Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download
Datenbank Version: v2012.07.18.04
Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 8.0.7600.16385
Kevin :: KEVIN-PC [Administrator]
Schutz: Deaktiviert
18.07.2012 16:17:13
mbam-log-2012-07-18 (16-58-34).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 338156
Laufzeit: 25 Minute(n), 36 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 1
HKCU\Software\DC3_FEXEC (Malware.Trace) -> Keine Aktion durchgeführt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Keine Aktion durchgeführt.
Infizierte Verzeichnisse: 1
C:\Users\Kevin\AppData\Local\Temp\keygen (RiskTool.P2P.H) -> Keine Aktion durchgeführt.
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Mehr spuckt er leider nicht aus.
Gruss
Otl:
OTL Logfile: Code:
otl logfile created on: 18.07.2012 17:58:52 - run 1
otl by oldtimer - version 3.2.54.0 folder = c:\users\kevin\desktop
64bit- ultimate edition (version = 6.1.7600) - type = ntworkstation
internet explorer (version = 8.0.7600.16385)
locale: 00000407 | country: Deutschland | language: Deu | date format: Dd.mm.yyyy
3,50 gb total physical memory | 2,08 gb available physical memory | 59,44% memory free
7,00 gb paging file | 5,23 gb available in paging file | 74,72% paging file free
paging file location(s): ?:\pagefile.sys [binary data]
%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files (x86)
drive c: | 292,87 gb total space | 89,78 gb free space | 30,66% space free | partition type: Ntfs
drive d: | 638,54 gb total space | 93,88 gb free space | 14,70% space free | partition type: Ntfs
computer name: Kevin-pc | user name: Kevin | logged in as administrator.
Boot mode: Normal | scan mode: Current user | include 64bit scans
company name whitelist: Off | skip microsoft files: Off | no company name whitelist: On | file age = 30 days
========== processes (safelist) ==========
prc - [2012.07.18 17:38:29 | 000,596,480 | ---- | m] (oldtimer tools) -- c:\users\kevin\desktop\otl.exe
prc - [2012.07.03 18:21:30 | 004,273,976 | ---- | m] (avast software) -- c:\programme\alwil software\avast5\avastui.exe
prc - [2012.07.03 18:21:29 | 000,044,808 | ---- | m] (avast software) -- c:\programme\alwil software\avast5\avastsvc.exe
prc - [2012.05.10 16:29:50 | 003,349,488 | ---- | m] (safer-networking ltd.) -- c:\program files (x86)\spybot - search & destroy 2\sdtray.exe
prc - [2012.05.10 16:29:02 | 000,838,136 | ---- | m] (safer-networking ltd.) -- c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe
prc - [2012.05.10 16:28:58 | 001,122,296 | ---- | m] (safer-networking ltd.) -- c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe
prc - [2012.04.04 07:53:50 | 000,063,928 | ---- | m] (adobe systems incorporated) -- c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
prc - [2012.03.22 10:55:02 | 000,166,528 | ---- | m] (safer-networking ltd.) -- c:\program files (x86)\spybot - search & destroy 2\sdwscsvc.exe
prc - [2012.02.09 15:11:00 | 000,101,696 | ---- | m] (tuneup software) -- c:\users\kevin\desktop\tuneupportable\app\tuneup\oneclickstarter.exe
prc - [2012.02.09 15:10:36 | 000,248,640 | ---- | m] (tuneup software) -- c:\users\kevin\desktop\tuneupportable\app\tuneup\tuneupsystemstatuscheck.exe
prc - [2012.01.05 15:11:28 | 001,242,448 | ---- | m] (valve corporation) -- c:\program files (x86)\steam\steam.exe
prc - [2011.01.22 17:27:41 | 000,075,136 | ---- | m] () -- c:\windows\syswow64\pnkbstra.exe
prc - [2006.12.19 10:30:26 | 000,081,920 | ---- | m] (prolific technology inc.) -- c:\windows\syswow64\ioctlsvc.exe
========== modules (no company name) ==========
mod - [2012.06.21 15:43:32 | 020,313,384 | ---- | m] () -- c:\program files (x86)\steam\bin\libcef.dll
mod - [2012.06.21 15:43:31 | 001,099,576 | ---- | m] () -- c:\program files (x86)\steam\bin\avcodec-53.dll
mod - [2012.06.21 15:43:31 | 000,895,312 | ---- | m] () -- c:\program files (x86)\steam\bin\chromehtml.dll
mod - [2012.06.21 15:43:31 | 000,190,776 | ---- | m] () -- c:\program files (x86)\steam\bin\avformat-53.dll
mod - [2012.06.21 15:43:31 | 000,123,192 | ---- | m] () -- c:\program files (x86)\steam\bin\avutil-51.dll
mod - [2012.05.10 16:28:12 | 000,046,592 | ---- | m] () -- c:\program files (x86)\spybot - search & destroy 2\snlthirdparty150.bpl
mod - [2012.05.10 16:28:10 | 000,517,632 | ---- | m] () -- c:\program files (x86)\spybot - search & destroy 2\jsdialogpack150.bpl
mod - [2012.05.10 16:28:10 | 000,410,112 | ---- | m] () -- c:\program files (x86)\spybot - search & destroy 2\dec150.bpl
mod - [2012.04.09 22:28:48 | 000,444,400 | ---- | m] () -- c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\ppgooglenaclpluginchrome.dll
mod - [2012.04.09 22:28:46 | 003,915,248 | ---- | m] () -- c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\pdf.dll
mod - [2012.04.09 22:27:21 | 000,122,880 | ---- | m] () -- c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\avutil-51.dll
mod - [2012.04.09 22:27:20 | 000,220,672 | ---- | m] () -- c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\avformat-53.dll
mod - [2012.04.09 22:27:19 | 001,747,456 | ---- | m] () -- c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\avcodec-53.dll
========== win32 services (safelist) ==========
srv:64bit: - [2010.11.05 05:17:24 | 000,203,264 | ---- | m] (amd) [auto | running] -- c:\windows\sysnative\atiesrxx.exe -- (amd external events utility)
srv:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\windows\sysnative\appmgmts.dll -- (appmgmt)
srv - [2012.07.11 23:03:00 | 000,250,056 | ---- | m] (adobe systems incorporated) [on_demand | stopped] -- c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe -- (adobeflashplayerupdatesvc)
srv - [2012.07.03 18:21:29 | 000,044,808 | ---- | m] (avast software) [auto | running] -- c:\programme\alwil software\avast5\avastsvc.exe -- (avast! Antivirus)
srv - [2012.07.03 13:46:44 | 000,655,944 | ---- | m] (malwarebytes corporation) [disabled | stopped] -- c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe -- (mbamservice)
srv - [2012.06.27 12:29:24 | 002,369,960 | ---- | m] (logmein inc.) [disabled | stopped] -- c:\program files (x86)\logmein hamachi\hamachi-2.exe -- (hamachi2svc)
srv - [2012.06.05 15:17:44 | 000,160,944 | r--- | m] (skype technologies) [disabled | stopped] -- c:\program files (x86)\skype\updater\updater.exe -- (skypeupdate)
srv - [2012.05.03 18:37:54 | 001,226,096 | ---- | m] (lavasoft limited) [disabled | stopped] -- c:\program files (x86)\ad-aware antivirus\adawareservice.exe -- (ad-aware service)
srv - [2012.04.04 07:53:50 | 000,063,928 | ---- | m] (adobe systems incorporated) [auto | running] -- c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe -- (adobearmservice)
srv - [2012.03.21 22:47:16 | 000,489,256 | ---- | m] (valve corporation) [on_demand | stopped] -- c:\program files (x86)\common files\steam\steamservice.exe -- (steam client service)
srv - [2012.02.09 15:13:24 | 002,143,552 | ---- | m] (tuneup software) [auto | running] -- c:\users\kevin\desktop\tuneupportable\app\tuneup\tuneuputilitiesservice64.exe -- (tuneup.utilitiessvc)
srv - [2011.12.19 13:20:06 | 003,289,032 | ---- | m] (gfi software) [disabled | stopped] -- c:\program files (x86)\ad-aware antivirus\sbamsvc.exe -- (sbamsvc)
srv - [2011.01.22 17:27:41 | 000,075,136 | ---- | m] () [auto | running] -- c:\windows\syswow64\pnkbstra.exe -- (pnkbstra)
srv - [2010.03.18 14:16:28 | 000,130,384 | ---- | m] (microsoft corporation) [auto | stopped] -- c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
srv - [2009.06.10 23:23:09 | 000,066,384 | ---- | m] (microsoft corporation) [disabled | stopped] -- c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
srv - [2007.05.31 17:11:54 | 000,443,784 | ---- | m] (microsoft corporation) [auto | running] -- c:\windows\windowsmobile\wcescomm.dll -- (wcescomm)
srv - [2007.05.31 17:11:46 | 000,225,672 | ---- | m] (microsoft corporation) [auto | running] -- c:\windows\windowsmobile\rapimgr.dll -- (rapimgr)
srv - [2006.12.19 10:30:26 | 000,081,920 | ---- | m] (prolific technology inc.) [auto | running] -- c:\windows\syswow64\ioctlsvc.exe -- (plflash deviceiocontrol service)
========== driver services (safelist) ==========
drv:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | m] (avast software) [file_system | system | running] -- c:\windows\sysnative\drivers\aswsnx.sys -- (aswsnx)
drv:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | m] (avast software) [kernel | system | running] -- c:\windows\sysnative\drivers\aswsp.sys -- (aswsp)
drv:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | m] (avast software) [file_system | auto | running] -- c:\windows\sysnative\drivers\aswmonflt.sys -- (aswmonflt)
drv:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | m] (avast software) [kernel | system | running] -- c:\windows\sysnative\drivers\aswtdi.sys -- (aswtdi)
drv:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | m] (avast software) [kernel | system | running] -- c:\windows\sysnative\drivers\aswrdr2.sys -- (aswrdr)
drv:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | m] (avast software) [file_system | auto | running] -- c:\windows\sysnative\drivers\aswfsblk.sys -- (aswfsblk)
drv:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | m] (malwarebytes corporation) [file_system | on_demand | stopped] -- c:\windows\sysnative\drivers\mbam.sys -- (mbamprotector)
drv:64bit: - [2012.05.21 04:09:00 | 000,203,320 | ---- | m] (devguru co., ltd.(www.devguru.co.kr)) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\ssudmdm.sys -- (ssudmdm) samsung mobile usb modem drivers (devguru ver.)
drv:64bit: - [2012.05.21 04:09:00 | 000,099,384 | ---- | m] (devguru co., ltd.(www.devguru.co.kr)) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\ssudbus.sys -- (dg_ssudbus) samsung mobile usb composite device driver (devguru ver.)
