Ich konnte leider nicht mehr editieren.
Hier meine OTL logs:
OTL.txt: Code:
OTL logfile created on: 04.07.2012 18:05:18 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Dominik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 39,41% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 25,66 Gb Free Space | 5,67% Space Free | Partition Type: NTFS
Computer Name: TERM | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.04 17:48:07 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Downloads\OTL.exe
PRC - [2012.07.03 20:22:35 | 000,116,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Dominik\Downloads\Desktops102\Desktops.exe
PRC - [2012.06.20 13:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.06.18 22:15:00 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011.12.06 23:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.08.25 14:36:40 | 000,337,568 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Uqli\gitab.exe
PRC - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
PRC - [2010.08.30 10:32:24 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010.08.11 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010.06.10 04:54:04 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.03.03 15:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 15:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2009.10.09 06:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009.05.26 19:43:54 | 000,046,472 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\Rmcmd.exe
PRC - [2009.05.26 19:38:02 | 000,112,008 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\Iigcn.exe
PRC - [2009.05.26 19:38:00 | 000,165,256 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\iigcd.exe
PRC - [2009.05.26 19:37:56 | 000,157,064 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\iigcc.exe
PRC - [2009.05.26 19:37:10 | 000,022,416 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\servproc.exe
PRC - [2009.05.26 19:37:04 | 000,022,416 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\Iidbms.exe
PRC - [2009.05.26 19:37:04 | 000,022,416 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\Dmfrcp.exe
PRC - [2009.05.26 19:34:46 | 000,017,808 | ---- | M] (Ingres Corporation) -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\Dmfacp.exe
PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.18 22:14:59 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.12.06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.08.25 14:36:40 | 000,337,568 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Uqli\gitab.exe
MOD - [2011.04.24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtgui4.dll
MOD - [2011.04.24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtsql4.dll
MOD - [2011.04.24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtscript4.dll
MOD - [2011.04.24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtnetwork4.dll
MOD - [2011.04.24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtcore4.dll
MOD - [2011.04.24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtdeclarative4.dll
MOD - [2011.04.20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll
MOD - [2010.06.10 04:54:04 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.01.25 09:56:30 | 009,690,112 | ---- | M] () [On_Demand | Stopped] -- c:\program files\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe -- (wampmysqld)
SRV:64bit: - [2011.11.23 17:37:20 | 009,688,064 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV:64bit: - [2010.01.22 19:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.06.23 18:00:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.18 22:14:59 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.06 23:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.09.26 10:06:54 | 000,021,504 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\Programme\wamp\bin\apache\Apache2.2.21\bin\httpd.exe -- (wampapache)
SRV - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2010.11.01 23:12:20 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.10.08 07:18:46 | 000,697,616 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV - [2010.10.08 07:18:46 | 000,056,592 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV - [2010.10.08 07:18:44 | 000,957,712 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV - [2010.08.11 03:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.06.11 15:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 15:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.03.03 15:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.11.02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2009.10.09 06:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.26 19:37:10 | 000,022,416 | ---- | M] (Ingres Corporation) [RN] [Auto | Running] -- C:\Program Files (x86)\Rapid-I\RapidNet\database\ingres\bin\servproc.exe -- (Ingres_Database_RN)
SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.04 09:52:54 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.07.04 09:26:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.04.12 18:12:56 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.11.08 13:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011.04.04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011.03.31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011.03.18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010.09.02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010.06.10 22:57:20 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010.06.08 05:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.05.12 04:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (HTCAND64)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.04.01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.22 19:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 18:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.11.02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.10.26 22:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.30 19:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 13:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.10 14:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.04.29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.01.29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009.01.29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008.06.16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.11.02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2010.03.19 15:15:50 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/05/04 19:46:39] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{4D0635D1-C94C-468D-9789-CA2D01E1944E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=1ddaba19-7c7d-420b-aeb5-9b3f58fd5c21&apn_sauid=82CDCD5F-88C0-421E-A15D-13460ED04318
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012.07.04 10:10:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.07.04 10:10:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.18 22:15:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.10 20:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.04 09:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011.03.24 21:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions
[2011.03.24 21:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.07.04 09:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\bwuh3bra.default\extensions
[2012.02.02 20:20:02 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\bwuh3bra.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2011.12.02 19:02:22 | 000,000,000 | ---D | M] (TabGroups Manager) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\bwuh3bra.default\extensions\{ca526f8b-9e0a-4756-9077-19d6f3e64ea8}
