McAfee: Problem/Bedrohung entdeckt - JV/Blacole-FHD!C30FC45FA202(Trojaner).
Hallo! Meine Freundin hat mir gesagt das sie vor 3 Tagen eine Virusmeldung bekommen hat und danach vor lauter Panik einfach den PC ausgeschaltet hat.
Habe jetzt nach gesehen und McAfee zeigt mir diese Meldung -Problem/Bedrohung entdeckt - JV/Blacole-FHD!C30FC45FA202(Trojaner).
Weiss jetzt nicht ob McAfee das Problem selbst gelöst hat oder ob das Teil noch auf dem PC ist oder was das überhaupt ist. McAfee zeigt nach vollständigen Scan an das nichts gefunden wurde und der Pc sicher ist.
Währe euch sehr dankbar wenn ihr mir helfen könntet.
OTL.txt Code:
OTL logfile created on: 03.04.2013 08:31:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 43,72% Memory free
8,00 Gb Paging File | 5,65 Gb Available in Paging File | 70,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139,62 Gb Total Space | 71,31 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 1256,55 Gb Total Space | 805,22 Gb Free Space | 64,08% Space Free | Partition Type: NTFS
Drive E: | 1,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ROBERT-PC | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Robert\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (Microsoft)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
PRC - C:\Windows\SysWOW64\schtasks.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
========== Services (SafeList) ==========
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (mfecore) -- C:\Programme\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (McPvDrv) -- C:\Windows\SysNative\drivers\McPvDrv.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (MOBKFilter) -- C:\Windows\SysNative\drivers\MOBK.sys (Mozy, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (athrusb) -- C:\Windows\SysNative\drivers\athrxusb.sys (Atheros Communications, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119370&tt=190313_wctrl&babsrc=HP_ss&mntrId=6C48F46D04D3E78A
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119370&tt=190313_wctrl&babsrc=HP_ss&mntrId=6C48F46D04D3E78A
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 B9 34 A1 5C 6C CD 01 [binary data]
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&tt=190313_wctrl&babsrc=SP_ss&mntrId=6C48F46D04D3E78A
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\..\SearchScopes\{E3F2C49D-5DF1-47D2-9DAB-F3963678CD1F}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=119370&tt=190313_wctrl&babsrc=HP_ss&mntrId=6C48F46D04D3E78A"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7BD19CA586-DD6C-4a0a-96F8-14644F340D60%7D:15.1.0
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:5.6
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.05 21:00:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.03.31 18:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.04.01 00:54:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 11:33:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 11:33:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.02.18 00:12:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013.04.03 07:39:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 11:33:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 11:33:10 | 000,000,000 | ---D | M]
[2012.03.30 12:51:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Extensions
[2013.04.03 07:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions
[2012.08.21 20:23:23 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2012.10.24 06:47:53 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2013.03.02 06:32:26 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013.02.01 19:49:36 | 000,000,000 | ---D | M] (FT GraphiteGlow) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
[2013.04.03 07:26:38 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.02.04 20:17:45 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\djziggy@gmail.com
[2013.04.03 07:38:46 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\ffxtlbr@delta.com
[2013.02.04 20:17:46 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\info@djzig.com
[2013.04.03 07:38:35 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\plugin@yontoo.com
[2013.02.04 20:17:47 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Robert\AppData\Roaming\mozilla\Firefox\Profiles\2jtjlwv2.default\extensions\zigboom@ymail.com
[2013.03.28 18:45:27 | 002,358,379 | ---- | M] () (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\firefox\profiles\2jtjlwv2.default\extensions\nasanightlaunch@example.com.xpi
[2012.12.12 18:53:13 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\firefox\profiles\2jtjlwv2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.08.25 17:37:46 | 002,966,066 | ---- | M] () (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\firefox\profiles\2jtjlwv2.default\extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