drv:64bit: - [2011.12.19 12:44:24 | 000,256,632 | ---- | m] (gfi software) [kernel | system | running] -- c:\windows\sysnative\drivers\sbfw.sys -- (sbfw)
drv:64bit: - [2011.12.19 12:44:24 | 000,084,600 | ---- | m] (gfi software) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\sbwtis.sys -- (sbwtis)
drv:64bit: - [2011.12.19 12:44:24 | 000,060,536 | ---- | m] (gfi software) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\sbhips.sys -- (sbhips)
drv:64bit: - [2011.11.29 06:59:46 | 000,074,872 | ---- | m] (gfi software) [file_system | auto | running] -- c:\windows\sysnative\drivers\sbapifs.sys -- (sbapifs)
drv:64bit: - [2011.10.26 14:23:36 | 000,057,976 | ---- | m] (gfi software) [kernel | system | running] -- c:\windows\sysnative\drivers\sbredrv.sys -- (sbre)
drv:64bit: - [2011.09.29 12:16:18 | 000,119,416 | ---- | m] (gfi software) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\sbfwim.sys -- (sbfwimclmp)
drv:64bit: - [2011.09.29 12:16:18 | 000,119,416 | ---- | m] (gfi software) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\sbfwim.sys -- (sbfwimcl)
drv:64bit: - [2010.11.17 21:07:46 | 000,834,544 | ---- | m] () [kernel | boot | running] -- c:\windows\sysnative\drivers\sptd.sys -- (sptd)
drv:64bit: - [2010.11.05 07:07:06 | 007,883,264 | ---- | m] (ati technologies inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\atikmdag.sys -- (atikmdag)
drv:64bit: - [2010.11.05 07:07:06 | 007,883,264 | ---- | m] (ati technologies inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmdag.sys -- (amdkmdag)
drv:64bit: - [2010.11.05 04:41:14 | 000,285,696 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmpag.sys -- (amdkmdap)
drv:64bit: - [2010.08.16 12:42:00 | 000,116,240 | ---- | m] (ati technologies, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atihdw76.sys -- (atihdaudioservice)
drv:64bit: - [2010.07.21 17:58:50 | 000,045,456 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\point64.sys -- (point64)
drv:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | m] (teruten inc) [file_system | on_demand | stopped] -- c:\windows\sysnative\drivers\tfsexdisk.sys -- (tfsexdisk)
drv:64bit: - [2010.01.12 07:37:34 | 000,325,152 | ---- | m] (realtek ) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\rt64win7.sys -- (rtl8167)
drv:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | m] (vs revo group) [file_system | on_demand | stopped] -- c:\windows\sysnative\drivers\revoflt.sys -- (revoflt)
drv:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | m] (advanced micro devices) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsata.sys -- (amdsata)
drv:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | m] (advanced micro devices) [kernel | boot | running] -- c:\windows\sysnative\drivers\amdxata.sys -- (amdxata)
drv:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | m] (amd technologies inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsbs.sys -- (amdsbs)
drv:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | m] (lsi corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\lsi_sas2.sys -- (lsi_sas2)
drv:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | m] (hewlett-packard company) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\hpsamd.sys -- (hpsamd)
drv:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | m] (microsoft corporation) [recognizer | boot | unknown] -- c:\windows\sysnative\drivers\fs_rec.sys -- (fs_rec)
drv:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | m] (promise technology) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\stexstor.sys -- (stexstor)
drv:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\usb8023x.sys -- (usb_rndisx)
drv:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\evbda.sys -- (ebdrv)
drv:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\bxvbda.sys -- (b06bdrv)
drv:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\b57nd60a.sys -- (b57nd60a)
drv:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | m] (hauppauge computer works, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\hcw85cir.sys -- (hcw85cir)
drv:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -h-- | m] (logmein, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\hamachi.sys -- (hamachi)
drv:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | m] () [kernel | on_demand | running] -- c:\windows\sysnative\drivers\asacpi.sys -- (mtsensor)
drv - [2012.02.09 14:16:38 | 000,011,856 | ---- | m] (tuneup software) [kernel | on_demand | running] -- c:\users\kevin\desktop\tuneupportable\app\tuneup\tuneuputilitiesdriver64.sys -- (tuneuputilitiesdrv)
drv - [2011.10.26 14:23:40 | 000,101,112 | ---- | m] (gfi software) [kernel | system | running] -- c:\windows\syswow64\drivers\sbredrv.sys -- (sbre)
drv - [2010.06.14 10:32:54 | 000,016,448 | ---- | m] (teruten inc) [file_system | on_demand | stopped] -- c:\windows\syswow64\drivers\tfsexdisk.sys -- (tfsexdisk)
drv - [2009.07.14 03:19:10 | 000,019,008 | ---- | m] (microsoft corporation) [file_system | on_demand | stopped] -- c:\windows\syswow64\drivers\wimmount.sys -- (wimmount)
drv - [2003.07.18 14:57:34 | 000,007,850 | ---- | m] (btc) [kernel | on_demand | stopped] -- c:\windows\syswow64\drivers\maestro1.sys -- (keymaestro)
========== standard registry (safelist) ==========
========== internet explorer ==========
ie:64bit: - hklm\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie:64bit: - hklm\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = hxxp://www.bing.com/search?q={searchterms}&form=ie8src
ie - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
ie - hklm\software\microsoft\internet explorer\main,start page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
ie - hklm\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie - hklm\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = hxxp://www.bing.com/search?q={searchterms}&form=ie8src
ie - hkcu\software\microsoft\internet explorer\main,start page = about:blank
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache acceptlangs = de
ie - hkcu\software\microsoft\internet explorer\main,start page redirect cache_timestamp = 09 70 86 ea 0c b3 cb 01 [binary data]
ie - hkcu\..\searchscopes,defaultscope = {ad22ebaf-0d18-4fc7-90cc-5ea0abbe9eb8}
ie - hkcu\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = hxxp://www.bing.com/search?q={searchterms}&src=ie-searchbox&form=ie8src
ie - hkcu\..\searchscopes\{ad22ebaf-0d18-4fc7-90cc-5ea0abbe9eb8}: "url" = hxxp://www.daemon-search.com/search/web?q={searchterms}
ie - hkcu\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0
========== firefox ==========
ff - prefs.js..browser.search.selectedengine: "google"
ff - prefs.js..browser.search.usedbfororder: True
ff - prefs.js..browser.startup.homepage: "about:blank"
ff - prefs.js..extensions.enableditems: Vshare@toolbar:1.0.0
ff:64bit: - hklm\software\mozillaplugins\@adobe.com/flashplayer: C:\windows\system32\macromed\flash\npswf64_11_3_300_265.dll file not found
ff - hklm\software\mozillaplugins\@adobe.com/flashplayer: C:\windows\syswow64\macromed\flash\npswf32_11_3_300_265.dll ()
ff - hklm\software\mozillaplugins\@comrade.gamespy.com/comrade: C:\program files (x86)\gamespy\comrade\npcomrade.dll (ign entertainment)
ff - hklm\software\mozillaplugins\@google.com/nppicasa3,version=3.0.0: C:\program files (x86)\google\picasa3\nppicasa3.dll (google, inc.)
ff - hklm\software\mozillaplugins\@java.com/javaplugin: C:\program files (x86)\java\jre6\bin\plugin2\npjp2.dll (sun microsystems, inc.)
ff - hklm\software\mozillaplugins\adobe reader: C:\program files (x86)\adobe\reader 10.0\reader\air\nppdf32.dll (adobe systems inc.)
ff - hkcu\software\mozillaplugins\@tools.google.com/google update;version=3: C:\users\kevin\appdata\local\google\update\1.3.21.115\npgoogleupdate3.dll (google inc.)
ff - hkcu\software\mozillaplugins\@tools.google.com/google update;version=9: C:\users\kevin\appdata\local\google\update\1.3.21.115\npgoogleupdate3.dll (google inc.)
ff - hkey_local_machine\software\mozilla\firefox\extensions\\wrc@avast.com: C:\program files\alwil software\avast5\webrep\ff [2012.07.17 18:20:34 | 000,000,000 | ---d | m]
ff - hkey_local_machine\software\mozilla\mozilla firefox 11.0\extensions\\components: C:\program files (x86)\mozilla firefox\components [2012.04.25 16:59:26 | 000,000,000 | ---d | m]
ff - hkey_local_machine\software\mozilla\mozilla firefox 11.0\extensions\\plugins: C:\program files (x86)\mozilla firefox\plugins [2012.05.08 18:48:18 | 000,000,000 | ---d | m]
[2011.02.26 18:36:51 | 000,000,000 | ---d | m] (no name found) -- c:\users\kevin\appdata\roaming\mozilla\extensions
[2012.07.04 20:31:26 | 000,000,000 | ---d | m] (no name found) -- c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\jwpd64iy.default\extensions
[2011.04.06 19:54:00 | 000,000,000 | ---d | m] ("free youtube download (free studio) menu") -- c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\jwpd64iy.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
[2012.07.18 15:57:40 | 000,000,000 | ---d | m] (no name found) -- c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\jwpd64iy.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}
[2012.03.10 19:19:47 | 000,000,000 | ---d | m] (geolocater) -- c:\users\kevin\appdata\roaming\mozilla\firefox\profiles\jwpd64iy.default\extensions\geolocater@3liz.com
[2012.03.26 14:29:56 | 000,000,000 | ---d | m] (no name found) -- c:\program files (x86)\mozilla firefox\extensions
[2012.04.25 16:59:25 | 000,097,208 | ---- | m] (mozilla foundation) -- c:\program files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.23 09:52:06 | 000,476,904 | ---- | m] (sun microsystems, inc.) -- c:\program files (x86)\mozilla firefox\plugins\npdeployjava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | m] (nullsoft, inc.) -- c:\program files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.04.25 16:59:24 | 000,001,392 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.25 16:59:24 | 000,002,252 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.25 16:59:24 | 000,001,153 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\ebay-de.xml
[2012.04.25 16:59:24 | 000,006,805 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.25 16:59:24 | 000,001,178 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.25 16:59:24 | 000,001,105 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== chrome ==========
chr - default_search_provider: Google (enabled)
chr - default_search_provider: Search_url = {google:baseurl}search?{google:rlz}{google:acceptedsuggestion}{google:originalqueryforsuggestion}{google:searchfieldtrialparameter}{google:instantfieldtrialgroupparameter}sourceid=chrome&ie={inputencoding}&q={searchterms}
chr - default_search_provider: Suggest_url = {google:basesuggesturl}search?{google:searchfieldtrialparameter}{google:instantfieldtrialgroupparameter}client=chrome&hl={language}&q={searchterms},
chr - homepage:
Chr - plugin: Remoting viewer (enabled) = internal-remoting-viewer
chr - plugin: Native client (enabled) = c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\ppgooglenaclpluginchrome.dll
chr - plugin: Chrome pdf viewer (enabled) = c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\pdf.dll
chr - plugin: Shockwave flash (enabled) = c:\users\kevin\appdata\local\google\chrome\application\18.0.1025.152\gcswf32.dll
chr - plugin: Shockwave flash (enabled) = c:\windows\syswow64\macromed\flash\npswf32_11_2_202_228.dll
chr - plugin: Java deployment toolkit 6.0.310.5 (enabled) = c:\program files (x86)\mozilla firefox\plugins\npdeployjava1.dll
chr - plugin: Java(tm) platform se 6 u31 (enabled) = c:\program files (x86)\java\jre6\bin\plugin2\npjp2.dll
chr - plugin: Winamp application detector (enabled) = c:\program files (x86)\mozilla firefox\plugins\npwachk.dll
chr - plugin: Comrade plugin (enabled) = c:\program files (x86)\gamespy\comrade\npcomrade.dll
chr - plugin: Google update (enabled) = c:\users\kevin\appdata\local\google\update\1.3.21.111\npgoogleupdate3.dll
chr - extension: Youtube = c:\users\kevin\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
chr - extension: Google-suche = c:\users\kevin\appdata\local\google\chrome\user data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
chr - extension: Adblock = c:\users\kevin\appdata\local\google\chrome\user data\default\extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
chr - extension: Avast! Webrep = c:\users\kevin\appdata\local\google\chrome\user data\default\extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
chr - extension: Google mail = c:\users\kevin\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
o1 hosts file: ([2012.07.18 16:02:26 | 000,441,872 | r--- | m]) - c:\windows\sysnative\drivers\etc\hosts
o1 - hosts: 127.0.0.1 secure.tune-up.com
o1 - hosts: 127.0.0.1 www.007guard.com
o1 - hosts: 127.0.0.1 007guard.com
o1 - hosts: 127.0.0.1 008i.com
o1 - hosts: 127.0.0.1 008k.com
o1 - hosts: 127.0.0.1 008k.com
o1 - hosts: 127.0.0.1 00hq.com
o1 - hosts: 127.0.0.1 00hq.com
o1 - hosts: 127.0.0.1 010402.com
o1 - hosts: 127.0.0.1 www.032439.com
o1 - hosts: 127.0.0.1 032439.com
o1 - hosts: 127.0.0.1 全讯网,åšå½©ä¼˜æƒ*,皇å†*æ*£ç½‘cr67com,皇å†*比分,皇å†*å³æ—¶æŒ‡æ•°,太阳城代ç†112scg,tt娱ä¹åŸŽ8bc8,网上真钱娱
o1 - hosts: 127.0.0.1 0scan.com
o1 - hosts: 127.0.0.1 1000gratisproben.com
o1 - hosts: 127.0.0.1 1000gratisproben.com
o1 - hosts: 127.0.0.1 1001namen.com
o1 - hosts: 127.0.0.1 www.1001namen.com
o1 - hosts: 127.0.0.1 100888290cs.com
o1 - hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
o1 - hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
o1 - hosts: 127.0.0.1 100sexlinks.com
o1 - hosts: 127.0.0.1 www.10sek.com
o1 - hosts: 127.0.0.1 10sek.com
o1 - hosts: 127.0.0.1 1-2005-search.com
o1 - hosts: 127.0.0.1 1-2005-search.com
o1 - hosts: 15209 more lines...
