Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.09.2012, 17:17   #1
mocomy
 
Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" - Standard

Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"



Hallo!

Ich hab mir, bzw. mein Laptop hat sich heute beim surfen etwas eingefangen. Ich bin neu hier, kenne mich zwar etwas besser als andere mit dem PC aus aber heute bin auch ich überfragt.


Habe Windows 7 (64-bit)

Folgendes:

Hab im Netz gesurft, Plötzlich wurde der Bildschirm Weiss und es steht folgende meldung in einem Vollfenster:
Keinen Zugriff auf Desktop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
Wenn ich die Internetverbindung trenne ist der Bildschirm komplett Weiss.
Wenn ich den Laptop neu starte kommt kurz der Desktop wo alles zu sehen ist (Hintergrund, Ordner, Programme etc.), ESET NOD 32 Startet noch (das Fenster kommt zumindest) und dann wird wieder alles Weiss bzw. es kommt die Meldung.

Würde mich freuen wenn mir jemand dabei helfen könnte:

mfg Daniel

Hab den PC mit dem Abgesicherten Modus zum laufen gebracht und beim Eset Nod Online Scanner folgendes gefunden; Malwarebytes hab ich auch Durchlaufen lassen.

Eset:
Code:
ATTFilter
 ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fe22398b04d62c44965189c080bb8d8b
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-06 03:55:00
# local_time=2012-09-06 05:55:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 632 98576699 0 0
# compatibility_mode=8204 39157246 100 74 5450 55031229 0 0
# scanned=7162
# found=0
# cleaned=0
# scan_time=51
# nod_component=V3 Build:0x30000000
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fe22398b04d62c44965189c080bb8d8b
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-06 05:31:05
# local_time=2012-09-06 07:31:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 765 98576832 0 0
# compatibility_mode=8204 39157246 100 74 5583 55031362 0 0
# scanned=324811
# found=2
# cleaned=0
# scan_time=5682
# nod_component=V3 Build:0x30000000
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YKW9X14L\firstload_com[1].htm	HTML/ScrInject.B.Gen Virus (Säubern nicht möglich)	00000000000000000000000000000000	I
C:\Users\Daniel\AppData\Local\Temp\is1988980107\MyBabylonTB.exe	Win32/Toolbar.Babylon Anwendung (Säubern nicht möglich)	00000000000000000000000000000000	I
         
Malewarebytes:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.09.06.08

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Daniel :: NOTEBOOK_DANIEL [Administrator]

06.09.2012 17:56:40
mbam-log-2012-09-06 (19-43-02).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 510498
Laufzeit: 1 Stunde(n), 34 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Daniel\AppData\Roaming\msconfig.dat (Trojan.Zbot) -> Keine Aktion durchgeführt.

(Ende)
         
Hier noch die Logs die mir OTL.exe ausgespuckt hat:

