CB-F694-4070-AC94-1330A275F1F9}" = lport=139 | protocol=6 | dir=in | app=system |
"{D3F7FDCA-98D8-4913-96D0-9E85109F87AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4C50ED1-ADB6-4F2B-BD0A-CE1EC20F9ADF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4E7E02C-86FD-4DB3-ACC7-6084C07D13C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D53FAE67-4B25-4C18-8027-F9C1079684C6}" = lport=138 | protocol=17 | dir=in | app=system |
"{D5FB7222-997E-4EB9-B14C-3FF522C6C0BD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E59DFB2A-1A26-4C4C-B39E-06F18DE0BBD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EB29C5F6-7B06-4F04-A9D5-59C9DC636B3D}" = rport=137 | protocol=17 | dir=out | app=system |
"{ECEB22AF-0151-45CD-96A8-D90355E7AF4A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED279D7F-D699-4DB0-AFC3-C9D75C30DCD7}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CC6CDF-2FA8-4004-B20B-1C697F459D62}" = protocol=17 | dir=in | app=c:\program files (x86)\xlink kai\kaiengine.exe |
"{028A9EA2-899A-4534-8353-1C2C84A6B6EB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{028C396B-0274-4542-834A-2D6A9F567727}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02DE59B1-4CAD-47AE-8729-B1112668F1B5}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{039A663F-7E35-4655-8A3B-E21A0F050558}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0454CFA3-5AE2-4061-BEF3-AECFA9A24A72}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{059DF861-DAF8-4397-97F9-45633B71152F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0631A06E-0C2C-4BB3-8E00-B432821C3657}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0E3461C6-B8DF-4DF4-AEF7-FD4304C6FEC0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{1876B6E1-BF21-4811-92EE-26AE8DAE45B3}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{195764E3-6010-4F60-9779-25FDBD5D56E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1AB6A2FB-05B5-4E94-97B2-015177007BD7}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{1FECC8AE-EEB8-4618-9519-228738E7A0A3}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{2115B39A-B3F8-4E49-A23C-92544BDFF9E6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"{2632BCD6-2365-4D72-9BC8-ECADC39C290C}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{264DD277-0875-4456-9A67-91587D2344E8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{35367EB0-47BE-41FC-8DE8-CD0169A0F71C}" = protocol=6 | dir=in | app=f:\anno 2070 demo exe\initengine.exe |
"{358AC1DC-B220-45EB-B0B5-8578611707A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{412C9D39-FCA5-41D7-8BCF-6C68DC655CEE}" = protocol=17 | dir=in | app=f:\anno 2070 demo exe\anno5.exe |
"{46F43629-3CFE-4EA9-9996-8AC5D0FDE058}" = protocol=6 | dir=in | app=f:\anno 2070 demo exe\anno5.exe |
"{4AEB1B55-E024-4A2A-BCE3-F6C82A9A659B}" = protocol=17 | dir=in | app=f:\anno 2070 demo exe\initengine.exe |
"{501EA6F7-842F-4705-9E5E-57F611F6382D}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{51ECBECB-2ACE-4889-AD0F-CF70DB85E398}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{529854F3-2AAF-4443-87E6-CFE0006F5583}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{549B7F1A-AC81-4CE4-83D9-83D89E726367}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A86FBDE-74B1-4820-B2C2-F34203440959}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{5F5DFB41-6141-4F49-A207-A498989BF842}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{607B68D3-4138-41A2-A4F0-5B5A52CC3CBC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61621A2D-54B0-46ED-B004-0D0204CAEC30}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6DF071B0-1763-4FF4-88B0-266BBA041FBB}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{741BF52B-6453-43A7-A913-73C890AB4917}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7B4AA296-4826-41ED-9F33-331D8343A3D9}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7C638378-1108-40FC-9BD6-779A0EB49DCD}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{87E013BE-694E-4B4D-9937-A67DE7FEE9BB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{88E0C3B3-5E77-4509-B0E8-EC9EE7089DA8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8A7414BA-4870-4B54-BF0D-A5CFF5055BCC}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{8B64EB42-D62A-4312-8CE4-56897878C290}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{91C73D1B-6F1C-4157-87D4-99FCD8807D4A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{95ECB32F-30D7-4247-A9FE-7082AC751D0B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{99476265-69B4-4545-9B6F-36CEC4DDF4BD}" = protocol=6 | dir=out | app=system |
"{9BF047CD-F146-44FC-9DC0-6FE82CB01343}" = protocol=17 | dir=in | app=c:\users\andrea&berni\desktop\a1modemkonfigurator.exe |