O2:64bit: - bho: (avast! Webrep) - {318a227b-5e9f-45bd-8999-7f8f10ca4cf5} - c:\programme\alwil software\avast5\aswwebrepie64.dll (avast software)
o2 - bho: (spybot-s&d ie protection) - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files (x86)\spybot - search & destroy 2\sdhelper.dll (safer-networking ltd.)
o2 - bho: (java(tm) plug-in ssv helper) - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre6\bin\ssv.dll (sun microsystems, inc.)
o2 - bho: (avast! Webrep) - {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\programme\alwil software\avast5\aswwebrepie.dll (avast software)
o2 - bho: (skype plug-in) - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o3:64bit: - hklm\..\toolbar: (avast! Webrep) - {318a227b-5e9f-45bd-8999-7f8f10ca4cf5} - c:\programme\alwil software\avast5\aswwebrepie64.dll (avast software)
o3:64bit: - hklm\..\toolbar: (no name) - {32099aac-c132-4136-9e9a-4e364a424e17} - no clsid value found.
O3 - hklm\..\toolbar: (avast! Webrep) - {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\programme\alwil software\avast5\aswwebrepie.dll (avast software)
o3 - hkcu\..\toolbar\webbrowser: (no name) - {32099aac-c132-4136-9e9a-4e364a424e17} - no clsid value found.
O4 - hklm..\run: [avast5] c:\program files\alwil software\avast5\avastui.exe (avast software)
o4 - hklm..\run: [sdtray] c:\program files (x86)\spybot - search & destroy 2\sdtray.exe (safer-networking ltd.)
o4 - hklm..\run: [startccc] c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe (advanced micro devices, inc.)
o4 - hkcu..\run: [] file not found
o4 - hkcu..\run: [steam] c:\program files (x86)\steam\steam.exe (valve corporation)
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: Noactivedesktop = 1
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: Noactivedesktopchanges = 1
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Consentpromptbehavioradmin = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Consentpromptbehavioruser = 3
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Enablelua = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: Promptonsecuredesktop = 0
o8:64bit: - extra context menu item: Add to google photos screensa&ver - res://c:\windows\system32\gphotos.scr/200 file not found
o8:64bit: - extra context menu item: Free youtube download - c:\users\kevin\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm ()
o8:64bit: - extra context menu item: Free youtube to mp3 converter - c:\users\kevin\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm ()
o8:64bit: - extra context menu item: Nach microsoft e&xel exportieren - res://c:\progra~2\micros~1\office12\excel.exe/3000 file not found
o8:64bit: - extra context menu item: Web-suche - c:\program files (x86)\sweetim\toolbars\internet explorer\resources\menuext.html file not found
o8 - extra context menu item: Add to google photos screensa&ver - c:\windows\syswow64\gphotos.scr (google inc.)
o8 - extra context menu item: Free youtube download - c:\users\kevin\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm ()
o8 - extra context menu item: Free youtube to mp3 converter - c:\users\kevin\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm ()
o8 - extra context menu item: Nach microsoft e&xel exportieren - res://c:\progra~2\micros~1\office12\excel.exe/3000 file not found
o8 - extra context menu item: Web-suche - c:\program files (x86)\sweetim\toolbars\internet explorer\resources\menuext.html file not found
o9 - extra button: An onenote senden - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll (microsoft corporation)
o9 - extra 'tools' menuitem : An onenote s&enden - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll (microsoft corporation)
o9 - extra button: Skype plug-in - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o9 - extra 'tools' menuitem : Skype plug-in - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o9 - extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~2\micros~1\office12\refiebar.dll (microsoft corporation)
o9 - extra 'tools' menuitem : Spybot - search && destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files (x86)\spybot - search & destroy 2\sdhelper.dll (safer-networking ltd.)
o1364bit: - gopher prefix: Missing
o13 - gopher prefix: Missing
o16 - dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (java plug-in 1.6.0_31)
o16 - dpf: {cafeefac-0016-0000-0031-abcdeffedcba} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (java plug-in 1.6.0_31)
o16 - dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (java plug-in 1.6.0_31)
o17 - hklm\system\ccs\services\tcpip\parameters\interfaces\{6e9be9fa-4870-4150-814a-44081f580325}: Dhcpnameserver = 192.168.178.1
o18:64bit: - protocol\handler\groovelocalgws - no clsid value found
o18:64bit: - protocol\handler\ms-help - no clsid value found
o18:64bit: - protocol\handler\skype4com - no clsid value found
o18:64bit: - protocol\handler\skype-ie-addon-data - no clsid value found
o18:64bit: - protocol\handler\wlmailhtml - no clsid value found
o18 - protocol\handler\skype4com {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~2\common~1\skype\skype4~1.dll (skype technologies)
o18 - protocol\handler\skype-ie-addon-data {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o18:64bit: - protocol\filter\text/xml {807563e5-5146-11d5-a672-00b0d022e945} - c:\programme\common files\microsoft shared\office12\msoxmlmf.dll (microsoft corporation)
o18 - protocol\filter\text/xml {807563e5-5146-11d5-a672-00b0d022e945} - c:\progra~2\common~1\micros~1\office12\msoxmlmf.dll (microsoft corporation)
o20:64bit: - hklm winlogon: Shell - (explorer.exe) - c:\windows\explorer.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Userinit - (c:\windows\system32\userinit.exe) - c:\windows\sysnative\userinit.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Userinit - (userinit.exe) - c:\windows\sysnative\userinit.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Vmapplet - (systempropertiesperformance.exe) - c:\windows\sysnative\systempropertiesperformance.exe (microsoft corporation)
o20:64bit: - hklm winlogon: Vmapplet - (/pagefile) - file not found
o20 - hklm winlogon: Shell - (explorer.exe) - c:\windows\syswow64\explorer.exe (microsoft corporation)
o20 - hklm winlogon: Userinit - (userinit.exe) - c:\windows\syswow64\userinit.exe (microsoft corporation)
o20 - hklm winlogon: Vmapplet - (/pagefile) - file not found
o20 - winlogon\notify\sdwinlogon: Dllname - (sdwinlogon.dll) - file not found
o21:64bit: - ssodl: Webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - no clsid value found.
O21 - ssodl: Webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - no clsid value found.
