Verschlüsselungs-Trojaner: Report Auswertung etc. Hier der Report der Malwarebytes Anti-Malware Analyse:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.07.21.12
Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Jonas :: JONAS-PC7 [Administrator]
22.07.2012 01:53:20
mbam-log-2012-07-22 (01-53-20).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 197484
Laufzeit: 3 Minute(n), 33 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Und hier die Auswertung der OTL.exe: Extras.txt OTL Logfile: Code:
OTL Extras logfile created on: 22.07.2012 14:20:38 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Jonas\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 76,73% Memory free
15,99 Gb Paging File | 14,33 Gb Available in Paging File | 89,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,00 Gb Total Space | 6,10 Gb Free Space | 12,20% Space Free | Partition Type: NTFS
Drive D: | 182,88 Gb Total Space | 17,69 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive I: | 7,68 Gb Total Space | 5,90 Gb Free Space | 76,74% Space Free | Partition Type: FAT32
Computer Name: JONAS-PC7 | User Name: Jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0778A220-9267-42E3-81A6-BF285D832278}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{07929429-FD1B-4292-94D3-2831614B8171}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{083DE1E0-651F-481C-903B-6A6B7D6D83D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0FB61409-DAB3-40A9-8763-DE0404DCEB08}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{12262501-28FC-43E8-9EFA-8CCD9EFFC54F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{198AC764-B1A1-479A-8230-7D307C65D57B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{26F5703C-24BF-4928-8127-4012BB11493E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{342715FA-AD69-4B5A-8179-DEFDD56A76EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{34AB3D99-CC85-4C79-B88E-E4375CC36C3F}" = lport=139 | protocol=6 | dir=in | app=system |
"{34FDDD8E-CD5D-40CE-83AF-AA81F4C85C3F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{35770CD4-09E4-4EE5-AD9B-4759A261A9A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C8B9C06-21B2-45FC-8A2C-82F3BF53719E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42AD4DEE-A18D-4258-B35B-591B30130558}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E47E1AD-676B-49B8-8D2C-09E8B06E496C}" = rport=138 | protocol=17 | dir=out | app=system |
"{53168397-910E-40F9-9FEB-AA86477B3206}" = lport=138 | protocol=17 | dir=in | app=system |
"{5457DBE7-1270-41FD-ADBD-219D183ABADF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{602B1386-64F3-464E-8AC4-BA061086F871}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\outlook.exe |
"{61E4E717-F5A6-4DF4-8CB6-BAB8F447A266}" = rport=445 | protocol=6 | dir=out | app=system |
"{6AAD43C4-5630-4D96-91F6-B73445E38E75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A97D647-7D54-4FE2-8EC2-DC40CF65357C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{905EAE81-96F2-4743-B531-4BDA4F361D2F}" = lport=445 | protocol=6 | dir=in | app=system |
"{9060696D-9D77-415D-A3B1-C65DE2CBB162}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{923BEF2F-F122-4D5F-A79D-0CA9B602F57F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{944B691D-626D-472B-8922-EF1FEEF9531E}" = lport=58102 | protocol=6 | dir=in | name=pando media booster |
"{944BA482-E939-4C3F-8199-6F85C5315140}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{A35F73E0-463C-4848-9B3F-53F309AD0940}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A617C1C9-1C77-4B52-9901-A523FECC30C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B08F91A8-7A0A-4F4F-AF69-345AB090AFEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B76429D1-E6C8-4F34-92B6-1670014F55A0}" = lport=58102 | protocol=17 | dir=in | name=pando media booster |
"{D17B5B32-83FE-4661-8B22-A9B01E519AB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2423DA4-F7AD-4E3B-9A31-FBD128C660E4}" = rport=137 | protocol=17 | dir=out | app=system |
"{D6BA7554-3EB0-4588-BBD0-86A7209926ED}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DB0985FD-38A3-4D88-A80B-D05133ECBB0C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE39D4E5-D8A9-4FBE-A64C-2E61D99E7AC1}" = lport=58102 | protocol=17 | dir=in | name=pando media booster |
"{E216F405-5AD8-4EFE-8833-9CE22F3FEB01}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5FB77B6-0A16-4223-981D-73A8E3B05A2C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E91E014E-3C29-495D-AE0E-07711647CB62}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{ED7A9A59-56CB-49C0-AAF8-C040A7C10648}" = lport=137 | protocol=17 | dir=in | app=system |
"{F02B0934-F894-424F-B2BA-E23A818320C4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F5B2117F-039A-47CA-8536-D6F53C4855D7}" = lport=58102 | protocol=6 | dir=in | name=pando media booster |