"{9E36EA5C-52F9-4C5F-A7D7-6BB6A6BA0071}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{9FD43A6E-A3D6-4BC1-A0F0-B7C152194B94}" = protocol=6 | dir=in | app=c:\users\andrea&berni\desktop\a1modemkonfigurator.exe |
"{A1443541-10CA-4A88-BA0E-A81AB4164826}" = protocol=6 | dir=in | app=c:\program files (x86)\xlink kai\kaiengine.exe |
"{A319FFCB-6A11-4FC4-A52D-C3AB2D77FC49}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{A461DD17-1ECC-4DAE-8C06-94648C959C1A}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{A53572E0-409C-4EC9-8793-B2A4BE8BE7B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A6796CDB-107D-4011-B150-4F30C3D46209}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A84ABC1B-353B-404F-9D36-D8E117B55345}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{AFD42B3F-9309-40FB-8A71-49003F8413CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0404E99-2F03-405D-98A0-9452CFABBD46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B33DDF92-E163-44A4-B98C-C15D691BC782}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B689FE4F-A197-470B-A8C5-3BE71F0BE0BD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B6F9323A-1353-4648-984F-28E1DC75C9CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B9A33761-AD86-45D7-A1B6-3AD4B77A22E7}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{BBC829B1-7F2A-426E-B9F5-C8E477041664}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{CECCE5E2-159E-47DD-AA29-FB666269D48A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D7DBD1CD-3BC5-4F70-9751-3A9215DBCBA4}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{DB5A2273-C3D5-4CD9-86BA-A066C2D9EDAF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DD5208F1-9F9A-4006-99AC-EAE6A2B624A1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"{F4D189DE-0740-458C-851F-249851AF1C8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FB25DB24-F0D4-45A2-9A89-0CA9515184B1}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"TCP Query User{1C43E418-A58F-4F8B-8C90-C36C8E2F7746}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{655D9CD5-5163-4BA6-A70C-DBA05B2E7518}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{72BC0BA7-0691-4009-AF46-FDA624F90BD0}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{AB12B776-500C-4D35-AE02-973C1D08767E}E:\anno 2070\files\targetdir\autopatcher.exe" = protocol=6 | dir=in | app=e:\anno 2070\files\targetdir\autopatcher.exe |
"TCP Query User{BA3DBDC0-92EB-48A1-B581-E5E8ECA1C488}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{C5B25185-B515-468A-BE52-6BD705D90DD3}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{D6FAC446-C82D-483C-B20C-C215D7282E59}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{F69FEE2D-FB5A-4641-9E36-48170508C80D}C:\program files (x86)\xlink kai\kaiengine.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xlink kai\kaiengine.exe |
"UDP Query User{345239C9-3903-4AD9-894C-E8358F81CEB0}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{34831F3A-B001-49D0-9A83-B378D89F0547}C:\program files (x86)\xlink kai\kaiengine.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xlink kai\kaiengine.exe |
"UDP Query User{3F1C4C57-CCA4-47D1-B63D-7ACCACDF70D0}E:\anno 2070\files\targetdir\autopatcher.exe" = protocol=17 | dir=in | app=e:\anno 2070\files\targetdir\autopatcher.exe |
"UDP Query User{89F71698-6CDA-40E5-865D-1AC7D7ABC87A}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{A5DE0216-3D39-43E6-82A5-709C525C56BD}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{A7A5A27B-AA34-48DC-A1C8-CA686F49963E}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{C67D5DEA-3F73-4646-959E-CE7654CF06C2}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{FF7A6B2D-EBC9-4939-9B37-8A5A1D5BA7CF}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{399C855A-6384-4C5D-A2C4-8C55B2C36E33}" = AuthenTec TrueSuite
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{E7DC06A3-8516-4929-B712-80987AFFFB57}" = Intel(R) PROSet/Wireless WiFi-Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443" = Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"ProInst" = Intel PROSet Wireless
"sp6" = Logitech SetPoint 6.32
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20F5F93B-9A27-4508-87B0-BFD7494FBEC4}" = AuthenTec WinBio FingerPrint Software
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.04
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3D035310-3D86-4537-93B5-D390A6CF1778}" = ANNO 2070 DEMO
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3ec366ce-424e-481e-a960-162c8fdce12f}" = Nero 9
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42347B75-9660-2DA4-63FD-D35E344E1031}" = Nero 7 Ultra Edition
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = welcome