[2013.02.15 09:37:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Robert\AppData\Roaming\mozilla\firefox\profiles\2jtjlwv2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.03 07:38:50 | 000,001,294 | ---- | M] () -- C:\Users\Robert\AppData\Roaming\mozilla\firefox\profiles\2jtjlwv2.default\searchplugins\delta.xml
[2013.03.08 11:33:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.01 00:54:20 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.06.05 21:00:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.03.08 11:33:16 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.23 12:25:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.03 07:38:36 | 000,006,510 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.08.31 13:14:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.23 12:25:51 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.23 12:25:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.12 09:31:36 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.06.23 12:25:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.23 12:25:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSnc.20130401003435.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSnc.20130401003435.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] D:\Programme (x86)\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001..\Run: [KiesHelper] D:\Programme (x86)\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001..\Run: [KiesPDLR] D:\Programme (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001..\Run: [Xvid] D:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1001..\Run: [Yontoo Desktop] C:\Users\Robert\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1178455106-1141279657-3676902627-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4946118-9FEE-474E-9D66-B670CE14CFA5}: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFE9F723-6B5F-42CC-8E99-83488DCAD347}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.19 08:56:08 | 008,382,272 | R--- | M] (Electronic Arts, Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2013.02.01 01:51:38 | 000,000,000 | R--D | M] - E:\Autorun -- [ UDF ]
O32 - AutoRun File - [2013.01.19 08:59:08 | 000,163,254 | R--- | M] () - E:\Autorun.ico -- [ UDF ]
O32 - AutoRun File - [2013.02.01 01:51:34 | 000,000,096 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{15abddaa-7a54-11e1-9cfb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{15abddaa-7a54-11e1-9cfb-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2013.01.19 08:56:08 | 008,382,272 | R--- | M] (Electronic Arts, Inc.)
O33 - MountPoints2\{2bc4c7b7-b1a8-11e1-874b-f46d04d3e78a}\Shell - "" = AutoRun
O33 - MountPoints2\{2bc4c7b7-b1a8-11e1-874b-f46d04d3e78a}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{9781152f-fde9-11e1-81cf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9781152f-fde9-11e1-81cf-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2013.01.19 08:56:08 | 008,382,272 | R--- | M] (Electronic Arts, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.03 07:39:02 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.04.03 07:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.04.03 07:38:52 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\BabSolution
[2013.04.03 07:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.04.03 07:38:32 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Yontoo
[2013.04.03 07:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2013.04.03 07:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.04.03 07:38:23 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\Babylon
[2013.04.03 07:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.04.03 07:26:51 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Roaming\QuickScan
[2013.04.01 00:59:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.03.29 00:48:40 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\Rockstar Games
[2013.03.29 00:45:01 | 000,000,000 | ---D | C] -- C:\Users\Robert\AppData\Local\Rockstar Games
[2013.03.23 14:51:52 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\F1 2012 Save
[2013.03.22 01:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 3
[2013.03.20 11:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.03.20 11:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.03.20 11:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.20 00:36:02 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\MOHW
[2013.03.20 00:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™ Warfighter