"{FAA150DB-3598-4761-BBE1-02FFA807F65D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE05CAA0-6DB6-4109-AD2D-6F9705008C6A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0204991B-6823-45F9-8FE9-7361093F79D0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{024215B9-3C08-4287-AD89-20CD6ED168AD}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{0452842B-DAC7-47E7-BE30-3ED697D76BD1}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{061AEC4B-DB7B-4569-8CB5-DB05A8F63BDC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{0802D464-BA0A-4A9D-AB5C-314D51CFF102}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0AF3D588-CFB4-4E71-9C0C-B7708D73A4FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{0E060B63-C585-4FA5-82FE-0B9F4AF327CE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0FD3CA1D-86B1-419E-B0ED-9D2C91092F2E}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{12235048-605C-4F97-9EB8-27BA5C8960C4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{12C5373D-5EC1-4085-A53A-442C542CD0DB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{14EF0901-036E-4C7E-B58A-5FA43AB48D41}" = protocol=6 | dir=in | app=d:\cod4\iw3mp.exe |
"{17682E90-F94D-42EE-AAB7-C4F724EFB0E5}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\blur(tm)\blur.exe |
"{1F972B48-72ED-4E65-B524-A6A457831B40}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{22367B86-B444-473A-96F3-0AF4341807D3}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{2340ECE6-C79A-4C78-A1B1-11FB0D870F96}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{23EA000A-1315-4037-8584-E408FD98E606}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{25F3944A-8B3C-467E-BB30-5E94B5CE6A28}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2687543B-5998-4968-B42D-96B47472BF62}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{268AB856-1D95-4A96-9576-B5357A38A7A1}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3-beta\bf3.exe |
"{269F3503-E35D-460F-B895-EC1E530171F2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{26B8058C-05D9-4373-AA04-E4E15BD6B3F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{273D81C1-B29B-4784-B310-2AB3AAE04EF6}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{28E945AD-5E05-4508-97F7-94A7DA1BFF6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{29A1CD87-2646-4F03-B411-BC185AE8FB88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A959D68-5A0C-4D19-8FA8-88008C9D05DF}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{2DF4C5F4-9ABA-4F7D-B2F8-34C2A2DAA068}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\blur(tm)\blur.exe |
"{321882F8-6B21-4B96-95F2-1AF7A6B5C5F4}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{325D0F7B-67DC-4ED7-B34D-16E262AC2A52}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{3464AA93-EC62-4766-A591-A9EA24DFF89D}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{34E2E57F-655B-4C5B-B585-F0B6C64C1251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{35B84C6F-14E6-417B-87F2-1061F7B38162}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{39918824-65A7-46C8-8962-AA061C475FA6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{3A2DF4E2-4FB3-4CA9-BFB6-5895914ACABD}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{3AFF8CD3-3041-47EC-B0D1-3467C345EA31}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{3B4DC582-4DDF-4480-8B42-88D5AC2A34CB}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{3C13CCB8-B627-444E-8851-B6E8BEC34199}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{3C5C4770-59DE-45E2-BED4-91A4DA022C04}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{40BF81C5-B6D3-46F9-8D77-DE852FFFA547}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{44215274-0C30-4FA7-AC9C-DDCB5C3CC69D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{45E0D4BC-1560-4D20-A87D-C36AD52CCADA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{466D72B5-BC2C-454C-81EA-3BEB84EF9B76}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4B0A6053-3FA3-4BB9-A82D-3CC1757D696E}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{4E767EEE-9BD3-48D4-8B18-56444190FA63}" = protocol=17 | dir=in | app=d:\cod4\iw3mp.exe |
"{53755BCD-8159-4FE5-BB8E-483853422E41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{56440F19-7F10-433A-88D4-21909FEFDD19}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{56695A94-2C4E-4D74-AC77-2631703A38C6}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{5B29C503-8104-4ACD-8F4E-CBA2CCE03988}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{5CD15E35-1147-4E61-8D84-C10A924897CB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{5CED53D1-3742-4244-BE14-6A79043C9EF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5FC1D3F7-81D1-4C82-90FE-CDA38A6FBF61}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{659FC6E0-E61C-466F-B628-0BCA227A387B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{677B866E-49DD-447C-BD80-FA9FA74E2D82}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\jonas_cod\counter-strike source\hl2.exe |