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57BC1FEB-421D-469C-B07B-C8095596A224}" = XLink Kai
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.64.02
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5CB79EE7-301F-4AE7-A76D-D27BF8942E0A}" = Nero 11
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D85149E-D7A0-4920-BEBF-B6CEDFED8D1E}" = MAGIX USB-Videowandler 2
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C4E03BC-974B-45ED-A0FB-E369E83C45DA}" = MAGIX Video easy Retten Sie Ihre Videokassetten! Edition
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D5B46D30-F054-4C64-9C0F-97C8451E7D04}" = BtwMfcMM
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.192
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"1917 - Der Aufstand_is1" = 1917 - Der Aufstand 1.04
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"BabylonToolbar" = Babylon toolbar
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"BIPA FotoShop" = BIPA FotoShop
"BitTorrent" = BitTorrent
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"dlancockpit" = devolo dLAN Cockpit
"DriverFinder" = DriverFinder
"ETKA" = ETKA
"facemoods" = Facemoods Toolbar
"FAT32 Format" = FAT32 Format
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Dub_is1" = Free Audio Dub version 1.7
"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IsoBuster_is1" = IsoBuster 1.9
"MAGIX_MSI_Video_easy_3_RYVT" = MAGIX Video easy Retten Sie Ihre Videokassetten! Edition
"MainApp.exe_is1" = CloneDVD 4.1.0.23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MyTomTom" = MyTomTom 3.1.0.530
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OnlineFotoservice" = OnlineFotoservice
"PhotoMail" = PhotoMail Maker
"ProInst" = Intel PROSet Wireless
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"FoxTab Video Converter" = FoxTab Video Converter
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.05.2012 14:34:33 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1311
Error - 15.05.2012 05:39:55 | Computer Name = Laptop | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1784 Startzeit: 01cd327e1d66e09e Endzeit: 220 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID:
Error - 17.05.2012 06:33:28 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ctfmon.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc292 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc00000fd Fehleroffset: 0x0002eb57 ID des fehlerhaften
Prozesses: 0x2e2c Startzeit der fehlerhaften Anwendung: 0x01cd34137122c327 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: bce7a078-a00b-11e1-815e-002243c51624
Error - 17.05.2012 06:44:49 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.2.9.5006,
Zeitstempel: 0x4df9a500 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc015000f Fehleroffset: 0x00084621 ID des fehlerhaften
Prozesses: 0xebc Startzeit der fehlerhaften Anwendung: 0x01cd3419bcdf3a74 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 52b96c03-a00d-11e1-af2a-002243c51624
Error - 17.05.2012 08:48:43 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ctfmon.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc292 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc00000fd Fehleroffset: 0x0002deef ID des fehlerhaften
Prozesses: 0xcf0 Startzeit der fehlerhaften Anwendung: 0x01cd342a9b50a58a Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: a2226eab-a01e-11e1-aa86-002243c51624
Error - 17.05.2012 09:35:47 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.05.2012 09:35:47 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10281
Error - 17.05.2012 09:35:47 | Computer Name = Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10281
Error - 17.05.2012 12:03:22 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ctfmon.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc292 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc00000fd Fehleroffset: 0x0002deeb ID des fehlerhaften
Prozesses: 0xe68 Startzeit der fehlerhaften Anwendung: 0x01cd34465b7cc6e3 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: d32add04-a039-11e1-a1b6-002243c51624
Error - 17.05.2012 13:48:09 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ctfmon.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc292 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc00000fd Fehleroffset: 0x0002dee0 ID des fehlerhaften
Prozesses: 0x5a0 Startzeit der fehlerhaften Anwendung: 0x01cd3454f8de16c4 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 76a51756-a048-11e1-801d-002243c51624
[ Media Center Events ]
Error - 24.08.2011 05:41:35 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 11:41:35 - Fehler beim Herstellen der Internetverbindung. 11:41:35
- Serververbindung konnte nicht hergestellt werden..