O32 - hklm cdrom: Autorun - 1
o33 - mountpoints2\{230b4e90-339f-11e0-82d5-00248cb5883d}\shell - "" = autorun
o33 - mountpoints2\{230b4e90-339f-11e0-82d5-00248cb5883d}\shell\autorun\command - "" = k:\autorun.exe
o33 - mountpoints2\{2a323b7f-f31f-11df-8055-00248cb5883d}\shell - "" = autorun
o33 - mountpoints2\{2a323b7f-f31f-11df-8055-00248cb5883d}\shell\autorun\command - "" = f:\autoruncd.exe
o34 - hklm bootexecute: (autocheck autochk *)
o35:64bit: - hklm\..comfile [open] -- "%1" %*
o35:64bit: - hklm\..exefile [open] -- "%1" %*
o35 - hklm\..comfile [open] -- "%1" %*
o35 - hklm\..exefile [open] -- "%1" %*
o37:64bit: - hklm\...com [@ = comfile] -- "%1" %*
o37:64bit: - hklm\...exe [@ = exefile] -- "%1" %*
o37 - hklm\...com [@ = comfile] -- "%1" %*
o37 - hklm\...exe [@ = exefile] -- "%1" %*
o38 - subsystems\\windows: (serverdll=winsrv:userserverdllinitialization,3)
o38 - subsystems\\windows: (serverdll=winsrv:conserverdllinitialization,2)
o38 - subsystems\\windows: (serverdll=sxssrv,4)
========== files/folders - created within 30 days ==========
[2012.07.18 17:38:22 | 000,596,480 | ---- | c] (oldtimer tools) -- c:\users\kevin\desktop\otl.exe
[2012.07.18 16:12:06 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\local\vs revo group
[2012.07.18 16:12:05 | 000,031,800 | ---- | c] (vs revo group) -- c:\windows\sysnative\drivers\revoflt.sys
[2012.07.18 16:12:05 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\revo uninstaller pro
[2012.07.18 16:12:04 | 000,000,000 | ---d | c] -- c:\program files\vs revo group
[2012.07.18 13:54:37 | 000,000,000 | ---d | c] -- c:\programdata\spybot - search & destroy
[2012.07.18 13:54:33 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\spybot - search & destroy 2
[2012.07.18 13:54:29 | 000,017,272 | ---- | c] (safer networking limited) -- c:\windows\sysnative\sdnclean64.exe
[2012.07.18 13:54:25 | 000,000,000 | ---d | c] -- c:\program files (x86)\spybot - search & destroy 2
[2012.07.17 20:02:53 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\roaming\trojanhunter
[2012.07.17 17:38:30 | 000,000,000 | ---d | c] -- c:\program files (x86)\trojanhunter 5.5
[2012.07.16 21:27:32 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\roaming\malwarebytes
[2012.07.16 21:27:18 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\malwarebytes' anti-malware
[2012.07.16 21:27:17 | 000,000,000 | ---d | c] -- c:\programdata\malwarebytes
[2012.07.16 21:27:16 | 000,024,904 | ---- | c] (malwarebytes corporation) -- c:\windows\sysnative\drivers\mbam.sys
[2012.07.16 21:27:15 | 000,000,000 | ---d | c] -- c:\program files (x86)\malwarebytes' anti-malware
[2012.07.16 20:20:17 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\local\adaware
[2012.07.16 20:20:06 | 000,000,000 | ---d | c] -- c:\programdata\ad-aware browsing protection
[2012.07.16 20:20:02 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\ad-aware antivirus
[2012.07.16 20:19:59 | 000,060,536 | ---- | c] (gfi software) -- c:\windows\sysnative\drivers\sbhips.sys
[2012.07.16 20:19:38 | 000,119,416 | ---- | c] (gfi software) -- c:\windows\sysnative\drivers\sbfwim.sys
[2012.07.16 20:19:36 | 000,256,632 | ---- | c] (gfi software) -- c:\windows\sysnative\drivers\sbfw.sys
[2012.07.16 20:19:33 | 000,057,976 | ---- | c] (gfi software) -- c:\windows\sysnative\drivers\sbredrv.sys
[2012.07.16 20:19:33 | 000,045,936 | ---- | c] (gfi software) -- c:\windows\sysnative\sbbd.exe
[2012.07.16 20:19:30 | 000,000,000 | ---d | c] -- c:\programdata\lavasoft
[2012.07.16 20:19:30 | 000,000,000 | ---d | c] -- c:\program files (x86)\ad-aware antivirus
[2012.07.16 20:18:38 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\roaming\ad-aware antivirus
[2012.07.12 22:12:22 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\roaming\tuneup software
[2012.07.12 22:12:17 | 000,000,000 | ---d | c] -- c:\programdata\tuneup software
[2012.07.12 22:11:40 | 000,000,000 | ---d | c] -- c:\users\kevin\desktop\tuneupportable
[2012.07.11 23:02:36 | 009,822,920 | ---- | c] (adobe systems incorporated) -- c:\windows\syswow64\flashplayerinstaller.exe
[2012.07.01 14:28:24 | 000,203,320 | ---- | c] (devguru co., ltd.(www.devguru.co.kr)) -- c:\windows\sysnative\drivers\ssudmdm.sys
[2012.07.01 14:28:24 | 000,099,384 | ---- | c] (devguru co., ltd.(www.devguru.co.kr)) -- c:\windows\sysnative\drivers\ssudbus.sys
[2012.07.01 14:27:14 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\samsung
[2012.07.01 14:26:50 | 000,821,824 | ---- | c] (devguru co., ltd.) -- c:\windows\syswow64\dgderapi.dll
[2012.07.01 14:21:10 | 000,000,000 | ---d | c] -- c:\users\kevin\appdata\local\downloaded installations
[2012.06.28 09:16:15 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\logmein hamachi
[2012.06.28 09:16:15 | 000,000,000 | ---d | c] -- c:\program files (x86)\logmein hamachi
[2012.06.25 22:11:11 | 001,481,928 | ---- | c] (htc) -- c:\task29.exe
[2012.06.25 22:11:11 | 001,449,160 | ---- | c] (htc) -- c:\ruuresource.dll
[2012.06.25 22:11:11 | 000,175,304 | ---- | c] (htc) -- c:\rapitool.exe
[2012.06.25 22:11:11 | 000,008,904 | ---- | c] (htc) -- c:\enterbootloader.exe
[2012.06.25 22:01:41 | 000,000,000 | ---d | c] -- c:\windows\windowsmobile
[2012.06.24 12:33:44 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\picasa 3
[2012.06.24 12:33:36 | 000,000,000 | ---d | c] -- c:\program files (x86)\google
[3 c:\windows\sysnative\*.tmp files -> c:\windows\sysnative\*.tmp -> ]
========== files - modified within 30 days ==========
[2012.07.18 18:02:00 | 000,000,884 | ---- | m] () -- c:\windows\tasks\adobe flash player updater.job
[2012.07.18 17:52:09 | 000,014,016 | -h-- | m] () -- c:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-1.c7483456-a289-439d-8115-601632d005a0
[2012.07.18 17:52:09 | 000,014,016 | -h-- | m] () -- c:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-0.c7483456-a289-439d-8115-601632d005a0
[2012.07.18 17:45:47 | 000,067,584 | --s- | m] () -- c:\windows\bootstat.dat
[2012.07.18 17:45:44 | 2817,925,120 | -hs- | m] () -- c:\hiberfil.sys
[2012.07.18 17:38:29 | 000,596,480 | ---- | m] (oldtimer tools) -- c:\users\kevin\desktop\otl.exe
[2012.07.18 17:24:01 | 000,001,120 | ---- | m] () -- c:\windows\tasks\googleupdatetaskusers-1-5-21-1899504288-1655501396-2552275220-1000ua.job
[2012.07.18 16:12:06 | 000,001,077 | ---- | m] () -- c:\users\public\desktop\revo uninstaller pro.lnk
[2012.07.18 16:03:59 | 000,001,868 | ---- | m] () -- c:\users\public\desktop\ad-aware antivirus.lnk
[2012.07.18 16:02:26 | 000,441,872 | r--- | m] () -- c:\windows\sysnative\drivers\etc\hosts
[2012.07.18 13:54:33 | 000,002,177 | ---- | m] () -- c:\users\public\desktop\spybot-s&d start center.lnk
[2012.07.17 18:20:36 | 000,000,000 | ---- | m] () -- c:\windows\syswow64\config.nt
[2012.07.17 17:38:40 | 000,059,392 | r--- | m] () -- c:\windows\syswow64\streamhlp.dll
[2012.07.16 21:27:18 | 000,001,113 | ---- | m] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012.07.14 13:03:02 | 004,503,728 | ---- | m] () -- c:\programdata\to_r0tsef.pad
[2012.07.11 23:02:59 | 000,426,184 | ---- | m] (adobe systems incorporated) -- c:\windows\syswow64\flashplayerapp.exe
[2012.07.11 23:02:59 | 000,070,344 | ---- | m] (adobe systems incorporated) -- c:\windows\syswow64\flashplayercplapp.cpl
[2012.07.11 23:02:36 | 009,822,920 | ---- | m] (adobe systems incorporated) -- c:\windows\syswow64\flashplayerinstaller.exe
[2012.07.11 11:31:37 | 000,065,179 | ---- | m] () -- c:\users\kevin\desktop\484590_399078456816748_996819543_n.jpg
[2012.07.11 11:24:00 | 000,001,068 | ---- | m] () -- c:\windows\tasks\googleupdatetaskusers-1-5-21-1899504288-1655501396-2552275220-1000core.job
[2012.07.03 18:21:52 | 000,958,400 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswsnx.sys
[2012.07.03 18:21:52 | 000,355,856 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswsp.sys
[2012.07.03 18:21:52 | 000,071,064 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswmonflt.sys
[2012.07.03 18:21:52 | 000,059,728 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswtdi.sys
[2012.07.03 18:21:52 | 000,054,072 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswrdr2.sys
[2012.07.03 18:21:51 | 000,025,232 | ---- | m] (avast software) -- c:\windows\sysnative\drivers\aswfsblk.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | m] (avast software) -- c:\windows\avastss.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | m] (avast software) -- c:\windows\syswow64\aswboot.exe
[2012.07.03 18:21:18 | 000,285,328 | ---- | m] (avast software) -- c:\windows\sysnative\aswboot.exe
[2012.07.03 13:46:44 | 000,024,904 | ---- | m] (malwarebytes corporation) -- c:\windows\sysnative\drivers\mbam.sys
[2012.07.01 14:22:45 | 001,556,584 | ---- | m] () -- c:\windows\sysnative\perfstringbackup.ini
[2012.07.01 14:22:45 | 000,667,906 | ---- | m] () -- c:\windows\sysnative\perfh007.dat
[2012.07.01 14:22:45 | 000,627,482 | ---- | m] () -- c:\windows\sysnative\perfh009.dat
[2012.07.01 14:22:45 | 000,135,574 | ---- | m] () -- c:\windows\sysnative\perfc007.dat
[2012.07.01 14:22:45 | 000,111,060 | ---- | m] () -- c:\windows\sysnative\perfc009.dat
[2012.06.28 09:16:16 | 000,000,926 | ---- | m] () -- c:\users\public\desktop\logmein hamachi.lnk
[2012.06.25 23:21:58 | 000,000,000 | -h-- | m] () -- c:\windows\sysnative\drivers\msft_kernel_androidusb_01009.wdf
[2012.06.25 22:03:14 | 000,000,000 | -h-- | m] () -- c:\windows\sysnative\drivers\msft_user_wpdrapi2_01_00_00.wdf
[2012.06.24 12:36:44 | 000,000,069 | ---- | m] () -- c:\windows\nerodigital.ini
[3 c:\windows\sysnative\*.tmp files -> c:\windows\sysnative\*.tmp -> ]
========== files created - no company name ==========
[2012.07.18 16:12:06 | 000,001,077 | ---- | c] () -- c:\users\public\desktop\revo uninstaller pro.lnk
[2012.07.18 13:54:33 | 000,002,189 | ---- | c] () -- c:\programdata\microsoft\windows\start menu\programs\spybot-s&d start center.lnk
[2012.07.18 13:54:33 | 000,002,177 | ---- | c] () -- c:\users\public\desktop\spybot-s&d start center.lnk
[2012.07.17 17:38:31 | 000,059,392 | r--- | c] () -- c:\windows\syswow64\streamhlp.dll
[2012.07.16 21:27:18 | 000,001,113 | ---- | c] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012.07.16 20:20:02 | 000,001,868 | ---- | c] () -- c:\users\public\desktop\ad-aware antivirus.lnk
[2012.07.14 13:02:41 | 004,503,728 | ---- | c] () -- c:\programdata\to_r0tsef.pad
[2012.07.11 11:31:36 | 000,065,179 | ---- | c] () -- c:\users\kevin\desktop\484590_399078456816748_996819543_n.jpg
[2012.06.28 09:16:16 | 000,000,926 | ---- | c] () -- c:\users\public\desktop\logmein hamachi.lnk
[2012.06.25 23:21:58 | 000,000,000 | -h-- | c] () -- c:\windows\sysnative\drivers\msft_kernel_androidusb_01009.wdf