[2013.03.18 11:19:16 | 000,000,000 | ---D | C] -- C:\Users\Robert\Desktop\F1 2012 - Setups
[2013.03.08 11:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.07 17:30:25 | 000,000,000 | ---D | C] -- C:\Users\Robert\Documents\SimCity
[2013.03.07 17:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
[2013.03.05 16:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.03 08:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.03 07:24:09 | 000,863,693 | ---- | M] () -- C:\Users\Robert\AppData\Local\census.cache
[2013.04.03 07:23:31 | 000,123,922 | ---- | M] () -- C:\Users\Robert\AppData\Local\ars.cache
[2013.04.03 07:10:30 | 000,000,036 | ---- | M] () -- C:\Users\Robert\AppData\Local\housecall.guid.cache
[2013.04.02 20:24:09 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2013.04.02 19:57:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.02 16:13:40 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 16:13:40 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 16:11:37 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.02 16:11:37 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.02 16:11:37 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.02 16:11:37 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.02 16:11:37 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.02 16:06:01 | 3220,615,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.30 05:10:58 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.30 05:10:58 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.30 05:10:35 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.28 22:37:27 | 000,000,221 | ---- | M] () -- C:\Users\Robert\Desktop\Grand Theft Auto Episodes from Liberty City.url
[2013.03.22 01:29:20 | 000,000,688 | ---- | M] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2013.03.20 00:35:09 | 000,000,731 | ---- | M] () -- C:\Users\Public\Desktop\Medal of Honor™ Warfighter.lnk
[2013.03.20 00:34:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.15 13:45:24 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.15 13:45:24 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.07 17:29:21 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.03 07:24:09 | 000,863,693 | ---- | C] () -- C:\Users\Robert\AppData\Local\census.cache
[2013.04.03 07:23:31 | 000,123,922 | ---- | C] () -- C:\Users\Robert\AppData\Local\ars.cache
[2013.04.03 07:10:30 | 000,000,036 | ---- | C] () -- C:\Users\Robert\AppData\Local\housecall.guid.cache
[2013.03.28 22:37:27 | 000,000,221 | ---- | C] () -- C:\Users\Robert\Desktop\Grand Theft Auto Episodes from Liberty City.url
[2013.03.22 01:29:20 | 000,000,688 | ---- | C] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2013.03.20 11:46:08 | 003,035,306 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.20 00:35:09 | 000,000,731 | ---- | C] () -- C:\Users\Public\Desktop\Medal of Honor™ Warfighter.lnk
[2013.03.15 13:45:24 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.15 13:45:24 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.07 17:28:19 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2012.08.03 18:24:40 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.06.08 23:56:20 | 000,015,872 | ---- | C] () -- C:\Windows\SysWow64\InsDrvZD64.DLL
[2012.06.05 20:53:16 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.06.05 20:53:16 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.04.30 16:30:41 | 000,023,388 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.04.30 02:06:13 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012.04.30 02:06:13 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.04.30 02:06:11 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.04.30 02:06:11 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012.04.30 02:05:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.04.25 17:19:54 | 000,078,085 | ---- | C] () -- C:\Windows\SysWow64\pattern.dat
[2012.04.25 17:19:49 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\fxstudio.dll
[2012.04.25 17:19:43 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\animation2.dll
[2012.04.17 19:02:05 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.30 16:34:54 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.30 16:34:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.28 22:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.03.28 22:11:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.03.28 22:11:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.03.28 22:11:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.03.28 22:11:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.06.01 21:04:17 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\2K Sports
[2012.08.30 03:30:31 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\AC3Filter