"{67BF22ED-BB64-4709-86C4-3F64F916C017}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{694D5D13-A6CD-4F62-8096-03B3F81B4C9A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6954049C-D60B-42D4-83ED-1561BF7FDF15}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{6B411C10-3516-45EF-96B2-93713FE65443}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6B91BF47-8BC7-4761-9DC1-6AE05D72C046}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6C925A8C-F9BB-4DC8-8F8B-BC9AE134525A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6CA44643-ACD6-433E-8A49-9F79EDC6E381}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{6CD690F8-C4B4-4D8C-97E4-703CA1497E37}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{6EC514AD-0507-4841-8C66-9778B09312BB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{6F4F3E0D-AA44-43BE-9C1E-E558C2D6EC30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{700F8B34-2357-4FB7-8B8C-463505F5471C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7092DB9A-B988-457B-9328-ECC13D72B39A}" = protocol=6 | dir=out | app=system |
"{70E85C94-F963-4263-AB12-173543C8CCAA}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{7A2134E1-F129-4B35-9506-627BBD0C51D9}" = protocol=6 | dir=in | app=d:\program files\smartftp client\smartftp.exe |
"{7E223413-7021-46DD-982E-341EBC7ED286}" = protocol=6 | dir=in | app=d:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{7ECB5B0F-E29B-4662-B4EF-EB31A5FC45CC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{80A1F3AC-940E-4CBB-A046-3EB4001935BB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{83F49138-A25C-47F1-822E-407A0B48C440}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"{8467CE41-4FE2-4D02-9837-249C5B0878F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84FD337F-0054-42A0-A783-E38865F5CE12}" = dir=in | app=f:\setup\hpznui40.exe |
"{886053E1-F098-4ACB-886A-C54B66F4E9AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A727FF3-99F6-4793-AEC7-62C15011CBAF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{8EC01DFB-0952-4A37-BDAE-A585E20E5846}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{920FF4C0-EDAD-4D1E-B96B-5030B208AD72}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{92BC1CE6-5EAA-44D6-BB1E-D721E38E5875}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{93C6A68C-1405-4B28-8AAC-0F35E4FA89B8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{94DD123B-7A27-4CCC-8621-C31D36CB251D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95AAB3E1-8D04-4B21-BBB5-40DA7EDBC70D}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3-beta\bf3.exe |
"{99F889E9-12D8-4858-BD9D-44AF8A7F14EA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B699ACD-B1A4-4B73-A90D-C9DBED516FFF}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{9D1EAFC3-DE8D-4EB1-ABD5-8767E11E93DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E5DC2C8-440F-42BD-BEC9-B12C19DE9DFD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{A0BDC224-A292-4C51-B5CE-BBA5113D1D18}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A3C909B3-9E7B-4BB6-AD72-356E5695108F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A8456AC1-A4B7-4802-84B3-A5DA1DAC8C67}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{A8C33CE5-E334-46C7-8833-3AA39A384F4F}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{AA788815-1B5E-48F4-BFE1-C2193DD376DD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AD19D6CE-943A-4896-A2AA-96CD1B3E31D3}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B361934E-03A5-42C0-8D47-440D211CF90E}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{B921AF7B-E54E-4A8F-B1C9-A542300C0F85}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BA25A374-A709-4627-BA34-6A5CF53CDC7D}" = protocol=17 | dir=in | app=g:\games\cod4\iw3mp.exe |
"{BF7D7CC0-122E-4204-8F80-975CC3916191}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
"{C300B19D-8507-48DB-8E8C-2A806C804063}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{C6696229-A6F4-4C78-952B-406F5412A8C4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C7863B20-3D43-4E47-AD0C-EDBB7D2405F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB9199DF-741B-4EE2-AE34-528924F046FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CDE63146-C174-44AE-9C42-780407D45D32}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\addonweb.exe |
"{CF5981D7-E87C-4E41-A99F-4050456891D7}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{CF812408-1918-4FDE-957C-3B8AB9F7CDD1}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\jonas_cod\counter-strike source\hl2.exe |