[2012.06.25 22:11:11 | 005,406,987 | ---- | c] () -- c:\ruu_signed.nbh
[2012.06.25 22:11:11 | 000,213,864 | ---- | c] () -- c:\modelid.fig
[2012.06.25 22:11:11 | 000,141,368 | ---- | c] () -- c:\errorusb.fig
[2012.06.25 22:11:11 | 000,095,552 | ---- | c] () -- c:\errorbattery.fig
[2012.06.25 22:11:11 | 000,013,512 | ---- | c] () -- c:\ruugetinfo.exe
[2012.06.25 22:11:11 | 000,000,013 | ---- | c] () -- c:\romupdateutility.cfg
[2012.06.25 22:03:14 | 000,000,000 | -h-- | c] () -- c:\windows\sysnative\drivers\msft_user_wpdrapi2_01_00_00.wdf
[2012.06.09 12:58:30 | 1577,393,839 | ---- | c] () -- c:\windows\syswow64\pcars_0226_0_build_10_pre-alpha_pc-ext-1b.bin
[2012.06.09 12:57:47 | 1991,905,280 | ---- | c] () -- c:\windows\syswow64\pcars_0226_0_build_10_pre-alpha_pc-ext-1a.bin
[2012.05.23 18:49:34 | 000,030,568 | ---- | c] () -- c:\windows\musiccitydownload.exe
[2012.01.17 17:27:05 | 000,000,182 | ---- | c] () -- c:\users\kevin\appdata\roaming\default.pls
[2011.06.16 20:01:08 | 000,014,545 | ---- | c] () -- c:\users\kevin\.transfermanager.db
[2011.06.07 11:13:38 | 000,974,848 | ---- | c] () -- c:\windows\syswow64\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | c] () -- c:\windows\syswow64\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | c] () -- c:\windows\syswow64\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | c] () -- c:\windows\syswow64\issacapi_se-2.3.dll
[2011.05.14 15:49:44 | 000,000,069 | ---- | c] () -- c:\windows\nerodigital.ini
[2011.05.14 14:23:12 | 000,000,026 | ---- | c] () -- c:\windows\irremote.ini
[2011.05.14 14:23:02 | 000,001,024 | ---- | c] () -- c:\users\kevin\.rnd
[2011.05.13 17:19:20 | 000,027,648 | ---- | c] () -- c:\windows\syswow64\avsredirect.dll
[2011.02.27 13:30:29 | 000,139,816 | -h-- | c] () -- c:\windows\syswow64\mlfcache.dat
[2011.02.26 18:36:47 | 000,000,000 | ---- | c] () -- c:\windows\nsreg.dat
[2011.02.12 17:26:04 | 000,011,776 | ---- | c] () -- c:\users\kevin\appdata\local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
[2010.12.26 15:29:36 | 000,000,093 | ---- | c] () -- c:\users\kevin\appdata\local\fusioncache.dat
[2010.12.25 14:39:42 | 001,555,058 | ---- | c] () -- c:\windows\syswow64\perfstringbackup.ini
[2010.12.25 14:38:19 | 000,669,184 | ---- | c] () -- c:\windows\syswow64\pbsvc.exe
[2010.12.23 14:36:06 | 000,214,520 | ---- | c] () -- c:\windows\syswow64\pnkbstrb.exe
[2010.12.23 14:36:04 | 000,075,136 | ---- | c] () -- c:\windows\syswow64\pnkbstra.exe
[2010.12.23 14:36:03 | 000,000,331 | ---- | c] () -- c:\windows\game.ini
[2010.11.21 16:16:52 | 000,040,960 | ---- | c] () -- c:\windows\syswow64\kmremove.exe
[2010.11.20 15:40:52 | 000,000,056 | -h-- | c] () -- c:\windows\syswow64\ezsidmv.dat
[2010.11.18 17:28:01 | 000,003,972 | ---- | c] () -- c:\windows\syswow64\drivers\pcibus.sys
[2010.11.17 19:21:26 | 000,000,000 | ---- | c] () -- c:\windows\ativpsrm.bin
========== lop check ==========
[2012.07.16 21:27:51 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\ad-aware antivirus
[2011.01.15 13:54:07 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\daemon tools lite
[2012.02.08 12:29:56 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\dvdvideosoft
[2010.12.12 14:30:43 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\dvdvideosoftiehelpers
[2011.02.14 23:57:32 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\hardcore
[2010.11.24 00:36:20 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\imgburn
[2010.12.03 16:33:27 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\irfanview
[2011.02.19 19:14:51 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\juce vst host
[2010.11.21 15:52:21 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\miranda fusion
[2012.07.01 14:21:28 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\samsung
[2012.07.17 19:40:00 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\spotify
[2012.07.17 20:02:53 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\trojanhunter
[2012.07.12 22:12:22 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\tuneup software
[2012.04.02 09:48:15 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\tuneup software-backupbytuneupportable
[2012.06.09 15:09:02 | 000,000,000 | ---d | m] -- c:\users\kevin\appdata\roaming\utorrent
[2012.04.26 16:44:19 | 000,032,632 | ---- | m] () -- c:\windows\tasks\schedlgu.txt
========== purity check ==========
< end of report >
--- --- ---
extras:
OTL Logfile: Code:
otl extras logfile created on: 18.07.2012 17:58:52 - run 1
otl by oldtimer - version 3.2.54.0 folder = c:\users\kevin\desktop
64bit- ultimate edition (version = 6.1.7600) - type = ntworkstation
internet explorer (version = 8.0.7600.16385)
locale: 00000407 | country: Deutschland | language: Deu | date format: Dd.mm.yyyy
3,50 gb total physical memory | 2,08 gb available physical memory | 59,44% memory free
7,00 gb paging file | 5,23 gb available in paging file | 74,72% paging file free
paging file location(s): ?:\pagefile.sys [binary data]
%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files (x86)
drive c: | 292,87 gb total space | 89,78 gb free space | 30,66% space free | partition type: Ntfs
drive d: | 638,54 gb total space | 93,88 gb free space | 14,70% space free | partition type: Ntfs
computer name: Kevin-pc | user name: Kevin | logged in as administrator.
Boot mode: Normal | scan mode: Current user | include 64bit scans
company name whitelist: Off | skip microsoft files: Off | no company name whitelist: On | file age = 30 days
========== extra registry (safelist) ==========
========== file associations ==========
64bit: [hkey_local_machine\software\classes\<extension>]
.html[@ = firefoxhtml] -- c:\program files (x86)\mozilla firefox\firefox.exe (mozilla corporation)
.url[@ = internetshortcut] -- c:\windows\sysnative\rundll32.exe (microsoft corporation)
[hkey_local_machine\software\classes\<extension>]
.cpl [@ = cplfile] -- c:\windows\syswow64\control.exe (microsoft corporation)
.html [@ = firefoxhtml] -- c:\program files (x86)\mozilla firefox\firefox.exe (mozilla corporation)
[hkey_current_user\software\classes\<extension>]
.html [@ = chromehtml] -- reg error: Key error. File not found
========== shell spawning ==========
64bit: [hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- reg error: Key error.
Http [open] -- "c:\program files (x86)\mozilla firefox\firefox.exe" -requestpending -osint -url "%1" (mozilla corporation)
https [open] -- "c:\program files (x86)\mozilla firefox\firefox.exe" -requestpending -osint -url "%1" (mozilla corporation)
inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
internetshortcut [open] -- "c:\windows\system32\rundll32.exe" "c:\windows\system32\ieframe.dll",openurl %l (microsoft corporation)
internetshortcut [print] -- "c:\windows\system32\rundll32.exe" "c:\windows\system32\mshtml.dll",printhtml "%1" (microsoft corporation)
piffile [open] -- "%1" %*
regfile [merge] -- reg error: Key error.
Scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- reg error: Key error.
Unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1
directory [addtoplaylistvlc] -- "c:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [onenote.open] -- c:\progra~2\micros~1\office12\onenote.exe "%l"
directory [playwithvlc] -- "c:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: Value error.
Drive [find] -- %systemroot%\explorer.exe (microsoft corporation)
[hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %systemroot%\system32\control.exe "%1",%* (microsoft corporation)
exefile [open] -- "%1" %*
helpfile [open] -- reg error: Key error.
Http [open] -- "c:\program files (x86)\mozilla firefox\firefox.exe" -requestpending -osint -url "%1" (mozilla corporation)
https [open] -- "c:\program files (x86)\mozilla firefox\firefox.exe" -requestpending -osint -url "%1" (mozilla corporation)
inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
piffile [open] -- "%1" %*
regfile [merge] -- reg error: Key error.
Scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- reg error: Key error.
Unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1
directory [addtoplaylistvlc] -- "c:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [onenote.open] -- c:\progra~2\micros~1\office12\onenote.exe "%l"
directory [playwithvlc] -- "c:\program files (x86)\videolan\vlc\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: Value error.
Drive [find] -- %systemroot%\explorer.exe (microsoft corporation)
========== security center settings ==========
64bit: [hkey_local_machine\software\microsoft\security center]
"cval" = 1
64bit: [hkey_local_machine\software\microsoft\security center\monitoring]
64bit: [hkey_local_machine\software\microsoft\security center\svc]
"vistasp1" = 28 4d b2 76 41 04 ca 01 [binary data]
"antivirusoverride" = 0
"antispywareoverride" = 0
"firewalloverride" = 0
64bit: [hkey_local_machine\software\microsoft\security center\svc\vol]
[hkey_local_machine\software\microsoft\security center]
[hkey_local_machine\software\microsoft\security center\svc]
========== firewall settings ==========
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile]
"disablenotifications" = 0
"enablefirewall" = 1
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"disablenotifications" = 0
"enablefirewall" = 1
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\publicprofile]
"disablenotifications" = 0
"enablefirewall" = 1
========== authorized applications list ==========
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"c:\program files (x86)\spybot - search & destroy 2\sdtray.exe" = c:\program files (x86)\spybot - search & destroy 2\sdtray.exe:*:enabled:spybot-s&d 2 tray icon -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe" = c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe:*:enabled:spybot-s&d 2 scanner service -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe:*:enabled:spybot-s&d 2 updater -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe" = c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe:*:enabled:spybot-s&d 2 background update service -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdtray.exe" = c:\program files (x86)\spybot - search & destroy 2\sdtray.exe:*:enabled:spybot-s&d 2 tray icon -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe" = c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe:*:enabled:spybot-s&d 2 scanner service -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe" = c:\program files (x86)\spybot - search & destroy 2\sdupdate.exe:*:enabled:spybot-s&d 2 updater -- (safer-networking ltd.)
"c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe" = c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe:*:enabled:spybot-s&d 2 background update service -- (safer-networking ltd.)