OTL.exe
Code:
ATTFilter
OTL logfile created on: 06.09.2012 19:45:08 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Daniel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,91 Gb Available Physical Memory | 72,76% Memory free
7,99 Gb Paging File | 7,14 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 118,24 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK_DANIEL | User Name: Daniel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.06 18:17:57 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Downloads\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.06.04 17:48:20 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2012.08.28 10:41:46 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.11.22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.09.18 21:05:47 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.05.29 19:29:21 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.01.16 19:35:02 | 000,081,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.27 20:48:15 | 000,530,488 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.01.12 21:05:18 | 000,126,864 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.09 15:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 10:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 10:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.07.12 13:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2010.06.22 00:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.06.16 17:01:30 | 000,070,984 | ---- | M] (Ross-Tech LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RT-USB64.SYS -- (RT-USB)
DRV:64bit: - [2010.03.13 15:36:40 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.02.02 01:17:15 | 000,019,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.02.02 01:17:13 | 000,131,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.02.02 01:17:13 | 000,097,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.02 01:17:13 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.01.01 19:20:28 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.19 20:22:10 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.09.15 20:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.08.23 06:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008.01.16 11:28:22 | 000,369,024 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2007.10.03 08:42:00 | 000,078,952 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\sxuptp.sys -- (sxuptp)
DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:64bit: - [2006.08.29 16:56:20 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\prodigy.sys -- (PRODIGY)
DRV - [2009.12.19 20:22:10 | 000,121,280 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.03.05 10:25:30 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes,DefaultScope = {C0F4741A-82C4-4B2F-A049-95939EC7409B}
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\SearchScopes\{C0F4741A-82C4-4B2F-A049-95939EC7409B}: "URL" = hxxp://www.google.at/#hl=de&source=hp&biw=1916&bih=905&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=215267f46cc805a5
IE - HKU\S-1-5-21-809998392-269230808-2092797419-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.11.21 10:35:11 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found
O3 - HKU\S-1-5-21-809998392-269230808-2092797419-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: []  File not found
O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-809998392-269230808-2092797419-1001..\Run: [Nokia Link] C:\Users\Daniel\AppData\Local\Nokia\Nokia Link\NokiaLink.exe (Nokia Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk = C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll File not found
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-472853540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.3.96.67 195.3.96.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15B180ED-A444-4A9D-946A-3FD809AD660D}: DhcpNameServer = 212.33.55.5 212.33.32.160
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9748FC95-9B52-4147-B727-7161317C9BE2}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFED75EE-AA28-4B52-9BF3-F1416FD01408}: DhcpNameServer = 195.3.96.67 195.3.96.68
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06d0d8cb-fd43-11e0-8951-00a0d1abcd7f}\Shell - "" = AutoRun
O33 - MountPoints2\{06d0d8cb-fd43-11e0-8951-00a0d1abcd7f}\Shell\AutoRun\command - "" = L:\NokiaPCIA_Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.06 17:55:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes
[2012.09.06 17:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.06 17:55:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.06 17:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.06 17:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.06 17:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.09.04 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{E79EF347-C6FD-4AD3-98DC-1520DDCFD35F}
[2012.09.03 17:01:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A20CDDC5-F7B0-42B0-A117-B67070803A4F}
[2012.09.02 11:00:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{97F8405F-2E43-484C-8C40-0F2B13EF364A}
[2012.08.31 11:38:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BA64D99B-A99D-4D95-90B2-D25B5256E742}
[2012.08.30 20:50:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{66758100-FA13-4B7E-BDFE-5EB645D9C92B}
[2012.08.30 00:35:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{41D844A5-A13E-4054-A8E4-D3B58755F694}
[2012.08.30 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{470DF818-D52A-4DFB-A8F2-A1B156290982}
[2012.08.29 11:29:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{23605B08-D2BF-408C-B2B4-C09A16C9DDDA}
[2012.08.28 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BFA2D0E5-6AF8-4271-898C-E8889D568ADA}
[2012.08.27 20:49:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5D97737D-ED0E-4068-BAEE-AF5C6621E104}
[2012.08.27 10:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shape Collage
[2012.08.27 10:49:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shape Collage
[2012.08.27 06:58:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{59DB5D6E-B196-4169-9AD6-DA905A53F23C}
[2012.08.26 08:44:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{45A4635B-1AE7-4F6A-85B5-65409667C0EF}
[2012.08.25 21:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.25 16:10:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A366B87A-44FC-49DE-B605-1841147A33C3}
[2012.08.23 16:33:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{368A540B-FCD4-4280-A8D2-B1C6FECFD235}
[2012.08.22 16:54:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{29C7D805-551A-48F7-8297-5EE912C2FB47}
[2012.08.21 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{06A1D81A-98E8-401B-A219-A522B8A0F619}
[2012.08.20 15:50:13 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{67431476-EDC5-4FB8-9A00-06375EC4A487}