"{D2D4ACB3-BB3A-4320-9A50-B924416485FA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D35084D8-B45E-4DAB-A60B-35C446D43D74}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{D39C9601-C2C6-4047-8C42-FB85D7510DB7}" = dir=out | app=%programfiles% (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D73A5401-3E56-488D-8794-E4D0522478E6}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D7ACC4CC-09F7-480B-AC9E-17FE01BA85AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{D901F746-201B-4452-AAFE-8E421BA10472}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DACF1FF3-21B6-40B5-8187-63F7BDA27058}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DB7FF14C-4DAA-4C62-B03F-A91E675EDBFF}" = protocol=17 | dir=in | app=d:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{DC485A1D-354A-4185-8A97-87F2980D6082}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DE984262-CECC-4660-84AD-730EC8DFB179}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E0AE24F1-7B63-4DD4-BB24-3FC2C93D0B9C}" = protocol=6 | dir=in | app=g:\games\cod4\iw3mp.exe |
"{E6D3ED23-0FE8-4F5B-81DE-05EDAD0621A4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E8B0F193-DE16-4495-8C4E-5C9D343A5CE3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EB84C7F4-BE01-4982-B444-D52115A9DD4F}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{EE2AABAE-9825-40A1-8FB3-C500D18EE31C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{F0962045-AAC5-434F-9FAF-7D1A41A4EADF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F417A656-430D-4438-80F4-3F8FC027E9E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F69D993C-E5C4-4D8A-9646-001D2C7289EE}" = protocol=17 | dir=in | app=d:\program files\smartftp client\smartftp.exe |
"{F70ADE99-7078-4A6D-8AFA-21F5F6B4210A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FB1D64A8-B5D6-4DED-86A4-AEB4E7690183}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{FB331DBB-FDA7-4219-86E9-32A9E951B367}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{FDFFE8FD-4AC1-4F02-8698-071ED3C652EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FE4B1B74-0E8A-4B3C-A81E-E7E16E748135}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\related designs\anno 1404\addon.exe |
"TCP Query User{10EAA8B0-E7D7-4F8C-B2C3-3334C3EB36EC}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{118A3D8F-2AD0-4F5B-BCAC-B1F435DB4A48}D:\jbuilder2008r2\jbuilder.exe" = protocol=6 | dir=in | app=d:\jbuilder2008r2\jbuilder.exe |
"TCP Query User{124B4187-AC36-4AAF-BA4A-F909103F45CB}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"TCP Query User{15C5D7C9-3BCA-4860-97CA-17AF5D88B467}D:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe" = protocol=6 | dir=in | app=d:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe |
"TCP Query User{1FEAB102-ED5E-4E48-85F6-8C0CBA91AAD1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{297B5BAD-08D7-411D-95C0-74F8FA9C202D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{418139F1-217A-4EB6-9111-A592809F15C7}D:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\_uplauncher.exe |
"TCP Query User{4A4562A2-29E1-487A-8A69-E19C8A5565AB}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{60CF8904-6C5C-41B6-9668-7172FC94EFAA}D:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{61696414-076C-424B-B52A-5ED7C62097B3}D:\cod4\iw3mp.exe" = protocol=6 | dir=in | app=d:\cod4\iw3mp.exe |
"TCP Query User{7BD60ACA-1BD8-4589-A99B-C89DBF767D75}D:\company of heroes\bugreport\bugreport.exe" = protocol=6 | dir=in | app=d:\company of heroes\bugreport\bugreport.exe |
"TCP Query User{924BAB5C-0E9C-4BC7-84B0-F0B8AF4A5939}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{9C12EEF4-7208-4C31-9CB6-896DE1325235}D:\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=d:\company of heroes\reliccoh.exe |
"TCP Query User{B4189CC9-5C6D-46D4-A504-64C0522500D6}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{B47B029E-E0A8-44E8-9DC4-00A3B7B87284}D:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\uplauncher.exe |
"TCP Query User{BD45E18C-21C9-4E7E-B57D-AA914A234811}D:\css\hl2.exe" = protocol=6 | dir=in | app=d:\css\hl2.exe |
"TCP Query User{BFC9CDDA-E872-42F3-AE4A-16527DA87CD3}I:\games\cod4\iw3mp.exe" = protocol=6 | dir=in | app=i:\games\cod4\iw3mp.exe |
"TCP Query User{C25CCB40-1226-46EF-9ADE-64A272D7BBE7}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{C4229285-C3E9-41EA-8CDB-828953E9B4E5}D:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=d:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{CBD41494-84D6-4953-8326-69CE8D76CEFB}D:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"TCP Query User{E8AD816F-D6FC-46C3-8692-02490F62457A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{E9F185BE-1C5D-4D4E-8E7F-E4FB4D0FE250}D:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{EBB85E7B-4663-4A09-872D-0FF073D69FC4}D:\program files (x86)\bethesda softworks\brink\brink.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bethesda softworks\brink\brink.exe |
"TCP Query User{FD6AC6E8-319E-4ADA-8297-8B38A9F284EE}D:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\atari\tdu2\testdrive2.exe |