========== vista active open ports exception list ==========
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules]
"{02280596-8c68-49f1-9b41-454369e41dc8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05e194ae-a845-4e04-a516-0dede1d87793}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{144521bb-3ff4-4718-80f0-6fb398e60dd5}" = lport=139 | protocol=6 | dir=in | app=system |
"{14a056f2-853f-4bfa-9f1d-fae03c37e82a}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{214132b2-258f-4d01-9121-6d3f03ee40c1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{249dd762-bded-4720-92b8-f3a1343132f4}" = lport=138 | protocol=17 | dir=in | app=system |
"{33d0d726-e319-4ca2-a61b-ba0191b5d964}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{38d90a74-6a76-4323-8ee6-08dfb54ee08c}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{489325ef-2e01-4262-a68f-20019412cebe}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{4b26d353-7a86-4a8f-96b0-104d7527005f}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5242d273-da73-4573-89f8-07195d7c939f}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{54a8d185-d39a-4b84-99eb-3544b09a0c1d}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5a47c0ad-0080-4821-ab34-4add7c319f92}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6249ecf5-8544-482f-ba9e-f7e5d82083ed}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6a3c6993-7938-46c4-8af6-03ea76383808}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71d49bfb-5165-4457-9b90-d7e0d19758a4}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7bd34bb6-c2f0-468c-a559-53ab5d5b5da7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7ef02133-0e70-4d80-aedb-a5f2bb32e18c}" = lport=445 | protocol=6 | dir=in | app=system |
"{7f376fa6-d815-4c3c-9943-b69db1d81216}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87d5e822-97f9-4034-b18b-3b9e060c0be4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8ac9ad41-0da6-4359-91d7-74652b101e72}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8cf36088-a941-4b63-b230-f67faebd9463}" = rport=139 | protocol=6 | dir=out | app=system |
"{9447cc3b-6e9a-40ba-b496-71d50d23df7d}" = rport=137 | protocol=17 | dir=out | app=system |
"{94fc5499-b6e7-49d0-9f16-e7a2e084c560}" = lport=137 | protocol=17 | dir=in | app=system |
"{95f9c8a9-2448-4d1b-905c-ff2a22b8b203}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{a3f99ae2-2541-4f95-a3be-8d2ab06d21e3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{a9bdf8b2-5c27-4bc5-95a9-42131cd856b4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{aba30395-b692-4e91-bbb6-587b225434cb}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ae4ba273-f2ed-494d-94db-064b23cf9358}" = lport=2869 | protocol=6 | dir=in | app=system |
"{bc843ba5-0046-4c27-83bd-0bd584fccf8e}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{bee2b895-981a-40a4-8656-f2c1bc60d59f}" = rport=138 | protocol=17 | dir=out | app=system |
"{c6e10e56-0a26-4153-8a8c-5646a6ec0fd8}" = rport=445 | protocol=6 | dir=out | app=system |
"{d13151ef-1b9d-44d1-b5b1-110767fcd084}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{e5b39be7-8455-4022-a795-1d68cebf7a91}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ef1578f8-1096-48f6-a859-cb3e1019ee5b}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{f0381813-ab61-4b08-9b7c-5a9c541ef00e}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{f614dfcf-dd79-4ae3-b26f-0607f6a84c60}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{fa5632b7-48eb-458a-846d-90be40c9af48}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== vista active application exception list ==========
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules]
"{0194e576-1c92-4a7e-b3a8-8445ea769f0a}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{01a5821c-7c1d-4766-88e6-b0da97d5da1a}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{03885ec0-76e5-415c-b98e-3f4e641fb248}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0474cbde-1b00-41eb-88c9-44a00060a4b4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{09df9b79-7ee2-4b4d-a6a1-bc9eef62f1b7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0c2734b1-6a47-4a58-aac8-b431d8c45c6b}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{14fbbf20-8b50-4378-8b90-23cb77bd5886}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{183966cf-299a-4ad3-a0fa-ef0e8e3f5539}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1f406b72-f4f0-4b8a-8eb4-07b96d8ab1d6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{211c5b64-01fe-4101-b957-731a45700c2c}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2378b3b7-b061-4848-b9c4-1d0cb895fb4f}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{250cf241-b0c6-4ff4-8351-994d361a92f5}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{27c0093f-3afa-475a-a291-3c280962d221}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2bbd7613-3684-47ca-a919-30e233a2db2a}" = protocol=6 | dir=in | app=c:\program files (x86)\mirandafusion\miranda32.exe |
"{32ee9070-e085-4b2f-bb54-ff7cb3f91745}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{364ad5e4-3573-4883-80f4-f60f4b31ed85}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{37352928-67e4-4bd7-9628-4f14d20d7994}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3e204c30-2273-43c7-ad10-6504371cfc1d}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{434235f0-aa8b-4de9-81d0-b1e5160dbe1f}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{43e854c5-3397-4b90-9e32-fc094a27d860}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4687bb71-c660-48b7-b4d4-21fb458d99e2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{4754ac0a-d0f6-4e15-b41a-c5f59dee11ed}" = protocol=17 | dir=in | app=c:\users\kevin\appdata\roaming\spotify\spotify.exe |
"{480c6d17-fb07-4547-b461-ba43643aa079}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{50fc0727-c828-44ec-9b89-7d9271780b93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{51a0418b-8ead-472b-a6e1-ba7cebdfccd3}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{51ec3a7d-a57a-4683-8456-5684d032ca8e}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54018e24-5909-4acb-9285-c33330783c58}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55257eb0-61aa-4857-92c0-0ddfbd7a5990}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58924a2f-9586-4249-a127-24e7cfea3279}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58c29810-f5eb-4392-abb2-faebcb54528e}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{5bb9b0fd-30f8-40b9-9f3c-6c949e067a22}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5faecb0f-e218-46fd-961a-9116d0454f9d}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{602ee050-3c4d-472d-8598-74a4df78f0e0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{65dff42a-d6ff-4d05-8df0-0a14fa474ab7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6638c223-4cae-4d24-81d8-5e7c0c50c1fc}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{678d94bf-d28d-4045-9e13-080153fa0d3a}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{69a0c520-dabd-45e1-a77b-e886bdedccb6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{75e5b349-9607-441c-97ed-50d761a37172}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7e6c3414-0af1-4b50-9137-ca5ec0517361}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{823e54bd-887b-4777-ada6-817624ee52f0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{836968cb-522f-47df-a98e-e743b14cd184}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{84409f83-7f91-4839-ae93-6c03db821ae2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{868f0dca-e936-4aa2-a248-527e19dcd0da}" = protocol=17 | dir=in | app=c:\program files (x86)\mirandafusion\miranda32.exe |
"{8a5dba5f-8672-4ff1-a399-cbeb0c62e7ba}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8fc14032-f9fb-478d-bdf7-944363230fd0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{908e0400-0785-411c-a3bb-5a4f7cc8ae06}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{95f34e02-0005-4f04-bdea-e57276ab835d}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{97039f28-4e02-45ae-8f1d-6401fb54c310}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9ac393c8-f374-4f2a-a115-31d5c7ced94c}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{9bfa0ccd-7089-419d-8055-0896f997ff71}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9bfdb6c9-bd99-4ee3-985b-1d1adda35b87}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{9c6ea0da-45d3-45b0-9e17-a9d7355f5cc5}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{9f993729-9ab3-4b1c-a815-6b792e2fb6ea}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{a07ecafa-1b5b-44aa-b673-5f7154ee6885}" = protocol=6 | dir=in | app=c:\program files (x86)\mirandafusion\fusiontools\updater.exe |
"{a3a1c890-caa9-4b93-b662-4f5c1a5bfd78}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{a5eecc53-4c43-4100-a13d-58f319a49560}" = protocol=17 | dir=in | app=c:\users\kevin\appdata\roaming\spotify\spotify.exe |
"{ae16de24-9908-4fab-bcea-2f631a2f728e}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{ae90c919-fb1e-472d-ae77-66555074e078}" = protocol=6 | dir=in | app=c:\users\kevin\appdata\roaming\spotify\spotify.exe |
"{b12c3352-3a42-4209-8787-04e23cbd7baa}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{b39edec3-695a-4227-bb9d-bd2d3a42dd9a}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{b62c5fb7-7135-4b0e-a9d1-b083908f0f0d}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{b7a02a1a-5f10-44a7-9859-96577f226b5a}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{bcd9828c-6c0c-4af8-b8e4-aa440ba31eac}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{bd9d9eb1-1a8f-4616-a6ec-c1b9ff286bb0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{be44ad32-5237-45af-8bff-286b0df4486e}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{bfef8091-4e00-4581-b02b-3adacd201e91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{c4b0a87d-e283-46c4-8fcb-108a919f7dd1}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{c69f5934-ed5f-46ce-ba7d-41fa034a0db3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{c6b8b35d-220e-4c74-b6f7-14b45660ea09}" = protocol=6 | dir=in | app=c:\users\kevin\appdata\roaming\spotify\spotify.exe |
"{c7441a5c-b1c7-4a78-b26a-4ce0f504b3f3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{c7a75a8e-bb1d-41e4-9306-3af2a8e25743}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{cb374958-683f-48bd-9e30-1fac0bee2da6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{ccf4d525-5d4c-49e6-9a77-67e5d3ecffd8}" = protocol=6 | dir=out | app=system |
"{d3870edf-e2fa-4cc9-8033-dd17bc7fedb0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{d4410634-c173-4c8a-9d54-dcb1381368ae}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{df5d1cbe-6a1e-4fbf-ae11-02d075a5dd19}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{ea5923a6-fa43-4f73-a2c0-ee6b0279c76b}" = protocol=17 | dir=in | app=c:\program files (x86)\mirandafusion\fusiontools\updater.exe |