[2012.08.19 10:04:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{6847E6FB-BD5D-4DF7-81B8-77D9F40A5093}
[2012.08.16 17:48:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{0859B0B8-D2D9-4F1E-846A-0AFFA6264149}
[2012.08.16 17:48:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{17229D6C-3F88-4866-B50D-4F674FA46476}
[2012.08.15 16:21:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{95012DA5-1E5B-4796-9EAA-56C40D7DFA6A}
[2012.08.15 16:21:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3D33198F-A273-420D-A1E7-641EDFEEB62F}
[2012.08.15 15:33:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{D7E3A3DC-C5C1-42E1-9D55-2C2A04E329CE}
[2012.08.14 23:25:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{A33D95ED-F7D3-41DE-A7EB-B8EE1C9821ED}
[2012.08.14 23:25:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{C75A10FC-CAEF-4EAB-B2AA-590B63A9B333}
[2012.08.14 18:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IDMComp
[2012.08.14 18:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraCompare
[2012.08.14 18:04:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\polo
[2012.08.13 16:41:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5C1F329F-46A1-48A9-9744-D81EB1E9EBD5}
[2012.08.13 16:41:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{57B5EADD-86F7-472D-8170-7E93C0119F40}
[2012.08.12 15:31:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{35181823-B786-4E73-9C93-E4C3AE0E527E}
[2012.08.12 15:31:23 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{BA69E19F-9B0F-4D3D-9D9C-68B1C17485A3}
[2012.08.11 10:44:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{881C9D5B-6E62-4A20-9FA7-A6B18F1BE6D6}
[2012.08.11 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{98F5F76B-B2B4-4FBC-8D61-34B7528AF30E}
[2012.08.10 15:18:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Davilex
[2012.08.10 15:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Davilex
[2012.08.10 15:18:31 | 000,200,192 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\httpct.ocx
[2012.08.10 15:18:31 | 000,066,560 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMORENU.DLL
[2012.08.10 15:18:31 | 000,048,128 | ---- | C] (NetManage Inc.) -- C:\Windows\SysWow64\NMSCKN.DLL
[2012.08.10 15:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Davilex
[2012.08.10 09:24:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{FFA9489F-A2F7-4591-A110-D534CE002DF1}
[2012.08.10 09:23:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{E1EF8E82-24C3-4330-AA42-80826D1BE77B}
[2012.08.09 09:41:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ABE24425-89CD-4AA4-808B-0345F7B989B1}
[2012.08.09 09:41:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{5CAA585B-EDC7-483F-A5E3-3AA52FB795DD}
[2012.08.08 09:29:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{60AB49CB-A6B4-4274-9DCC-76A54CC9E3B4}
[2012.08.08 09:29:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{72D5C51D-22DA-499D-A6BE-C8C2CA961FB3}
[2012.01.11 17:22:30 | 000,084,480 | ---- | C] (grasshopper) -- C:\Users\Daniel\AppData\Roaming\msconfig.dat
[2010.03.13 15:36:40 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Daniel\AppData\Roaming\pcouffin.sys
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.06 17:55:30 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.06 17:41:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.06 17:41:07 | 3218,837,504 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 10:56:24 | 000,016,304 | ---- | M] () -- C:\Users\Daniel\.recently-used.xbel
[2012.08.31 10:06:49 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.08.31 10:05:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.31 00:26:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.08.30 23:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.30 23:31:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.30 20:54:51 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 20:54:51 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 00:00:20 | 002,017,046 | ---- | M] () -- C:\Users\Daniel\Desktop\IMGP5639_edit_ohne_Kennzeichen.JPG
[2012.08.29 23:54:36 | 003,023,295 | ---- | M] () -- C:\Users\Daniel\Desktop\IMGP5640_edit_ohne_Kennzeichen.JPG
[2012.08.29 23:48:34 | 001,522,792 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.29 23:48:34 | 000,664,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.29 23:48:34 | 000,625,126 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.29 23:48:34 | 000,134,284 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.29 23:48:34 | 000,110,570 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.27 10:49:40 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2012.08.15 22:54:12 | 000,445,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 19:53:03 | 009,043,583 | ---- | M] () -- C:\Users\Daniel\Documents\steyr-manual.pdf
[2012.08.15 11:52:25 | 000,000,043 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.08.14 18:20:52 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\UltraCompare.lnk
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 17:55:30 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.31 10:56:24 | 000,016,304 | ---- | C] () -- C:\Users\Daniel\.recently-used.xbel
[2012.08.30 00:00:19 | 002,017,046 | ---- | C] () -- C:\Users\Daniel\Desktop\IMGP5639_edit_ohne_Kennzeichen.JPG
[2012.08.29 23:54:35 | 003,023,295 | ---- | C] () -- C:\Users\Daniel\Desktop\IMGP5640_edit_ohne_Kennzeichen.JPG
[2012.08.27 10:49:40 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Shape Collage.lnk
[2012.08.15 19:53:03 | 009,043,583 | ---- | C] () -- C:\Users\Daniel\Documents\steyr-manual.pdf
[2012.08.15 11:52:25 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.08.14 18:20:52 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\UltraCompare.lnk
[2012.08.10 15:18:31 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\NMOCOD.DLL
[2012.08.10 15:18:31 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
[2011.11.21 22:46:55 | 000,007,692 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\.freeciv-client-rc-2.3
[2011.09.27 21:49:25 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.07.29 20:14:50 | 000,003,078 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\PData.MMM
[2011.07.29 20:14:50 | 000,003,078 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\PData.MM1
[2011.07.01 21:18:07 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\{DB7972D0-3EBB-4EF0-8C7E-236199161199}
[2011.06.13 10:30:39 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\{0FE14754-F5DC-4889-ACF5-C361F5D1CD1D}
[2011.01.23 22:00:01 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.23 21:27:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.12.04 16:58:44 | 000,006,900 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\.freeciv-client-rc-2.2