[2013.04.03 07:38:52 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\BabSolution
[2013.04.03 07:38:23 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Babylon
[2012.10.04 04:08:39 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoft
[2012.10.04 04:08:35 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.17 18:20:53 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\GOG.com
[2012.07.16 15:53:19 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Kalypso Media
[2012.11.16 20:49:35 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Origin
[2012.09.18 05:57:44 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\PunkBuster
[2013.04.03 07:27:38 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\QuickScan
[2012.04.24 22:37:13 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Samsung
[2012.06.20 17:16:08 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\SPORE
[2012.05.04 15:17:33 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Temp
[2012.12.24 02:10:20 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tropico 4
[2012.07.15 17:40:57 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Tropico 4 Demo
[2012.12.06 00:53:44 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Unity
[2013.04.03 07:38:51 | 000,000,000 | ---D | M] -- C:\Users\Robert\AppData\Roaming\Yontoo
========== Purity Check ==========
< End of report >
EXTRA.txt Code:
OTL Extras logfile created on: 03.04.2013 08:31:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 43,72% Memory free
8,00 Gb Paging File | 5,65 Gb Available in Paging File | 70,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139,62 Gb Total Space | 71,31 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 1256,55 Gb Total Space | 805,22 Gb Free Space | 64,08% Space Free | Partition Type: NTFS
Drive E: | 1,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: ROBERT-PC | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0297B325-55AC-4929-94F2-565D01016AC6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0AB36200-44C2-4649-BDC0-55FE778D43D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19179ABB-2C95-46FF-8B63-FA44907E2169}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19CC9130-4B7F-4E36-BE34-A191553F3015}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A6BEA69-4D2D-4F75-9817-8A78D43DEADF}" = lport=137 | protocol=17 | dir=in | app=system |
"{430A2FAC-4C91-4942-9D4F-09D7F6B8C4DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48A13AEB-9E90-49D0-B1D0-1524BDA5A2F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B4307BE-7F29-4698-9B1F-8F529A90BE1D}" = rport=139 | protocol=6 | dir=out | app=system |
"{57C8F43D-4C0E-4E80-9A5A-937BD0871192}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5993C6CE-6803-47BC-862D-A0DECE985B8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BAEE9AB-F71D-4998-9FD8-DCA4ECC4162F}" = lport=139 | protocol=6 | dir=in | app=system |
"{63AE0FBB-8D2B-4CA4-A6AA-0ED447A7625C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{80FB533F-EFA7-4FDE-802E-FECD64A01A02}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84DE0F6E-DAB6-476E-80C1-E40C8DA8746B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8BE81852-6464-4FBD-87D6-56B821084D87}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9424ADAE-65B9-46E8-9222-BF8ACDAECB81}" = rport=138 | protocol=17 | dir=out | app=system |
"{95F28081-2273-4BE7-9D08-39F4E1FD3B83}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9FA5B98C-C701-457B-BF2D-E324DBBDF076}" = rport=445 | protocol=6 | dir=out | app=system |
"{B7D99EE8-1391-4936-89B3-D75D7045F863}" = lport=445 | protocol=6 | dir=in | app=system |
"{BD4E2F50-E376-4ACF-9ABD-0D9E59526EF7}" = lport=138 | protocol=17 | dir=in | app=system |
"{C1729769-F48A-4E9F-B296-0F7E668B7DD5}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016CA848-2394-472A-8210-E911B62ED0DB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{01E55D40-22DC-4B29-B1CA-F85AA3F3B48D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{026E7170-B127-45E8-A79F-D07D755DA4A4}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{03E4010D-D68F-431F-AF23-EF852D6F0DBE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{0432C004-8135-40CB-BA6B-86BE8725124B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0892D228-6D53-4E77-807C-EC56912D8FA8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{094E28F5-73ED-4DF5-97C1-E5B3DA80D307}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{0DB9B861-5ADB-4010-9CF8-270DA38B574B}" = protocol=17 | dir=in | app=d:\programme\need for speed hot pursuit\launcher.exe |