"{eabd735f-1cf9-4a10-b2a6-0820c49139f4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{ed58cd6a-18c4-4a4a-af74-4c9fde1e73be}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ee296ba8-38dd-4d32-9651-a8d9d67958c6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ef71b8e8-7c93-4ba1-9441-01b89e90234c}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{f1b017d0-b226-4fc8-9cea-cf284b8e8339}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{f2b1f8e7-7895-4f8f-a594-ad5debbd481c}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{f61ff1c9-1527-433d-b5ff-9a34fe930b61}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{f8b0a35b-9bdd-45c9-ad84-7809ae238897}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"tcp query user{2300d129-ebd7-43f8-8bbd-9a4b46748331}c:\program files (x86)\mirandafusion\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirandafusion\miranda32.exe |
"tcp query user{24ba87cd-8a46-4196-8950-7e57a690f555}c:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"tcp query user{61a8d789-2d10-486a-8878-32ca113539e2}c:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"tcp query user{84655568-bab3-44f1-8936-69bb959133ba}c:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"tcp query user{855fa76d-ebcc-4a23-8481-876babb19a66}c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe |
"tcp query user{cb315ba0-bb2b-423c-a32c-6a6f8b480a90}c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"tcp query user{cce4b094-4105-4cd4-b4a1-4658468438eb}c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe |
"tcp query user{e1593083-6dda-4ca8-a2bc-515cbc777fca}c:\casino\bwin casino\casino.exe" = protocol=6 | dir=in | app=c:\casino\bwin casino\casino.exe |
"tcp query user{e4c68518-779e-4d72-9f09-5275dff8bffd}c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"tcp query user{ea313784-59e0-46cc-bb32-09a206b1f6d8}c:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"tcp query user{f13294a7-aff3-4169-85f8-21fb2fb7fe7b}c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"udp query user{23a2c3c2-72f5-455a-bfef-68d492f8822a}c:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"udp query user{358637d8-3f37-407f-a604-01776cb8e82e}c:\program files (x86)\mirandafusion\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirandafusion\miranda32.exe |
"udp query user{4924b3b8-0afc-4944-bf42-415307b8598e}c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"udp query user{4d7896f5-a352-4b44-a8a5-c8c8a98392b3}c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe |
"udp query user{696a4ba1-dca6-4378-a867-8f15acd94479}c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"udp query user{74c0b057-ba0b-40dd-b950-855230546d9a}c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"udp query user{750f0a13-8ad6-4abf-a17c-5886376b38d8}c:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"udp query user{78cc5b14-f10d-4748-9314-8f59e2785f27}c:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"udp query user{81ac2df2-a925-4a01-8394-3c7dbfc0af89}c:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"udp query user{8277a40d-cd80-4fe8-86f1-a5760e94707f}c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe |
"udp query user{f200757a-3ef4-4893-8d22-26f23a08a076}c:\casino\bwin casino\casino.exe" = protocol=17 | dir=in | app=c:\casino\bwin casino\casino.exe |
========== hkey_local_machine uninstall list ==========
64bit: [hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = microsoft visual c++ 2005 redistributable (x64)
"{0e3daf3d-ff69-345a-a99e-1fed304ca083}" = microsoft .net framework 4 client profile deu language pack
"{563f041c-dfdb-437b-a1e8-e141e0906076}" = microsoft intellipoint 8.0
"{67579783-0fb7-4f7b-b881-e5be47c9dbe0}_is1" = revo uninstaller pro 2.5.8
"{680edc0c-a625-e1b4-3d5c-44baafc89466}" = ati avivo64 codecs
"{6b32ed58-8f81-92b9-5061-09eba3822200}" = amd drag and drop transcoding
"{6e50e80c-87dd-a1a3-c962-c173dc3f8c7a}" = ccc-utility64
"{74a5c3d5-fc37-5588-e6e5-4c41943b6255}" = ati catalyst install manager
"{7c5815c7-a23e-6676-c12f-8f5f49da49a2}" = wmv9/vc-1 video playback
"{90120000-002a-0000-1000-0000000ff1ce}" = microsoft office office 64-bit components 2007
"{90120000-002a-0407-1000-0000000ff1ce}" = microsoft office shared 64-bit mui (german) 2007
"{95120000-00b9-0409-1000-0000000ff1ce}" = microsoft application error reporting
"{cad041c0-915a-d164-fe87-d621d724052c}" = ati problem report wizard
"{d0795b21-0cda-4a92-ab9e-6e92d8111e44}" = samsung usb driver for mobile phones
"{f5b09cfd-f0b2-36af-8df4-1df6b63fc7b4}" = microsoft .net framework 4 client profile
"microsoft .net framework 4 client profile" = microsoft .net framework 4 client profile
"microsoft .net framework 4 client profile deu language pack" = microsoft .net framework 4 client profile deu language pack
[hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{000e79b7-e725-4f01-870a-c12942b7f8e4}" = crysis(r)
"{00354244-97b1-c361-e658-dc106c3fac08}" = ccc help danish
"{036f1508-5d80-e572-6d05-2617865ad128}" = ccc help thai
"{048298c9-a4d3-490b-9ff9-ab023a9238f3}" = steam
"{07c87a2c-fb78-82a2-3ebb-f7bdc7275000}" = ccc-core-static
"{0c77a3d6-2b9b-2b2e-6e91-e24d9c8e5756}" = ccc help turkish
"{0fea4bae-fb2a-c014-ecdd-4a62a65dc597}" = ccc help hungarian
"{15c47a4f-1e9f-4497-32d2-22d3f1027edf}" = ccc help japanese
"{1b0963e5-4492-7f6b-ddcc-d229b498049d}" = ccc help korean
"{1f1c2dfc-2d24-3e06-bcb8-725134adf989}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148
"{205c6bdd-7b73-42de-8505-9a093f35a238}" = windows live-uploadtool
"{22b775e7-6c42-4fc5-8e10-9a5e3257bd94}" = msvcrt
"{26a24ae4-039d-4ca4-87b4-2f83216031ff}" = java(tm) 6 update 31
"{3175e049-f9a9-4a3d-8f19-ac9fb04514d1}" = windows live communications platform
"{3552f940-0fa6-8848-d130-c73a3df84acb}" = catalyst control center localization all
"{3f425f12-3a1b-4511-97b2-e2bb4701b745}" = crysis wars(r)
"{409c6e05-9c41-6083-d8d7-8ee08d702255}" = catalyst control center graphics previews vista
"{43e506cc-6633-4f2a-8d8e-4a95d2384393}" = crysis wars(r) patch
"{4a03706f-666a-4037-7777-5f2748764d10}" = java auto updater
"{4ad507c7-e015-291f-2fa7-1a089b6f720d}" = hydravision
"{4d39c6f5-7bfa-7c66-b54c-3695d0006515}" = ccc help dutch
"{52b97218-98cb-4b8b-9283-d213c85e1aa4}" = windows live anmelde-assistent
"{547aaeb1-372d-08d3-5449-65606545b46c}" = ccc help portuguese
"{56c049be-79e9-4502-bea7-9754a3e60f9b}" = neroxml
"{5d4c60aa-84e6-4e1a-8a68-69970d387be1}" = tuneup utilities language pack (de-de)
"{5db65884-c963-4454-aaba-4ca3089281fa}" = nvidia physx
"{626da86e-49d5-bd53-0953-83e437a6eee7}" = ccc help english
"{65212c14-87cc-0ed8-8b9b-e079b56b7f34}" = ccc help greek
"{68714069-8dd6-040f-8331-46ab2e36cebd}" = catalyst control center graphics previews common
"{6ab57823-3580-4ce0-9cf0-072e2a39460c}" = catalyst control center - branding
"{6b391a20-6f1d-1357-0802-c3573c0737a7}" = ccc help italian
"{6d30a596-9ef4-513d-5190-c40bba0c8da9}" = ccc help norwegian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = microsoft visual c++ 2005 redistributable
"{7353bae6-5e49-46c4-a9b5-8a269a313789}" = crysis warhead(r)
"{7519eb2c-b727-f894-fada-2c6f5d33bb70}" = ccc help czech
"{758c8301-2696-4855-af45-534b1200980a}" = samsung kies
"{789a5b64-9dd9-4ba5-915a-f0fc0a1b7bfe}" = apple software update
"{7b4a5c13-069f-4afe-ae57-c497b4e33c7e}" = call of duty(r) 2 patch 1.3
"{7be1318c-db1d-7da4-70ed-000e95b2673d}" = ccc help polish
"{7ee5fca7-6902-f7fa-0716-962dad525f59}" = ccc help swedish
"{7f752bab-4afd-4138-983d-7e9e7cfe077d}" = gamespy comrade
"{7fb413c8-3cad-49f7-a67c-6efeb4b04050}" = logmein hamachi
"{891d0b03-05df-4cd1-b267-268fda1c1031}" = nero 8
"{8e5233e1-7495-44fb-8deb-4be906d59619}" = junk mail filter update
"{90120000-0015-0407-0000-0000000ff1ce}" = microsoft office access mui (german) 2007
"{90120000-0015-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-0016-0407-0000-0000000ff1ce}" = microsoft office excel mui (german) 2007
"{90120000-0016-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-0018-0407-0000-0000000ff1ce}" = microsoft office powerpoint mui (german) 2007
"{90120000-0018-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-0019-0407-0000-0000000ff1ce}" = microsoft office publisher mui (german) 2007
"{90120000-0019-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001a-0407-0000-0000000ff1ce}" = microsoft office outlook mui (german) 2007
"{90120000-001a-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001b-0407-0000-0000000ff1ce}" = microsoft office word mui (german) 2007
"{90120000-001b-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001f-0407-0000-0000000ff1ce}" = microsoft office proof (german) 2007
"{90120000-001f-0407-0000-0000000ff1ce}_enterprise_{2ab528a5-bb1b-4ebe-8e51-ad0c4cd33ca9}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001f-0409-0000-0000000ff1ce}" = microsoft office proof (english) 2007
"{90120000-001f-0409-0000-0000000ff1ce}_enterprise_{3ec77d26-799b-4cd8-914f-c1565e796173}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001f-040c-0000-0000000ff1ce}" = microsoft office proof (french) 2007
"{90120000-001f-040c-0000-0000000ff1ce}_enterprise_{430971b1-c31e-45da-81e0-72c095bab72c}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-001f-0410-0000-0000000ff1ce}" = microsoft office proof (italian) 2007
"{90120000-001f-0410-0000-0000000ff1ce}_enterprise_{58fc5e37-dd28-4d4a-a549-125744c6763c}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-002a-0000-1000-0000000ff1ce}_enterprise_{00c5525b-3cb3-467d-8100-2e6fb306cd86}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-002a-0407-1000-0000000ff1ce}_enterprise_{888b9ac7-8f5c-456b-a27a-157a6c310e52}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-002c-0407-0000-0000000ff1ce}" = microsoft office proofing (german) 2007
"{90120000-0030-0000-0000-0000000ff1ce}" = microsoft office enterprise 2007
"{90120000-0030-0000-0000-0000000ff1ce}_enterprise_{bee75e01-dd3f-4d5f-b96c-609e6538d419}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-0044-0407-0000-0000000ff1ce}" = microsoft office infopath mui (german) 2007
"{90120000-0044-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-006e-0407-0000-0000000ff1ce}" = microsoft office shared mui (german) 2007
"{90120000-006e-0407-0000-0000000ff1ce}_enterprise_{888b9ac7-8f5c-456b-a27a-157a6c310e52}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-00a1-0407-0000-0000000ff1ce}" = microsoft office onenote mui (german) 2007
"{90120000-00a1-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90120000-00ba-0407-0000-0000000ff1ce}" = microsoft office groove mui (german) 2007