"UDP Query User{01AAAFAD-C9B6-489C-9FC1-2940D382275A}D:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe |
"UDP Query User{02066D05-076E-4CC2-BD24-35947715F210}D:\jbuilder2008r2\jbuilder.exe" = protocol=17 | dir=in | app=d:\jbuilder2008r2\jbuilder.exe |
"UDP Query User{03452B34-B2F5-4D0F-B5E7-968F01F19553}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1077684F-F858-4413-831F-51269FAFFB1B}D:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{24EFAAEA-3D05-4412-9569-563B8A535DFA}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{265EF917-6B0B-478B-A701-CB32077DAC09}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{3BC5829A-6E11-4813-A14C-83709DFCECD6}I:\games\cod4\iw3mp.exe" = protocol=17 | dir=in | app=i:\games\cod4\iw3mp.exe |
"UDP Query User{3DF04ADA-F6CB-4300-B76E-F8F7F0EDAA2D}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{5615DFDA-E93F-4EFC-AB7B-46CD2D408916}D:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{58E72E8E-7576-4862-A2E8-0AA97582C84E}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{775D877E-DE7B-4D35-BF93-1E90F9652EA4}D:\cod4\iw3mp.exe" = protocol=17 | dir=in | app=d:\cod4\iw3mp.exe |
"UDP Query User{830F3C12-7A1D-43E4-A6FE-BCD6BEA15D36}D:\program files (x86)\atari\tdu2\_uplauncher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\_uplauncher.exe |
"UDP Query User{883CC426-4A4F-429C-8FA4-1C9753F8C9D7}D:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{8C178BF4-6D8F-41BE-9438-0570AF2F5B42}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8FA35AFF-EBAE-41E2-B5D5-53AD744F8685}D:\program files (x86)\bethesda softworks\brink\brink.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bethesda softworks\brink\brink.exe |
"UDP Query User{902C5AEB-D5DB-466B-9D5C-C1D5746593A0}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{B24D0B67-AE7E-47F2-91E9-72233DEFABC2}D:\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=d:\company of heroes\reliccoh.exe |
"UDP Query User{B8683E76-981C-417A-9BE7-2BCE0D6CE2B2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{CADD0472-E153-413C-A303-986E8797334F}D:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe" = protocol=17 | dir=in | app=d:\program files (x86)\aspyr\guitar hero world tour\ghwt.exe |
"UDP Query User{CF88CDB2-F63D-4CB8-9ED4-D3C9EB3141FE}D:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\testdrive2.exe |
"UDP Query User{DE66230F-CA15-4732-AA76-000A8FE7F91D}D:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=d:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{EC634C64-508D-4839-B04F-E0B2F5F397C9}D:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\atari\tdu2\uplauncher.exe |
"UDP Query User{F9EDD04C-59CE-4C2D-9028-EB79D3A41DEA}D:\css\hl2.exe" = protocol=17 | dir=in | app=d:\css\hl2.exe |
"UDP Query User{FF73B8F3-09D1-4AC4-9BA2-94F7F9598C12}D:\company of heroes\bugreport\bugreport.exe" = protocol=17 | dir=in | app=d:\company of heroes\bugreport\bugreport.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13815D81-44B6-7ADA-2A41-FFFC64DD6FAB}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{49B6223C-8206-407A-B64F-CCFF83435ECF}" = SmartFTP Client
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7B8F9BF0-A1D5-11E0-B4E5-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{7C5CAFD6-F51C-0011-410B-001EF3E342A7}" = AMD Media Foundation Decoders
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{7F801000-A1D5-11E0-9092-0013D3D69929}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9005CF63-F082-65AD-7431-7EBF31642279}" = AMD Fuel
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.03
"{90CB2C55-426D-0752-968D-9B0F1110202A}" = AMD Catalyst Install Manager
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"sp6" = Logitech SetPoint 6.20
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0A590981-75A9-B968-4A29-718E5A8E1416}" = CCC Help Dutch
"{0E6B8EA7-4FDF-F730-8F28-05720874BE71}" = CCC Help Chinese Traditional
"{1003E625-BE5B-390B-7B60-D483D0B75A26}" = CCC Help Russian
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1690611F-D4EA-A00D-DAAD-91D216869679}" = CCC Help Polish
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26EED5E6-EC40-35A9-602A-C3CF03A9C1E6}" = CCC Help Portuguese
"{2C33E65D-9187-8F2E-40D8-BD9E24E341FB}" = CCC Help Italian
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{32A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{36B6FF8B-38E3-E64C-F840-75F6AAEBE3EA}" = Catalyst Control Center Graphics Previews Common
"{38F6C932-2274-4897-479D-03AA6BA5B567}" = CCC Help Turkish
"{3AB00888-CA03-0BFD-3F3C-C877767192B0}" = CCC Help Swedish
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3ACA2563-E786-BDD4-C87B-09909BB3F61C}" = CCC Help Thai