"{0F8BA0A3-7809-4A28-B40F-F54CD86C52F8}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{1170F476-080F-4DE7-B284-CFB9ED706CDB}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{1470D212-BCBB-403C-A45A-3728D7A5C710}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{19B80538-A16F-4F3F-AA66-05E39E2D5F53}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1BB3856C-59B9-400C-BB24-2A6C8194238C}" = protocol=17 | dir=in | app=d:\programme\simcity\simcity\simcity.exe |
"{1BF3C590-2680-439B-8101-44BEBA2C4371}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{1F7F0D7F-79E4-45D3-83BB-21167E66C756}" = protocol=6 | dir=in | app=d:\programme\battlefield 1942\bf1942.exe |
"{207FBF97-B925-4921-BA4D-736CC02EE741}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{2096D91C-52E8-46C0-A950-A42C7DB1EA5A}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{209BA44D-0D6E-49BD-8AA6-EA5CFF2A8A98}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{20C54AB3-80A7-47C9-8F32-FB164B82E965}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{2974B309-4973-4980-B473-FF710A232BFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AADBE4E-1C62-4F17-9E04-78E3E1A67FB8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{2B34CACD-37AC-409E-85C4-E2984A2190D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{2BE38D28-42AD-438A-BA30-E321E6CE9081}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{2C21A5D8-B6F7-4839-912F-9914B6AB14AC}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dxhrml\dxhrml.exe |
"{2C9F95C8-2138-4BEB-A131-F3030378C54D}" = protocol=17 | dir=in | app=d:\program files (x86)\diablo iii public test\diablo iii.exe |
"{2FC1458A-59B7-46FF-AFB0-208B93E6B1F8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{305F794C-B355-45FE-81E0-650B9A3F92F4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{309F1452-D6EC-4205-B750-47EDBDB0E90E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{364F4DDC-EE66-4A6A-BA4D-F11280FA5AB6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{37B95A0C-9344-461E-8618-EFEC4942D0C4}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{3A35093E-047D-4DFF-B08B-8F883E601675}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{3BCEB243-B480-43C1-820B-D6DD98B947AA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3F5B2289-32B4-4C0E-892C-E26014E1D655}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{40DD4406-433C-4AF3-AD7E-3E50305B4EA4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\f1 2011\f1_2011.exe |
"{41893B3E-B03D-4588-95EB-6F11895FEFB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{423403DA-0D28-4D25-A567-9DC4B2E10B87}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{42BA57A6-D4C4-4782-8BDC-EAC47212F0DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4384344E-7E5C-4655-B150-9BE9791CE514}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{45920279-28C1-42D9-811D-F7C507F16FCB}" = protocol=17 | dir=in | app=d:\programme\diablo iii\diablo iii.exe |
"{4B4BCCA7-0AE0-4F6F-8769-68374735DE0D}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{4CDBB448-21BF-4960-835A-5BBBBAF9E253}" = protocol=6 | dir=in | app=d:\programme\simcity\simcity\simcity.exe |
"{4D0B2991-CFEC-42AD-BA55-4A4DD22B7366}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{4DFE0E6F-986E-4DC1-83C5-44967C681C45}" = protocol=17 | dir=in | app=d:\programme\mass effect 3\binaries\win32\masseffect3.exe |
"{4F0780A6-1EDA-4012-945D-5652C5FFF286}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{4F5B990A-509C-4D6A-95A1-D5FDE6E0F202}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{50F7B4C5-E43D-460A-8F5C-55E5075780B0}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{522FAE8F-74A0-4AC6-97D0-737A9EDB2CA5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{556D0246-F9DF-4E5B-85D6-3CC56BA3C5FC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5782FB17-78F8-4FDC-81C7-FA21BADC4374}" = protocol=17 | dir=in | app=d:\programme\kingdoms of amalur reckoning\reckoning.exe |
"{5C2FFC22-2EB1-49E7-A086-757C9C4EBB0F}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\f1 2012\f1_2012.exe |
"{61C27A6B-499E-44AE-8D33-4AE6FE48B56D}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{6263D3A9-EAC5-48D2-B3D8-C56FAD4150F6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{62A49567-3087-4DD8-A9DB-A0387DC96DEB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{64A9E3AD-DC0D-4978-85B2-05566A651E48}" = protocol=6 | dir=in | app=d:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"{66628B83-12D5-4E69-8ED1-DF3BC6F62FC6}" = protocol=6 | dir=in | app=d:\programme\medal of honor warfighter\mohw.exe |
"{676A24D9-4309-4DFB-B46A-62A4C16E6E9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6828869E-C2B8-4ABF-B439-38D3AB900787}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{68D9DD7B-F691-4721-A597-A21A20E49026}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{6B9D9774-46A3-4DC5-9855-9F42D1B289D7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E26106B-855A-4052-B3E2-B6EF723EE4FB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dxhrml\dxhrml.exe |