[2010.09.12 22:27:34 | 000,007,598 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
[2010.03.13 15:36:40 | 000,099,384 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\inst.exe
[2010.03.13 15:36:40 | 000,007,859 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.cat
[2010.03.13 15:36:40 | 000,001,167 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\pcouffin.inf
[2010.02.27 00:02:49 | 000,060,928 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2011.11.21 22:45:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.freeciv
[2011.10.11 17:58:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Audacity
[2011.07.29 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\AUTOSICH
[2011.09.26 09:59:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\avidemux
[2012.08.20 16:06:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\BOM
[2012.08.03 23:54:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canneverbe Limited
[2010.08.03 18:43:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DeepBurner
[2012.09.06 17:05:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DesktopPlatform
[2011.02.01 17:00:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dropbox
[2012.07.11 21:22:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
[2012.07.11 21:17:36 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.20 23:39:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\EasyPCGate
[2010.07.23 23:28:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Edison
[2012.09.06 18:39:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gtk-2.0
[2010.07.23 23:28:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Hardcore
[2010.02.14 19:28:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ID3-TagIT 3
[2010.07.20 23:39:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ImagesWords
[2011.02.13 15:39:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ImgBurn
[2010.02.02 17:54:01 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\InfraRecorder
[2010.06.19 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2011.09.27 21:57:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MAGIX
[2012.04.23 11:22:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
[2012.09.06 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\NetSpeedMonitor
[2012.06.06 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia
[2010.05.19 00:37:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Ovi Suite
[2011.11.09 18:05:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Suite
[2010.08.14 01:59:07 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nvu
[2010.08.13 22:10:55 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org
[2012.03.04 11:36:40 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PC Suite
[2012.03.23 19:37:27 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\pdfforge
[2012.04.11 11:13:52 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\pokerth
[2011.08.18 13:14:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sinvise Systems
[2010.07.23 23:27:39 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Slicex
[2010.07.19 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Smart PDF Converter
[2010.07.23 23:14:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SynthMaker
[2011.01.24 01:53:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Tunngle
[2010.06.29 20:49:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Video DVD Maker FREE
[2010.03.14 11:04:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Vso
[2011.10.12 18:25:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Windows Live Writer
[2012.08.31 10:06:49 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.07.06 10:19:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Extra.txt
Code:
ATTFilter
OTL Extras logfile created on: 06.09.2012 19:45:08 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Daniel\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,91 Gb Available Physical Memory | 72,76% Memory free
7,99 Gb Paging File | 7,14 Gb Available in Paging File | 89,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 118,24 Gb Free Space | 39,67% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK_DANIEL | User Name: Daniel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AB42184-B108-4245-9E0E-0A3859B0AAAF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{28724ECF-342D-431E-BA89-8536A1FBC483}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{31FFE070-2309-45C6-A95C-C94C76E5138C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4055D1EF-490D-4366-A387-C3E49AC9F5E3}" = lport=137 | protocol=17 | dir=in | app=system | 
"{40B45B89-3836-4B7B-9BDF-E49177AD1DCD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{419CF2E5-139F-4957-878E-86A72F327AF4}" = lport=139 | protocol=6 | dir=in | app=system | 
"{56BDF46A-B92D-40FC-B341-A6614DFD6093}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{58F12F61-CC97-44FD-BC6F-E292FBB138D6}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{60BE20EC-08A3-4872-9369-EE1271D48C9C}" = lport=19540 | protocol=17 | dir=in | name=sxuptp | 
"{6D3C3FEE-67A8-41FA-AC59-816D6AEDBA2E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6FBFEA42-B431-4B91-901A-731E0815D498}" = rport=137 | protocol=17 | dir=out | app=system | 
"{857A2BF5-E960-41F1-8AB4-0EA7FD9D1FFF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{95C4EE10-D576-4312-A44C-842D167F4234}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A40C155C-D5EA-4587-8F0B-30F92859D3B6}" = lport=138 | protocol=17 | dir=in | app=system | 
"{A5141D9C-E22D-48DA-B506-BE4C723264CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A583BC12-FFB6-4CED-9DA1-D4AC7E9E512B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{AC9BDAB1-C32F-43D5-8EDF-9E16A90C61E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{ADBB226B-2535-4193-8274-76D4FC49BC43}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{BC96F933-5540-4694-A204-099E487E3708}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CF2BF9E6-B6E3-4BB4-9B12-F0A01135CDFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D393746A-99E0-483F-9075-4014900A9232}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D6F12935-AB31-47EC-BFFA-DA17328DCC70}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E06CBD28-6358-484C-A122-41F8CFAD9E52}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E20ECD99-4A02-49E2-BE16-CD16648F5EAC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{E8FE2BC3-7A85-40F9-84D1-92BB51E26BEA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{FC5C58B9-ABF3-4F0C-AC6E-525F3DC53C3E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D2BF8F-B4F5-4A47-8BF4-C9E0233BB74D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{032A080F-2A85-4E56-977D-BF27E2B632E5}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{12F6B6E1-48CC-43EB-8A1A-D3F512DDB5FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{1C75FEA7-798C-4DDC-A818-D5758C2E4CD6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{1CA7517C-4781-4B96-A44F-BFE83F685685}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{203C2C36-28C6-4E57-BAAE-39DD52A70FCC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{20C71B83-DB2C-490A-A1E7-D4919A242821}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{20D069B9-5EDE-43C8-BF41-F5DCA1ABC07F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe | 