Error - 24.08.2011 05:41:41 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 11:41:40 - Fehler beim Herstellen der Internetverbindung. 11:41:40
- Serververbindung konnte nicht hergestellt werden..
Error - 26.08.2011 22:57:50 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 04:57:50 - Fehler beim Herstellen der Internetverbindung. 04:57:50
- Serververbindung konnte nicht hergestellt werden..
Error - 26.08.2011 22:58:23 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 04:57:55 - Fehler beim Herstellen der Internetverbindung. 04:57:55
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2011 00:44:10 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 06:44:07 - Fehler beim Herstellen der Internetverbindung. 06:44:08
- Serververbindung konnte nicht hergestellt werden..
Error - 19.10.2011 21:57:09 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 03:57:08 - Fehler beim Herstellen der Internetverbindung. 03:57:08
- Serververbindung konnte nicht hergestellt werden..
Error - 19.10.2011 22:57:14 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 04:57:13 - Fehler beim Herstellen der Internetverbindung. 04:57:13
- Serververbindung konnte nicht hergestellt werden..
Error - 19.10.2011 23:57:18 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 05:57:18 - Fehler beim Herstellen der Internetverbindung. 05:57:18
- Serververbindung konnte nicht hergestellt werden..
Error - 20.10.2011 00:57:23 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 06:57:23 - Fehler beim Herstellen der Internetverbindung. 06:57:23
- Serververbindung konnte nicht hergestellt werden..
Error - 24.10.2011 21:48:48 | Computer Name = Laptop | Source = MCUpdate | ID = 0
Description = 03:48:47 - Fehler beim Herstellen der Internetverbindung. 03:48:47
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 06.11.2011 12:00:18 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 06.11.2011 12:00:19 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 06.11.2011 12:00:20 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 07.11.2011 15:42:25 | Computer Name = Laptop | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 09.11.2011 12:23:43 | Computer Name = Laptop | Source = Tcpip | ID = 4199
Description = Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.1 mit
dem Computer mit der Netzwerkhardwareadresse 00-30-05-2D-86-92 ermittelt. Netzwerkvorgänge
könnten daher auf diesem System unterbrochen werden.
Error - 09.11.2011 15:06:51 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 09.11.2011 15:06:51 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 09.11.2011 15:06:52 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 09.11.2011 15:06:52 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 12.11.2011 11:36:25 | Computer Name = Laptop | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
< End of report >
|
| Themen zu Aus sicherheitsgründen wurde ihr windowssystem blockiert |
| acrobat update, adobe, antivir, avg, avgnt, avira, babylon toolbar, babylontoolbar, blockiert, converter, defender, desktop, device driver, excel, explorer, flash player, generic, google earth, helper, install.exe, ip-adresse, mp3, ntdll.dll, nvidia, nvidia update, object, pdf, plug-in, realtek, scan, schattenkopien, svchost.exe, system, usb, vista, visual studio, wenig ahnung, windows, windows 7 64-bit |
Baum-Darstellung