"{71178628-89FC-4F7E-BC80-E3EC2C17668E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{715EA114-26BC-492A-BA63-055D45DD1B64}" = protocol=6 | dir=in | app=d:\programme\mass effect 3\binaries\win32\masseffect3.exe |
"{71BA954C-4E65-4EB2-82EF-44AE2DFF69D7}" = protocol=17 | dir=in | app=d:\programme\fifa 13 demo\game\fifa13_demo.exe |
"{752D4DF7-373F-42E6-9400-0D0E3A3651DE}" = protocol=17 | dir=in | app=d:\program files (x86)\blizzard\diablo iii beta\diablo iii.exe |
"{761CA233-59C7-42A0-BE7C-638854ADC518}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{7629E84F-15BE-46D3-A7E5-2CCF74CFDA06}" = protocol=17 | dir=in | app=d:\programme\fifa 12\game\fifa.exe |
"{7921AD07-2F55-48B4-B96C-BD08CBE110CE}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{7D985CA6-780F-4501-96E7-67ACD6022AFC}" = protocol=6 | dir=in | app=d:\programme\fifa 12\game\fifa.exe |
"{80027255-D97F-400F-BA6C-896E1C828D44}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{80CFF176-35E2-470D-B982-69611CB5914B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{824F9C79-517D-4A1B-8580-E658C3379B56}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{8346B411-C14A-4270-8D25-3C2F76A09D73}" = protocol=6 | dir=in | app=d:\programme\dead space 3\deadspace3.exe |
"{84080F8E-7606-4520-A2D7-BBBAB426D9AB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{855381AA-F125-46EF-A221-D670D774942F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85E214B6-7D9A-4A03-A8B9-49E36D906671}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{89ECED28-0C4F-4033-83E0-292B0B8A5686}" = protocol=17 | dir=in | app=d:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"{8B3283BF-8D4E-40CF-AAC6-824031A6CB0D}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{8D0497BD-41B0-495C-806A-354D0A3F9101}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{92C76B5B-591F-4EFD-A12A-A3BD0853112A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{93B8F476-C242-4892-A2CD-5BEE306BDE8B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{95BB29E9-0719-4328-A7AE-3DAA9EA0A39E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{9665E4D9-6CB8-4456-B79D-D10EFA80FD2D}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{9B390036-2C54-4917-96E0-AAAC042CAF19}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{9F1C665D-3054-4DA1-AFF8-DDB8CAA65092}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A0017481-FB52-498C-8DF8-1C28EA17067E}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{A006049E-F3AA-4982-B9CD-BB97CAE07EA3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{A5113E2E-3E52-477D-A9E5-97E7A8F6FDC8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{A6742E8B-B69E-4875-ACD2-4D3E19076F68}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A8996065-9D9C-4544-96C9-3249C18A0338}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\f1 2012\f1_2012.exe |
"{AF0863E7-BF37-4FAF-9E82-DE8B0643CEAC}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{AF276F92-31A1-4347-9B48-8E20F9377BD6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF59C0C9-5EA8-4B05-A0AC-98EC5B22EEF1}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{B2615A88-ED4B-47D4-BBE9-547516CF7AF0}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{B3A0E649-A8F4-4086-BC20-D44208D22064}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{B3ED60AA-1B1C-4978-8F05-79167176E4ED}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead space 2\deadspace2.exe |
"{B4A361FC-8903-4799-AE40-45784809333A}" = protocol=6 | dir=in | app=d:\programme\need for speed hot pursuit\launcher.exe |
"{B523B241-ECA5-4B39-A488-38F22527F4FB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{B626A333-1126-4CF1-9E98-C78475F53C86}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B7AF589E-BBA9-4044-927A-DB6BF9B240A3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{B86AF1D2-6FB0-48D7-A3BB-5C0C954E847A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8F83263-D338-4538-846F-7B3B6B7335D4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BB52BD30-C5AA-4276-8BD4-6305EE192E25}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB7E181C-5708-401F-AF87-6E8F58C03257}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{BF947A33-6D19-4DD4-8756-5CC7F825F638}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{BFBD59B2-A0D6-4809-A02A-79C067EAAED1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C09653D2-FF1D-4FC4-A854-C68644003E24}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{C12B9D79-EFA9-44E2-9139-2EE8DE0533DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C28AAFCD-27D8-4C31-927A-354492D007BA}" = protocol=17 | dir=in | app=d:\programme\dead space 3\deadspace3.exe |