"{21732663-2626-4074-BBC0-B15E762D2E2A}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{23C566D2-7405-493B-B55B-DD327A6040FB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_launcher.exe | 
"{2836A2FB-720A-4304-BA51-760A3EDC2350}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{288717A4-3C3B-4C29-B2FF-3F24811B71D5}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{28CF3BA2-1E40-43E3-821E-4E91309A08C9}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{2CDC5986-E2D4-45A1-9E25-26FEDF4AFB8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{35C85FB9-80F1-4E53-80E3-E3684F3BC7EC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3EB758CA-444B-4D66-8AFA-5682E37D58B3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{44A8E349-EB14-4BAC-B456-BD6D044BE02B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{46B760FB-9F50-4ADA-BE5E-DA3FE5C29491}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{49715EF4-A3A9-450A-94E1-B841C9C3DA6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4FE0E4DF-2EB1-4755-B652-8386D7FD395A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{51CDCF00-CC12-4CEA-B7F2-10E739C9E80E}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{544CC357-6A5B-479F-A0AE-E9288A38D8C0}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{587E44EC-CAE0-47F9-92AA-CEFE4A26538C}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{58939B61-BABE-4A33-9432-4B7046181F2D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{58A76E8F-8D2C-4D4B-97B3-923614C72868}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{592DBB16-F556-4CF9-B199-A22930F965F6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5B09CD87-8E87-4A90-A5B1-C4813E34C48F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{60665E19-956A-4D94-878D-C8887F86C6FA}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{615B136A-D14B-432A-9830-65FC9610C5BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{643F004E-B9DC-4893-B8B9-605B0814A292}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{64EEAAC4-4187-4752-8F65-449E4E9732A3}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{6AA30E70-E135-414E-AE1E-EBEEFE938459}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{709DC737-74E4-4B6C-99F0-01C3E8BAEA35}" = protocol=17 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"{74B5783D-ED30-461E-8990-E4AD87FA769F}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{757E12E4-4AFB-4A38-A007-F2AE1A250DB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{792362C6-D07F-4938-A518-358D6D406A3F}" = protocol=6 | dir=out | app=system | 
"{7D3B3C07-1DD7-4558-A403-7319D938DAA3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7ED3D9B1-D553-4C8A-9AD3-96E7E7469A23}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{81796BC7-B48A-4F8E-AA10-4B86ADB28F66}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{836949EB-77F3-43C4-BD0D-A199C58C2147}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{865A4CFD-3296-4B1E-9FED-FAABDCA64EEC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{888D05C1-2651-4C39-ACFD-B8A3AC5894B4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8CCCBDC6-07F4-4D19-9620-42D84742FC5D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{933D2837-D3DF-421F-9720-471E6AF90F72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{93BDE9C1-C324-415B-86E5-7FC01ACDF7C6}" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe | 
"{974F755E-4070-45CC-B6B6-4B44227F4965}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{98B07635-870A-47DC-8403-D792F6273CBE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{9C9BE693-73F7-49F6-8D11-178C46549E2F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe | 
"{9DB8F5C5-BB68-4FE3-B8B3-F5500738A3FA}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{9FAB5B25-7603-454D-B357-0307E2BFF005}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{A0BE70AA-B995-4ED7-9BB0-8ADD82A44C6A}" = protocol=6 | dir=in | app=c:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe | 
"{A8E11BB2-03ED-45CA-8840-4392C9F44182}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{A9B080DA-6C7C-432B-899C-C7C7F5691B5F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{AA4783B6-7D8A-4A11-AA96-1B290CE1B290}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe | 
"{B074833A-F771-459F-A14C-4AEA7869FFCB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"{B1E46E15-54F4-4A7F-A87F-FBEEBD15B940}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BD4E4186-A581-485F-AAF9-B87899134CB8}" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe | 
"{BFDBA822-34F1-4BB2-A62B-E84FEBEFDBE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C18C7DB6-03D3-4B9E-B474-01AE64E5EB11}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C3E9A65E-56AA-4BC6-9CBA-5192D77C2A31}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{C5088E45-CD0F-47A7-B07E-C97415593C89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C69769CE-FFBE-405B-A764-E6C31C9FF43C}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{CBF0912D-4685-43D2-BD1A-D2EAF33D135D}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"{CC6A8B95-C092-4444-B89E-E9C5EB0244C6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{D04A6400-1AEB-4A78-B698-1AB5815125DA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{D2516638-45B1-4048-B277-F4C9E60A035A}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{DC297C08-EF4C-4CC8-926A-766048B50C3F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{DFFDF45F-C5B6-4D5B-B6A3-006EDD306B53}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{E03E75CA-665B-4472-A414-A90FA783E090}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{E4312C58-89DD-4197-8A24-728E8CE4B4EF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx.exe | 
"{F05B28BC-F0F9-4C02-9A8F-4C7CFDD9F70C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F4C44930-B24F-4036-AD69-1CFE57AC13FD}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{FAB0C711-45EB-4AE1-9150-D5B2814C0EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe | 
"{FB0E1C56-3D93-4B51-B7E9-4B197D8CB53F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's h.a.w.x\hawx_dx10.exe | 
"{FC5AAEE0-E70F-4082-AAF4-CDCF4D832BF1}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"TCP Query User{0D86BA1C-7BBB-4BBB-BCE9-A34475388CFB}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{13135777-F745-46F2-A8E4-99ACFDA81C84}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{19217AF3-7673-4C4E-987A-B98740CE1A31}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{3A37C4C1-A0D6-45B5-AA52-C384DC2DD65E}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=6 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe | 