"{3BC2C64B-0DA0-974B-6311-AED4F3711DCE}" = CCC Help Danish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BAC4DE5-4062-EE34-3337-5F92FE5D5032}" = CCC Help Spanish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{77033683-0816-4D7D-8BF1-3949B4E9823D}" = Battlefield 3™
"{7ADCABE0-E651-6EA5-5128-26E203DAA5E1}" = CCC Help Korean
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F80DAA3-8A1D-09E9-57E6-DB0223CF2CE4}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AFC71277-DE19-6505-8CBC-71D29163F44A}" = CCC Help German
"{B3406262-5701-E9CC-D6B3-BA38C34125A9}" = CCC Help English
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5B6078F-5D37-A122-2E6E-EDC623E8C787}" = CCC Help Czech
"{C7068E1F-22C6-9408-7B24-584F32F66D70}" = CCC Help Finnish
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C87B855D-DD8F-E419-C640-34936E813EA9}" = CCC Help Greek
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC2BAF9A-926F-791D-772C-F582CD8A47B0}" = Catalyst Control Center InstallProxy
"{CE1CA06F-0AD8-CA2A-3A3A-872E8191C198}" = CCC Help Norwegian
"{CECECCED-B7F3-B1A3-3241-0C5D775F8E70}" = CCC Help Chinese Standard
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D3CEF909-78DC-9D3D-37BD-52F5324C01DA}" = CCC Help Hungarian
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1EA61A2-B88F-44AD-3143-419ECB6C7E9A}" = CCC Help Japanese
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6567C5A-C3EA-2E05-E89E-C8C52E33150D}" = AMD VISION Engine Control Center
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FE54AF33-9364-7053-670F-A15AD658214C}" = Catalyst Control Center Localization All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA 2" = ArmA 2 Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye" = BattlEye Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.12.804
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.21.504
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Opera 12.00.1467" = Opera 12.00
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12900" = Audiosurf
"Steam App 240" = Counter-Strike: Source
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TIPP10_is1" = TIPP10 Version 2.1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.1
"WinGimp-2.0_is1" = GIMP 2.6.10
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.07.2012 14:17:51 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2034 Startzeit:
01cd61231a3f332c Endzeit: 97 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 13.07.2012 14:26:23 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 20a0 Startzeit:
01cd6124c4d350cb Endzeit: 61 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 14.07.2012 13:38:37 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x950 Startzeit der fehlerhaften Anwendung: 0x01cd61e70028e69e Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
bda8c7fd-cdda-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 13:41:54 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x27a8 Startzeit der fehlerhaften Anwendung: 0x01cd61e783efb5a7 Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
3314c217-cddb-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:42:10 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: bc4 Startzeit:
01cd61f89ee89a4d Endzeit: 3 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID: fe29e3b8-cdeb-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:42:41 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12cc Startzeit:
01cd61f85151dd48 Endzeit: 85 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID:
Error - 14.07.2012 15:56:14 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0x2644 Startzeit der fehlerhaften Anwendung: 0x01cd61fa34242d2b Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
f72ee670-cded-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 15:56:33 | Computer Name = Jonas-PC7 | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.61.94.876 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1de8 Startzeit:
01cd61fab97ddf06 Endzeit: 3 Anwendungspfad: D:\Program Files\Bohemia Interactive\ArmA
2\Expansion\beta\arma2oa.exe Berichts-ID: 00b9aab6-cdee-11e1-98cf-1c6f65878b7b
Error - 14.07.2012 16:00:08 | Computer Name = Jonas-PC7 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Name des fehlerhaften Moduls: arma2oa.exe, Version: 1.61.94.876,
Zeitstempel: 0x4ffef77f Ausnahmecode: 0xc0000005 Fehleroffset: 0x002a1b63 ID des fehlerhaften
Prozesses: 0xbd8 Startzeit der fehlerhaften Anwendung: 0x01cd61fabb51464e Pfad der
fehlerhaften Anwendung: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Pfad
des fehlerhaften Moduls: D:\Program Files\Bohemia Interactive\ArmA 2\Expansion\beta\arma2oa.exe
Berichtskennung:
82b1ae53-cdee-11e1-98cf-1c6f65878b7b
Error - 21.07.2012 20:06:34 | Computer Name = Jonas-PC7 | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
nicht initialisiert werden. Details: Could not query the status of the EventSystem
service. System Error: Der Computer wird heruntergefahren. .