"{C782D6B9-B60E-4A02-949F-4DB51EFD0C3A}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\f1 2011\f1_2011.exe |
"{C8815E11-DD4E-436D-9B5B-27B8235A83C6}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{C8BA8F8A-EA34-4AF5-8405-64E9AAC5AE35}" = protocol=17 | dir=in | app=d:\programme\battlefield 1942\bf1942.exe |
"{CAF53613-7CB7-4184-9692-AB252E32E644}" = protocol=6 | dir=in | app=d:\programme\diablo iii\diablo iii.exe |
"{CDB6231E-F1FC-448D-B3A0-5C9ECC2DACDA}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{D011E54C-9A5C-4A7B-B940-12545EC25692}" = protocol=6 | dir=in | app=d:\programme\fifa 13 demo\game\fifa13_demo.exe |
"{D2BEBC2D-4AE2-491D-B0FD-F3F7257F6B9D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5355667-3E98-42E8-A116-12A94C98720E}" = protocol=6 | dir=in | app=d:\programme\kingdoms of amalur reckoning\reckoning.exe |
"{D6AF9217-6867-4FD0-A7EA-0711F82B6526}" = protocol=17 | dir=in | app=c:\program files (x86)\wb games\batman arkham city\binaries\win32\batmanac.exe |
"{D6F72348-CDFB-4F2F-8654-FC3C95367AD5}" = protocol=6 | dir=out | app=system |
"{D71405ED-D81C-45F7-936C-D95642E219B5}" = protocol=17 | dir=in | app=d:\programme\medal of honor warfighter\mohw.exe |
"{D77A7F28-59A6-4F59-B36E-D0F6EABF548D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{DA000BE2-C4E1-4109-9EA4-C6F89D07F40A}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{DA23BF54-EB31-4EB7-A39E-488835E8E6B3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{DCF67FB6-E9BA-43EF-A5EE-07F8B4A5BBF8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{E14899AA-55E0-4445-98F4-7891F1A3E553}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{E1B7223E-479A-41E7-B3B8-705BB2522CD5}" = protocol=6 | dir=in | app=d:\program files (x86)\blizzard\diablo iii beta\diablo iii.exe |
"{E370A9FA-8DFC-4EEE-BFD3-7EC6F4602F2F}" = protocol=6 | dir=in | app=d:\programme\battlefield 3\bf3.exe |
"{E3F86088-EBD0-4520-8A90-37AA56668202}" = protocol=6 | dir=in | app=c:\program files (x86)\wb games\batman arkham city\binaries\win32\batmanac.exe |
"{E84F560E-986F-4158-BEB6-05AB56AA7C3C}" = protocol=17 | dir=in | app=d:\programme\battlefield 3\bf3.exe |
"{E8BF003D-2440-4E9D-B61A-0A70B2D366F5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead space 2\deadspace2.exe |
"{E954E0F2-58C7-494D-83A0-070A72C0B715}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9A4BDE7-1129-4F70-A456-812568DEA540}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EA73EF62-18CA-47E7-8C48-A7BA992C9C83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF0F772B-DBB0-4F2B-93B6-B0F17405AD3E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{EFE926C2-BDA7-4322-9B28-D88299CB50A5}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{F1D2F9E6-EDAE-4A98-A670-06F81AD72830}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{F40FFE4D-E954-4E36-8042-3BC56E9CE3D9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F716944B-37BD-4391-9031-206BB9E8EC96}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F82EC574-173B-42B3-A249-43C4F1A00499}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{F9326762-5F36-49F8-B21A-6B5EE971EA67}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{F9F40C87-9A1A-4C52-92CC-F0B9D217E555}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{FA2237E8-561B-4F75-86A1-364D914DC4F6}" = protocol=6 | dir=in | app=d:\program files (x86)\diablo iii public test\diablo iii.exe |
"{FA7EEF97-7805-45DC-AB2D-2C83F1DEA5EE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{FA8C379B-B205-4F72-8F26-20E68D44F9B7}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe |
"{FB823317-1D9F-4F95-B8A8-11E751EE6532}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FBDF5EF8-EE9D-4499-92DE-0B8CA405DA5C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{FC328DF5-0A15-4FE7-88FC-C170C31228AB}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{FF26744B-DD2B-4001-AA91-679F9E3B97C3}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.051
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4
"{01388C7F-7F59-40E4-9767-F0BFBEEDC834}_is1" = Texas Hold'em Poker 2008 3D - Gold Edition 1.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{1040143F-FEFB-4B90-8E51-E47D40E14C4E}" = Medal of Honor™ Warfighter
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}" = FIFA 13 Demo
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.0.25
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{57520FA0-A73E-4165-BCA2-D71000038301}" = Batman: Arkham City™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{65F8E0A6-A290-4D47-B391-D6353D756854}" = Pro Evolution Soccer 2013 DEMO