"TCP Query User{3B7A0E98-3718-402F-9965-A46BA47D2464}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{510DE359-22C1-437C-9A9D-AA1F2F4420EF}C:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe | 
"TCP Query User{58ECF1A9-4162-4C59-BAFB-2C471777949B}C:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe | 
"TCP Query User{902E9428-E3EA-44D6-AB2C-732A6C571449}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"TCP Query User{9B4D8419-0D9B-4ABE-A532-77367FB6C0AD}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"TCP Query User{AD13A503-73BC-4FF9-8500-DABB95C7A2E6}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{BFD69A71-FC4E-49AE-A02B-4BE6D9E3A6C0}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{C249274F-879B-4CB1-93E9-E50D9F2BA77C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{CC519232-2501-4706-B9AF-BEB35022DBAF}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
"TCP Query User{EEBC437D-13F8-4815-B5BD-313022F63EBF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"TCP Query User{EFC73328-36F1-4571-9B28-D465556D6D65}C:\program files (x86)\ubisoft\r.u.s.e\ruse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\r.u.s.e\ruse.exe | 
"TCP Query User{F09EF473-1500-47F9-A5BC-11CA06A12DA4}C:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe | 
"TCP Query User{F11F2691-DA24-49F5-8789-A1B76D4CF20F}C:\program files (x86)\infogrames\grand prix 4\gp4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\infogrames\grand prix 4\gp4.exe | 
"TCP Query User{F91F5309-9CC7-4C0E-82C1-9E4D1BB753D5}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{0A7AFAF2-D6D9-463A-8DDB-2F5C5360DA71}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{0AFBC1E3-36BB-425C-93C4-886A3B2E3DD4}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{0C931DEB-B50F-4750-AFDC-536C520878CA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{2B605564-242B-48C3-A2CD-77E267DFC433}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{393DD855-1FD2-4CFA-BA90-FD19FB884CC1}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{41776DA8-17E8-4597-86E9-9735B78323EB}C:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe | 
"UDP Query User{5F9F099F-45B1-4FF8-AFD7-FA0581F4F900}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{6743CD74-512F-49E0-8FC0-0C8679ABA08A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{7B03C031-E777-4E29-AF90-E157DA29051B}C:\program files\belkin\network usb hub control center\connect.exe" = protocol=17 | dir=in | app=c:\program files\belkin\network usb hub control center\connect.exe | 
"UDP Query User{7F9D7BCE-959E-4D68-B95F-03BD36812593}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"UDP Query User{8E6BD12D-3AFB-4EFC-9062-CDD9AAF2918C}C:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.2.3-gtk2\freeciv-server.exe | 
"UDP Query User{915562C5-DE3F-4E0D-AAFE-B01DC8E53F50}C:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.0-gtk2\freeciv-server.exe | 
"UDP Query User{966C2236-54ED-4E39-A48F-A4A0EABA30C2}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{9A77AE57-9760-4FAB-B17B-5A2CBED36946}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
"UDP Query User{AE1C3736-CF7E-4902-A892-9B2690C30C3E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{B30D122F-E9D1-408B-984F-1109C9DE58F7}C:\program files (x86)\infogrames\grand prix 4\gp4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\infogrames\grand prix 4\gp4.exe | 
"UDP Query User{BBD5B3CD-23FB-44E2-886F-210DCEA8A86A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{CE77279D-639F-4D57-AE2C-C2BD1419C67C}C:\program files (x86)\ubisoft\r.u.s.e\ruse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\r.u.s.e\ruse.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{07E674CF-C77E-4915-A110-A7556F4AB118}" = ESET NOD32 Antivirus
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{2C22EA92-CB30-4932-0052-000001000000}" = InfraRecorder 0.52 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61FFBE12-E3AD-442A-B261-A086041DB37A}" = Validity WinBio DDK
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8947EEAC-D5EE-4BA1-AF88-08E4E30CF7A9}" = WIN7TS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC38EE55-86A7-4688-BC8E-202D82FB8B7B}" = NetSpeedMonitor 2.4.2.0 x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC6B4110-394D-45B9-A677-BA495D84CA63}" = Shutdown Timer
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Belkin Network USB Hub Control Center" = Belkin Netzwerk USB-Hub Kontrollzentrum
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443" = Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"VLC media player" = VLC media player 2.0.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1" = Cities In Motion
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{558FD9A4-EA4C-48FA-95C4-B663A289ADB1}" = Authentec WBDI Driver Package
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1" = Mouse Recorder Pro 2.0.7.0
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EE1EB497-5F0B-4DEF-910B-165707AB09FA}" = UltraEdit 16.30
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFE4AB7D-4E94-441B-9A86-98E69E37567B}" = Nero Burning ROM 11
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVerMedia A309 (MiniCard, DVB-T)" = AVerMedia A309 (MiniCard, DVB-T) 1.0.64.40
"Biet-O-Matic v2.12.6" = Biet-O-Matic v2.12.6
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Setup.divx.com" = DivX-Setup
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ESET Online Scanner" = ESET Online Scanner v3
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"ID3-TagIT 3_is1" = ID3-TagIT 3
"ImgBurn" = ImgBurn
"InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{8947EEAC-D5EE-4BA1-AF88-08E4E30CF7A9}" = WIN7TS
"JDownloader" = JDownloader
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Nokia Suite" = Nokia Suite
"Nvu_is1" = Nvu 1.0
"OpenAL" = OpenAL
"PokerTH 0.9.4" = PokerTH
"PunkBusterSvc" = PunkBuster Services
"Rigs of Rods" = Rigs of Rods
"ShapeCollage" = Shape Collage
"Speccy" = Speccy
"SystemRequirementsLab" = System Requirements Lab
"Tunngle beta_is1" = Tunngle beta
"VCDS PCI" = VCDS PCI 11.11
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 2.0.0
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-809998392-269230808-2092797419-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Nokia Link" = Nokia Link
"Nokia Maps 3D browser plugin for Internet Explorer" = Nokia Maps 3D browser plugin for Internet Explorer (5.10.3.0)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 27.08.2012 01:05:20 | Computer Name = Notebook_Daniel | Source = Windows Backup | ID = 4103
Description = 
 