[ System Events ]
Error - 22.07.2012 08:17:52 | Computer Name = Jonas-PC7 | Source = DCOM | ID = 10005
Description =
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:18:05 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 22.07.2012 08:22:09 | Computer Name = Jonas-PC7 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report > --- --- --- OTL.txt OTL Logfile: Code:
OTL logfile created on: 22.07.2012 14:20:38 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Jonas\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 76,73% Memory free
15,99 Gb Paging File | 14,33 Gb Available in Paging File | 89,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,00 Gb Total Space | 6,10 Gb Free Space | 12,20% Space Free | Partition Type: NTFS
Drive D: | 182,88 Gb Total Space | 17,69 Gb Free Space | 9,67% Space Free | Partition Type: NTFS
Drive I: | 7,68 Gb Total Space | 5,90 Gb Free Space | 76,74% Space Free | Partition Type: FAT32
Computer Name: JONAS-PC7 | User Name: Jonas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.22 14:18:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe
PRC - [2012.06.16 12:51:55 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.06.16 12:51:55 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.12 13:00:29 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.03.09 07:10:20 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.03.09 01:10:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.12 13:00:29 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.09 16:33:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 16:33:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.02.15 19:51:43 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.09 19:06:13 | 002,983,808 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Users\Jonas\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.08.04 14:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [On_Demand | Stopped] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.03.15 19:08:44 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.01.03 15:21:00 | 000,129,440 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.09 16:33:25 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 16:33:25 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.03.09 05:58:02 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:64bit: - [2012.02.24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012.02.24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011.12.05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.10.27 03:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011.10.27 03:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011.10.27 03:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011.10.27 03:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.10.27 03:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.10.27 03:25:42 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011.10.27 03:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.10.27 03:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.05 16:43:04 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.08.05 16:43:03 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.19 04:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 04:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.08.24 19:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.02.25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.08.09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2012.01.03 23:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://dayzmap.info/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{283171FA-B633-4320-9A79-DEBF83FD9533}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=FA00FEE5-42A6-4C5D-97AA-05C0EB1ECD70&apn_sauid=5C28E5D0-AEB5-4293-A8E9-044AFA4871F5
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.27 17:04:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.20 13:42:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.27 17:04:59 | 000,000,000 | ---D | M]
[2011.02.20 19:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions
[2011.01.10 18:48:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.06.27 16:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions
[2011.02.20 19:09:31 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011.03.25 23:25:36 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jonas\AppData\Roaming\mozilla\Firefox\Profiles\j8ylclkc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.07.29 22:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\j8ylclkc.default\searchplugins\askcom.xml
[2010.12.13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [X3DAudio1_6] C:\Users\Jonas\AppData\Local\Microsoft\Windows\2305\X3DAudio1_6.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [KiesHelper] D:\Program Files (x86)\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.1 217.0.43.193
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85F4B72D-3340-4299-9861-8B9793C4FD93}: DhcpNameServer = 217.0.43.1 217.0.43.193
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.22 14:18:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe
[2012.07.22 01:52:26 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\Malwarebytes
[2012.07.22 01:52:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.22 01:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 01:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 01:51:19 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jonas\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.22 00:48:12 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\hellomoto
[2012.07.08 20:03:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\Klaypex
[2012.07.08 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\Janik
[2012.07.08 16:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.08 16:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.07.05 19:26:14 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\SIX_Projects
[2012.07.05 19:15:30 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\ArmA 2
[2012.07.05 19:11:24 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Local\ArmA 2 OA
[2012.07.05 19:11:24 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Documents\ArmA 2
[2012.07.05 18:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\six-updater
[2012.07.05 18:57:15 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\six-zsync
[2012.07.05 18:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012.06.28 09:50:14 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\(Soundtrack) VA - Project X OST - 2012, MP3, 320 kbps [mikkisays.net]
[2012.06.26 21:22:51 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\FileZilla
[2012.06.26 21:13:57 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\SmartFTP
[2012.06.26 21:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartFTP Client
[2012.06.26 19:34:16 | 000,000,000 | ---D | C] -- C:\Users\Jonas\AppData\Roaming\fofix
[2012.06.26 19:33:57 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\fofix-4.0.0alpha1
[2012.06.25 16:18:15 | 000,000,000 | ---D | C] -- C:\Users\Jonas\Desktop\VBT 2011
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.22 14:18:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jonas\Desktop\OTL.exe
[2012.07.22 14:18:15 | 000,000,000 | ---- | M] () -- C:\Users\Jonas\defogger_reenable