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Kingdoms of Amalur: Reckoning
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7D6C6D02-F201-42AA-B53B-7B5166B6705C}" = FIFA 12 DEMO
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3
"{E39734F7-0ADF-4250-BF2A-ED625A5565A4}" = Pro Evolution Soccer 2012 DEMO2
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 2_3a
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"Dance eJay 4" = Dance eJay 4 - Deinstallation
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"Diablo III Public Test" = Diablo III Public Test
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Total Protection
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 17470" = Dead Space
"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link
"Steam App 203140" = Hitman: Absolution
"Steam App 205100" = Dishonored
"Steam App 208500" = F1 2012
"Steam App 208580" = Star Wars: Knights of the Old Republic II
"Steam App 219850" = Torchlight II Demo
"Steam App 220" = Half-Life 2
"Steam App 24240" = PAYDAY: The Heist
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 33440" = Driver San Francisco
"Steam App 33460" = From Dust
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 44360" = F1 2011
"Steam App 47780" = Dead Space 2
"Steam App 50130" = Mafia II
"Steam App 55230" = Saints Row: The Third
"Steam App 57690" = Tropico 4
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8980" = Borderlands
"Steam App 91310" = Dead Island
"The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"TmNationsForever_is1" = TmNationsForever
"VobSub" = VobSub v2.23 (Remove Only)
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1178455106-1141279657-3676902627-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.03.2013 11:21:22 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 30.03.2013 20:38:18 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 30.03.2013 20:51:14 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 31.03.2013 13:01:12 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 31.03.2013 18:57:13 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 01.04.2013 10:59:49 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 01.04.2013 16:22:12 | Computer Name = Robert-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
(x86)\Steam\steamapps\common\f1 2011\CustomActionOnFinishInst.exe". Fehler in Manifest-
oder Richtliniendatei "d:\program files (x86)\Steam\steamapps\common\f1 2011\CustomActionOnFinishInst.exe"
in Zeile 1. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 02.04.2013 10:08:35 | Computer Name = Robert-PC | Source = VSS | ID = 8194
Description =
Error - 02.04.2013 13:57:45 | Computer Name = Robert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DivXUpdate.exe, Version: 1.0.6.15,
Zeitstempel: 0x4e31ebcf Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xe04 Startzeit der fehlerhaften Anwendung: 0x01ce2fab4bd64de0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: d259c430-9bbe-11e2-8b58-f46d04d3e78a
Error - 03.04.2013 02:29:45 | Computer Name = Robert-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a34 Startzeit:
01ce30333b773300 Endzeit: 15 Anwendungspfad: C:\Users\Robert\Downloads\OTL.exe Berichts-ID:
[ System Events ]
Error - 30.03.2013 20:45:43 | Computer Name = Robert-PC | Source = DCOM | ID = 10010
Description =
Error - 31.03.2013 18:28:17 | Computer Name = Robert-PC | Source = DCOM | ID = 10010
Description =
Error - 31.03.2013 18:59:33 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 01.04.2013 13:23:11 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "McAfee Personal Firewall" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 01.04.2013 13:23:34 | Computer Name = Robert-PC | Source = DCOM | ID = 10010
Description =
Error - 01.04.2013 13:24:11 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "McAfee Personal Firewall" Korrekturmaßnahmen (Neustart des Diensts)
durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 02.04.2013 09:15:01 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 02.04.2013 09:15:12 | Computer Name = Robert-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{EFE9F723-6B5F-42CC-8E99-83488DCAD347} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 02.04.2013 14:21:59 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "McAfee Personal Firewall" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 02.04.2013 14:22:59 | Computer Name = Robert-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "McAfee Personal Firewall" Korrekturmaßnahmen (Neustart des Diensts)
durchzuführen, ist fehlgeschlagen. Fehler: %%1056
< End of report >
|
Bitte lesen:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