Error - 27.08.2012 15:41:40 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 9.0.8112.16448 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 998    Startzeit: 01cd8485dbe7c09d    Endzeit: 191    Anwendungspfad:
 C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE    Berichts-ID:   
 
Error - 28.08.2012 16:18:01 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16448 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 8e8    Startzeit: 01cd8555182813fb    Endzeit: 86    Anwendungspfad: 
C:\Program Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 28.08.2012 17:24:11 | Computer Name = Notebook_Daniel | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.270.7 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10c4    Startzeit:
 01cd85601b19a163    Endzeit: 96    Anwendungspfad: C:\Program Files\Java\jre6\bin\javaw.exe

Berichts-ID:
 a9b76813-f156-11e1-87b8-00a0d1abcd7f  
 
Error - 30.08.2012 03:05:52 | Computer Name = Notebook_Daniel | Source = Microsoft Fax | ID = 32092
Description = Fehler beim Empfangen eines Faxes durch den Faxdienst. Von: . Anrufer-ID:
 . An: Fax. Seiten: 0. Gerätename: Agere Systems HDA Modem.
 
Error - 02.09.2012 07:59:33 | Computer Name = Notebook_Daniel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 2.0.2.0, Zeitstempel:
 0x4fec5841  Name des fehlerhaften Moduls: libdvdnav_plugin.dll, Version: 0.0.0.0,
 Zeitstempel: 0x4fec5852  Ausnahmecode: 0x40000015  Fehleroffset: 0x0000000000032941
ID
 des fehlerhaften Prozesses: 0x79c  Startzeit der fehlerhaften Anwendung: 0x01cd8902669776ed
Pfad
 der fehlerhaften Anwendung: C:\Program Files\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll  Berichtskennung:
 a843afb3-f4f5-11e1-8ef8-00a0d1abcd7f
 
Error - 02.09.2012 13:00:01 | Computer Name = Notebook_Daniel | Source = Windows Backup | ID = 4103
Description = 
 
Error - 02.09.2012 14:01:42 | Computer Name = Notebook_Daniel | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: googleearth.exe, Version: 6.2.2.6613,
 Zeitstempel: 0x4f8941c7  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce6c3  ID des fehlerhaften
 Prozesses: 0x71c  Startzeit der fehlerhaften Anwendung: 0x01cd8934fc2b1d93  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 3fbdf7c9-f528-11e1-8ef8-00a0d1abcd7f
 