[2012.07.22 14:17:53 | 000,050,477 | ---- | M] () -- C:\Users\Jonas\Desktop\Defogger.exe
[2012.07.22 12:56:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.22 12:56:24 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 12:54:33 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.22 01:52:17 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 01:51:43 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jonas\Desktop\mbam-setup-1.62.0.1300.exe
[2012.07.22 00:25:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.22 00:14:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.21 11:49:14 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.21 11:49:14 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.21 11:49:14 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.21 11:49:14 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.21 11:49:14 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.19 14:32:32 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.19 14:32:32 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.18 14:07:05 | 008,018,065 | ---- | M] () -- C:\Users\Jonas\Desktop\feuer.mp3
[2012.07.15 20:16:29 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.07.15 20:16:29 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.15 20:16:02 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.07.12 03:23:14 | 000,422,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.11 19:13:34 | 000,000,973 | ---- | M] () -- C:\Users\Jonas\Desktop\Miike Snow - Discography - 2009-2012 - Verknüpfung.lnk
[2012.07.10 20:46:56 | 000,980,719 | ---- | M] () -- C:\Users\Public\Documents\Scannen0001.pdf
[2012.07.10 20:01:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\HP_192.168.1.20_CN9BIBK30P05H5
[2012.07.08 15:15:32 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012.07.08 15:15:32 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.01 23:21:06 | 000,020,244 | ---- | M] () -- C:\Users\Jonas\.recently-used.xbel
[2012.07.01 14:25:34 | 006,149,955 | ---- | M] () -- C:\Users\Jonas\Desktop\Yeah Yeah Yeahs - Heads Will Roll (Dirrrtydisko Remix).mp3
[2012.06.30 14:02:12 | 009,224,217 | ---- | M] () -- C:\Users\Jonas\Desktop\The White Stripes - Seven nation army.mp3
[2012.06.30 13:56:11 | 000,030,348 | ---- | M] () -- C:\Users\Jonas\Desktop\white_stripes_seven_nation_army.gp5
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.22 14:18:15 | 000,000,000 | ---- | C] () -- C:\Users\Jonas\defogger_reenable
[2012.07.22 14:17:53 | 000,050,477 | ---- | C] () -- C:\Users\Jonas\Desktop\Defogger.exe
[2012.07.22 01:52:17 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.18 14:06:13 | 008,018,065 | ---- | C] () -- C:\Users\Jonas\Desktop\feuer.mp3
[2012.07.11 19:13:34 | 000,000,973 | ---- | C] () -- C:\Users\Jonas\Desktop\Miike Snow - Discography - 2009-2012 - Verknüpfung.lnk
[2012.07.10 20:50:07 | 000,980,719 | ---- | C] () -- C:\Users\Public\Documents\Scannen0001.pdf
[2012.07.10 20:01:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\HP_192.168.1.20_CN9BIBK30P05H5
[2012.07.05 18:56:07 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012.07.05 18:56:07 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012.07.01 23:21:06 | 000,020,244 | ---- | C] () -- C:\Users\Jonas\.recently-used.xbel
[2012.07.01 14:25:16 | 006,149,955 | ---- | C] () -- C:\Users\Jonas\Desktop\Yeah Yeah Yeahs - Heads Will Roll (Dirrrtydisko Remix).mp3
[2012.06.30 14:01:37 | 009,224,217 | ---- | C] () -- C:\Users\Jonas\Desktop\The White Stripes - Seven nation army.mp3
[2012.06.30 13:56:11 | 000,030,348 | ---- | C] () -- C:\Users\Jonas\Desktop\white_stripes_seven_nation_army.gp5
[2012.04.01 14:21:39 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.28 20:32:12 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 17:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.11.29 17:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.11.29 17:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.11.29 17:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.06.24 18:42:53 | 000,000,412 | ---- | C] () -- C:\Users\Jonas\AppData\Roaming\All CPU Meter_Settings.ini
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.16 17:03:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.17 21:14:04 | 000,007,605 | ---- | C] () -- C:\Users\Jonas\AppData\Local\Resmon.ResmonCfg
[2011.02.05 18:24:03 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011.01.27 16:58:47 | 000,225,745 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011.01.10 20:14:20 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.01.10 20:14:18 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.01.10 20:14:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.01.10 17:48:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== LOP Check ==========
[2011.02.05 18:23:32 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Degener
[2012.05.06 18:15:33 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\DVDVideoSoft
[2011.05.02 16:36:54 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.26 21:28:57 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\FileZilla
[2011.02.20 19:11:53 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\FireShot
[2012.06.26 19:54:38 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\fofix
[2012.01.26 20:42:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\GetRightToGo
[2012.07.01 23:21:06 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\gtk-2.0
[2012.05.20 13:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Guitar Pro 6
[2012.07.22 00:48:19 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\hellomoto
[2011.12.02 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\ICQ
[2011.01.10 19:14:21 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Leadertech
[2012.05.22 13:52:32 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\LolClient
[2012.06.12 12:46:15 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\LolClient2
[2011.01.14 21:07:21 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Notepad++
[2011.01.10 18:18:16 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Opera
[2011.10.30 19:23:25 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Origin
[2011.10.08 19:09:34 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Publish Providers
[2011.12.19 16:33:38 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\PunkBuster
[2012.01.01 23:04:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Samsung
[2012.07.05 19:29:48 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\six-updater
[2012.07.05 18:57:15 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\six-zsync
[2011.10.07 12:37:02 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Sony
[2011.11.13 14:50:26 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Sony Creative Software Inc
[2011.01.27 18:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Subversion
[2012.07.10 19:50:50 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\TeamViewer
[2012.04.13 18:03:39 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Temp
[2011.01.10 18:48:18 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Thunderbird
[2012.07.06 22:14:16 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\TS3Client
[2011.12.18 17:36:02 | 000,000,000 | ---D | M] -- C:\Users\Jonas\AppData\Roaming\Ubisoft
[2012.06.04 15:50:52 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
Bitte um hilfe
Mfg Jonas |