"{90120000-00ba-0407-0000-0000000ff1ce}_enterprise_{dcbece36-8f23-4b33-925e-a1c6183c0dbd}" = 2007 microsoft office suite service pack 1 (sp1)
"{90c1bd52-6d66-035b-d2e1-2021577a1df4}" = ccc help german
"{9a25302d-30c0-39d9-bd6f-21e6ec160475}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.17
"{9c16da7c-0ca8-80c5-0ac0-86e6208f2132}" = ccc help chinese traditional
"{a0427801-0b7d-25cb-9c5a-b11b8c925274}" = ccc help finnish
"{ac76ba86-7ad7-1031-7b44-aa1000000001}" = adobe reader x (10.1.3) - deutsch
"{b2bf0c85-acef-8711-edd2-b57e6aff0a80}" = ccc help french
"{b4092c6d-e886-4cb2-ba68-fe5a99d31de7}_is1" = spybot - search & destroy
"{bbf0a67b-5dba-452f-9d2e-6f168bc226e4}" = need for speed™ shift
"{c4d738f7-996a-4c81-b8fa-c4e26d767e41}" = windows live mail
"{cafa57e8-8927-4912-afcf-b0aa3837e989}" = windows live essentials
"{cb2f7edd-9d1f-43c1-90fc-4f52eae172a1}" = microsoft .net framework 1.1
"{cb9a9e1b-9643-3f0c-5da9-49de1451e220}" = ccc help chinese standard
"{cd95d125-2992-4858-b3ef-5f6fb52fbad6}" = skype toolbars
"{ce026cfe-73fe-4fed-9d5f-2c8d4db512b0}" = tuneup utilities language pack (de-de)
"{d0a05794-48c2-4424-a15a-9f20fcfdd374}" = call of duty(r) 2
"{dd13d7b7-3f88-5871-48d2-8d6ed67f87f6}" = ccc help russian
"{e48469cc-635e-4fd5-a122-1497c286d217}" = call of duty(r) 4 - modern warfare(tm)
"{ea59ccc6-465f-3c8e-1fcb-fe62edff68d6}" = catalyst control center installproxy
"{ec1f15e1-f3cc-46ee-b7a5-849a08ed60dc}}_is1" = pantsoff 2.0
"{ee6097dd-05f4-4178-9719-d3170bf098e8}" = apple application support
"{ee7257a2-39a2-4d2f-9dac-f9f25b8ae1d8}" = skype™ 5.9
"{ef7e931d-dc84-471b-8db6-a83358095474}" = ea download manager
"{f0e12bba-ad66-4022-a453-a1c8a0c4d570}" = microsoft choice guard
"{f132af7f-7bca-4ede-8a7c-958108fe7dbc}" = realtek high definition audio driver
"{f524c571-ce0b-59d0-c3af-0abe5e493308}" = ccc help spanish
"{fc8208f2-b1c1-4253-9e89-d518e983b7bb}" = ad-aware antivirus
"{fd31ad0d-98ed-4d54-b2c3-03646c3545b8}_is1" = project cars
"5513-1208-7298-9440" = jdownloader 0.9
"ad-aware browsing protection" = ad-aware browsing protection
"adobe flash player activex" = adobe flash player 11 activex
"adobe flash player plugin" = adobe flash player 11 plugin
"avast" = avast! Free antivirus
"btcmaestro" = keymaestro input device driver v2.0.u-112a6 mul
"bwin casino" = bwin casino
"crysis warhead(r)" = crysis warhead(r)
"crysis wars(r)" = crysis wars(r)
"crysis wars(r) patch" = crysis wars(r) patch
"eadm" = ea download manager
"enterprise" = microsoft office enterprise 2007
"everest ultimate edition_is1" = everest ultimate edition v5.50
"free youtube to mp3 converter_is1" = free youtube to mp3 converter version 3.10.15.1228
"imgburn" = imgburn
"installshield_{758c8301-2696-4855-af45-534b1200980a}" = samsung kies
"installshield_{8a15b7d9-908a-4ef9-ba84-5aede61743ee}" = call of duty(r) 4 - modern warfare(tm) 1.6 patch
"installshield_{931c37fc-594d-43a9-b10f-a2f2b1f03498}" = call of duty(r) 4 - modern warfare(tm) 1.7 patch
"installshield_{d0a05794-48c2-4424-a15a-9f20fcfdd374}" = call of duty(r) 2
"installshield_{e48469cc-635e-4fd5-a122-1497c286d217}" = call of duty(r) 4 - modern warfare(tm)
"irfanview" = irfanview (remove only)
"logmein hamachi" = logmein hamachi
"malwarebytes' anti-malware_is1" = malwarebytes anti-malware version 1.62.0.1300
"mirandafusion" = miranda fusion 3.0.8
"mozilla firefox 11.0 (x86 de)" = mozilla firefox 11.0 (x86 de)
"picasa 3" = picasa 3
"punkbustersvc" = punkbuster services
"steam app 10190" = call of duty: Modern warfare 2 - multiplayer
"steam app 42680" = call of duty: Modern warfare 3
"steam app 42690" = call of duty: Modern warfare 3 - multiplayer
"steam app 42700" = call of duty: Black ops
"steam app 42710" = call of duty: Black ops - multiplayer
"steam app 42750" = call of duty: Modern warfare 3 - dedicated server
"utorrent" = µtorrent
"vlc media player" = vlc media player 1.1.9
"winamp" = winamp
"winlivesuite_wave3" = windows live essentials
"winrar archiver" = winrar archiver
========== hkey_current_user uninstall list ==========
[hkey_current_user\software\microsoft\windows\currentversion\uninstall]
"google chrome" = google chrome
"spotify" = spotify
"winamp detect" = winamp erkennungs-plug-in
========== last 20 event log errors ==========
[ application events ]
error - 11.07.2012 06:10:34 | computer name = kevin-pc | source = sidebyside | id = 16842832
description = fehler beim generieren des aktivierungskontexts für "c:\program files
(x86)\nero\nero8\nero photosnap\photosnap.exe". Fehler in manifest- oder richtliniendatei
"" in zeile . Eine für die anwendung erforderliche komponentenversion steht in konflikt
mit einer anderen, bereits aktiven komponentenversion. In konflikt stehende komponenten:.
Komponente
1: C:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 11.07.2012 06:10:34 | computer name = kevin-pc | source = sidebyside | id = 16842832
description = fehler beim generieren des aktivierungskontexts für "c:\program files
(x86)\nero\nero8\nero photosnap\photosnapviewer.exe". Fehler in manifest- oder richtliniendatei
"" in zeile . Eine für die anwendung erforderliche komponentenversion steht in konflikt
mit einer anderen, bereits aktiven komponentenversion. In konflikt stehende komponenten:.
Komponente
1: C:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 14.07.2012 08:09:33 | computer name = kevin-pc | source = sidebyside | id = 16842832
description = fehler beim generieren des aktivierungskontexts für "c:\program files
(x86)\nero\nero8\nero toolkit\discspeed.exe". Fehler in manifest- oder richtliniendatei
"" in zeile . Eine für die anwendung erforderliche komponentenversion steht in konflikt
mit einer anderen, bereits aktiven komponentenversion. In konflikt stehende komponenten:.
Komponente
1: C:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 14.07.2012 08:09:34 | computer name = kevin-pc | source = sidebyside | id = 16842832
description = fehler beim generieren des aktivierungskontexts für "c:\program files
(x86)\nero\nero8\nero photosnap\photosnap.exe". Fehler in manifest- oder richtliniendatei
"" in zeile . Eine für die anwendung erforderliche komponentenversion steht in konflikt
mit einer anderen, bereits aktiven komponentenversion. In konflikt stehende komponenten:.
Komponente
1: C:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 14.07.2012 08:09:34 | computer name = kevin-pc | source = sidebyside | id = 16842832
description = fehler beim generieren des aktivierungskontexts für "c:\program files
(x86)\nero\nero8\nero photosnap\photosnapviewer.exe". Fehler in manifest- oder richtliniendatei
"" in zeile . Eine für die anwendung erforderliche komponentenversion steht in konflikt
mit einer anderen, bereits aktiven komponentenversion. In konflikt stehende komponenten:.
Komponente
1: C:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 17.07.2012 14:59:20 | computer name = kevin-pc | source = sidebyside | id = 16842811
description = fehler beim generieren des aktivierungskontextes für "c:\windows\syswow64\werfault.exe".
Fehler in manifest- oder richtliniendatei "c:\windows\syswow64\werfault.exe" in
zeile 0. Ungültige xml-syntax.
Error - 18.07.2012 05:34:41 | computer name = kevin-pc | source = sidebyside | id = 16842785
description = fehler beim generieren des aktivierungskontextes für "c:\program files\alwil
software\avast5\asoutext64.dll". Die abhängige assemblierung "microsoft.vc90.atl,processorarchitecture="amd64",publickeytoken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden sie für eine detaillierte diagnose das programm
"sxstrace.exe".
Error - 18.07.2012 06:24:05 | computer name = kevin-pc | source = application error | id = 1000
description = name der fehlerhaften anwendung: Kieshelper.exe, version: 1.0.0.629,
zeitstempel: 0x4fcc4e4a name des fehlerhaften moduls: Macssdk.dll, version: 3.2.2009.1028,
zeitstempel: 0x4ae81513 ausnahmecode: 0xc0000005 fehleroffset: 0x0001d22d id des fehlerhaften
prozesses: 0xaf0 startzeit der fehlerhaften anwendung: 0x01cd64cf1efc7775 pfad der
fehlerhaften anwendung: C:\program files (x86)\samsung\kies\kieshelper.exe pfad
des fehlerhaften moduls: C:\program files (x86)\samsung\kies\external\macssdk.dll
berichtskennung:
B2ffc19e-d0c2-11e1-b253-00248cb5883d
error - 18.07.2012 10:12:28 | computer name = kevin-pc | source = system restore | id = 8193
description =
error - 18.07.2012 11:44:27 | computer name = kevin-pc | source = microsoft-windows-restartmanager | id = 10006
description = die anwendung oder der dienst "tuneup utilities" konnte nicht heruntergefahren
werden.
[ system events ]
error - 18.07.2012 11:04:38 | computer name = kevin-pc | source = service control manager | id = 7001
description = der dienst "computerbrowser" ist vom dienst "server" abhängig, der
aufgrund folgenden fehlers nicht gestartet wurde: %%1068
error - 18.07.2012 11:04:38 | computer name = kevin-pc | source = service control manager | id = 7001
description = der dienst "computerbrowser" ist vom dienst "server" abhängig, der
aufgrund folgenden fehlers nicht gestartet wurde: %%1068
error - 18.07.2012 11:05:44 | computer name = kevin-pc | source = application popup | id = 1060
description = aufgrund der inkompatibilität mit diesem system wurde \??\c:\windows\syswow64\drivers\maestro1.sys
nicht geladen. Wenden sie sich an den softwarehersteller, um eine kompatible version
des treibers zu erhalten.
Error - 18.07.2012 11:06:29 | computer name = kevin-pc | source = service control manager | id = 7001
description = der dienst "heimnetzgruppen-anbieter" ist vom dienst "funktionssuchanbieter-host"
abhängig, der aufgrund folgenden fehlers nicht gestartet wurde: %%1058
error - 18.07.2012 11:13:23 | computer name = kevin-pc | source = dcom | id = 10010
description =
error - 18.07.2012 11:15:23 | computer name = kevin-pc | source = dcom | id = 10010
description =
error - 18.07.2012 11:45:41 | computer name = kevin-pc | source = application popup | id = 1060
description = aufgrund der inkompatibilität mit diesem system wurde \??\c:\windows\syswow64\drivers\maestro1.sys
nicht geladen. Wenden sie sich an den softwarehersteller, um eine kompatible version
des treibers zu erhalten.
Error - 18.07.2012 11:47:14 | computer name = kevin-pc | source = service control manager | id = 7001
description = der dienst "heimnetzgruppen-anbieter" ist vom dienst "funktionssuchanbieter-host"
abhängig, der aufgrund folgenden fehlers nicht gestartet wurde: %%1058
error - 18.07.2012 11:54:45 | computer name = kevin-pc | source = dcom | id = 10010
description =
error - 18.07.2012 12:00:45 | computer name = kevin-pc | source = dcom | id = 10010
description =
[ tuneup events ]
error - 17.07.2012 14:32:05 | computer name = kevin-pc | source = tuneup.utilitiessvc | id = 300
description =
< end of report >
--- --- --- |