Error - 03.09.2012 13:20:00 | Computer Name = Notebook_Daniel | Source = ESENT | ID = 484
Description = wlmail (7072) C:\Users\Daniel\AppData\Local\Microsoft\Windows Live
 Mail\Calendars\: Versuch, Ordner "C:\Users\Daniel\AppData\Local\Microsoft\Windows
 Live Mail\Calendars\DBStore\Backup\old" zu entfernen, ist mit Systemfehler 145 
(0x00000091): "Das Verzeichnis ist nicht leer. " fehlgeschlagen. Fehler -1022 (0xfffffc02)
 beim Entfernen von Ordnern.
 
Error - 03.09.2012 13:20:00 | Computer Name = Notebook_Daniel | Source = ESENT | ID = 215
Description = wlmail (7072) C:\Users\Daniel\AppData\Local\Microsoft\Windows Live
 Mail\Calendars\: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten
 wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
 
[ Media Center Events ]
Error - 19.04.2011 15:23:44 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 21:23:33 - Fehler beim Herstellen der Internetverbindung.  21:23:33 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.04.2011 16:23:49 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 22:23:49 - Fehler beim Herstellen der Internetverbindung.  22:23:49 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.04.2011 16:23:57 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 22:23:54 - Fehler beim Herstellen der Internetverbindung.  22:23:54 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.04.2011 14:54:33 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:54:25 - Fehler beim Herstellen der Internetverbindung.  20:54:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.05.2011 14:28:29 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:28:28 - Fehler beim Herstellen der Internetverbindung.  20:28:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.05.2011 14:28:43 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:28:34 - Fehler beim Herstellen der Internetverbindung.  20:28:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 01.06.2011 14:33:33 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:33:33 - Fehler beim Herstellen der Internetverbindung.  20:33:33 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 01.06.2011 14:33:48 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 20:33:39 - Fehler beim Herstellen der Internetverbindung.  20:33:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.06.2011 09:25:45 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 15:25:45 - Fehler beim Herstellen der Internetverbindung.  15:25:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.06.2011 09:26:04 | Computer Name = Notebook_Daniel | Source = MCUpdate | ID = 0
Description = 15:25:51 - Fehler beim Herstellen der Internetverbindung.  15:25:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 06.09.2012 13:37:59 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:40:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:45:07 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 06.09.2012 13:47:13 | Computer Name = Notebook_Daniel | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
 
< End of report >
         

Alt 10.09.2012, 22:47   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" - Standard

Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"



Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Zitat:
Keine Aktion durchgeführt.
-> No action taken.
Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! Bitte nachholen falls noch nicht getan!

NICHTS voreilig aus der Quarantäne löschen!
__________________

__________________

Antwort

Themen zu Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"
7-zip, anzeige, anzeigen, besser, bildschirm, desktop, dieses programm kann die webseite nicht anzeigen, eset, eset nod32, feedback, google earth, heute, hintergrund, install.exe, interne, internetverbindung, jdownloader, komplett, langs, laptop, launch, meldung, neu, nicht möglich, ntdll.dll, ordner, plötzlich, programm, programme, recuva, startet, surfen, verbindung, webseite, windows, windows 7, zugriff



Ähnliche Themen: Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"


  1. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (16)
  2. "Dieses Programm kann die Webseite nicht anzeigen" auch bei mir...
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (7)
  3. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 11.10.2012 (1)
  4. "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (21)
  5. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Log-Analyse und Auswertung - 03.10.2012 (3)
  6. Trojaner -Desktop "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (11)
  7. "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (10)
  8. "Dieses Programm kann nicht die Webseite anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (3)
  9. "Dieses Programm kann die Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 20.08.2012 (9)
  10. "Dieses Programm kann nicht die Webseite anzeigen" Virus
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (9)
  11. Kein Zugriff auf Desctop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (12)
  12. Vollbildmitteilung "Dieses programm kann die Website nicht anzeigen" verhindert Zugriff auf Desktop
    Plagegeister aller Art und deren Bekämpfung - 28.07.2012 (1)
  13. Trojaner "Dieses Programm kann Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 13.05.2012 (15)
  14. Keinen Zugriff auf Desktop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 14.04.2012 (11)
  15. Kein Zugriff auf Desctop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (37)
  16. Keinen Zugriff auf Desctop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (26)
  17. Keinen Zugriff auf Desctop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (4)

Zum Thema Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" - Hallo! Ich hab mir, bzw. mein Laptop hat sich heute beim surfen etwas eingefangen. Ich bin neu hier, kenne mich zwar etwas besser als andere mit dem PC aus aber - Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"...
Archiv
Du betrachtest: Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.