[2012.06.15 18:58:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.06.24 11:16:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.18 22:15:00 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.18 22:14:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.18 22:14:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.18 22:14:56 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.18 22:14:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.18 22:14:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.18 22:14:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=1ddaba19-7c7d-420b-aeb5-9b3f58fd5c21&apn_ptnrs=%5EABT&apn_sauid=82CDCD5F-88C0-421E-A15D-13460ED04318&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dominik\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Avira Toolbar = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\
CHR - Extension: YouTube = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Skype Click to Call = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: Google Mail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
O1 HOSTS File: ([2012.07.04 09:28:58 | 000,000,909 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 socialsearch.com
O1 - Hosts: 127.0.0.1 www.socialsearch.com
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TortoiseHgOverlayIconServer] C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EPSON SX130 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU "C:\Windows\TEMP\E_S9534.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [EPSON SX130 Series (Kopie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU "C:\Windows\TEMP\E_S8314.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Ytemfesouw] C:\Users\Dominik\AppData\Roaming\Uqli\gitab.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dominik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3159044F-7C89-45F1-A56E-CCF9EA7C4D4F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{389E0B00-272C-4768-B25E-8A543AB9755F}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C584DDFC-822F-4066-A1C7-25D1D452F67E}: NameServer = 141.7.1.18,141.7.1.20
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2413ea5b-588e-11e0-baaf-206a8a1ce5e9}\Shell - "" = AutoRun
O33 - MountPoints2\{2413ea5b-588e-11e0-baaf-206a8a1ce5e9}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{2413ea5b-588e-11e0-baaf-206a8a1ce5e9}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{2413ea5b-588e-11e0-baaf-206a8a1ce5e9}\Shell\install\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{694d6287-2bba-11e1-b2b2-9e5c6b1aee9c}\Shell - "" = AutoRun
O33 - MountPoints2\{694d6287-2bba-11e1-b2b2-9e5c6b1aee9c}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{8460ee4e-57ed-11e1-914c-b1fcc3d2acef}\Shell - "" = AutoRun
O33 - MountPoints2\{8460ee4e-57ed-11e1-914c-b1fcc3d2acef}\Shell\AutoRun\command - "" = F:\MotoCastSetup.exe -a
O33 - MountPoints2\{da441aae-ccda-11e0-a2ee-06659d39d145}\Shell - "" = AutoRun
O33 - MountPoints2\{da441aae-ccda-11e0-a2ee-06659d39d145}\Shell\AutoRun\command - "" = E:\Launcher\LAUNCHER.EXE
O33 - MountPoints2\{f059a4bf-24c7-11e1-bfbf-ce313a2f828c}\Shell - "" = AutoRun
O33 - MountPoints2\{f059a4bf-24c7-11e1-bfbf-ce313a2f828c}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{f059a4bf-24c7-11e1-bfbf-ce313a2f828c}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{f059a4bf-24c7-11e1-bfbf-ce313a2f828c}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.04 17:29:36 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2012.07.04 17:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.04 17:29:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.04 17:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.04 17:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.04 09:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2012
[2012.07.04 09:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2012.07.04 09:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.07.04 09:52:54 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.07.04 09:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.04 09:26:31 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.04 09:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.07.03 20:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.07.03 20:13:18 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\APN
[2012.07.03 20:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.06.26 15:23:48 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Uqli
[2012.06.26 15:23:48 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Inbued
[2012.06.26 15:23:48 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Hiuxe
[2012.06.23 18:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin
[2012.06.23 18:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin-X
[2012.06.23 18:29:27 | 000,000,000 | ---D | C] -- C:\cygwin
[2012.06.23 18:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\cygwin
[2012.06.18 22:15:23 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Macromedia
[2012.06.14 19:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShrewSoft VPN Client
[2012.06.14 18:49:25 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\Musik Jule
[2012.06.14 09:41:41 | 000,483,328 | ---- | C] (Simon Tatham) -- C:\Users\Dominik\Desktop\putty.exe
========== Files - Modified Within 30 Days ==========
[2012.07.04 18:28:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.04 17:52:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3533918176-516122717-522040741-1001UA.job
[2012.07.04 17:48:20 | 000,000,168 | ---- | M] () -- C:\Users\Dominik\defogger_reenable
[2012.07.04 17:44:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.04 17:29:30 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 17:06:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.04 16:22:18 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.04 16:00:36 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.04 16:00:36 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.04 15:52:17 | 3111,514,112 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.04 10:00:31 | 000,017,408 | ---- | M] () -- C:\Users\Dominik\AppData\Local\WebpageIcons.db
[2012.07.04 09:55:44 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.07.04 09:55:44 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.07.04 09:52:54 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.07.04 09:52:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3533918176-516122717-522040741-1001Core.job
[2012.07.04 09:33:28 | 001,810,436 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.04 09:33:28 | 000,767,270 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.04 09:33:28 | 000,721,942 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.04 09:33:28 | 000,174,834 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.04 09:33:28 | 000,147,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.04 09:30:38 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.07.04 09:26:31 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.01 08:26:03 | 000,000,443 | ---- | M] () -- C:\Windows\SysWow64\bash.exe.stackdump
[2012.06.24 13:13:50 | 000,000,600 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\winscp.rnd
[2012.06.15 10:21:08 | 000,348,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.14 19:27:12 | 000,000,600 | ---- | M] () -- C:\Users\Dominik\AppData\Local\PUTTY.RND
[2012.06.14 09:41:11 | 000,483,328 | ---- | M] (Simon Tatham) -- C:\Users\Dominik\Desktop\putty.exe
[2012.06.10 20:12:36 | 000,001,059 | ---- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
========== Files Created - No Company Name ==========
[2012.07.04 17:48:20 | 000,000,168 | ---- | C] () -- C:\Users\Dominik\defogger_reenable
[2012.07.04 17:29:30 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 10:00:30 | 000,017,408 | ---- | C] () -- C:\Users\Dominik\AppData\Local\WebpageIcons.db
[2012.07.04 09:55:44 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012.07.04 09:55:44 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012.07.04 09:30:38 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.07.01 08:26:03 | 000,000,443 | ---- | C] () -- C:\Windows\SysWow64\bash.exe.stackdump
[2012.06.14 18:43:47 | 000,000,600 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\winscp.rnd
[2012.06.14 10:46:13 | 000,000,600 | ---- | C] () -- C:\Users\Dominik\AppData\Local\PUTTY.RND
[2012.05.06 18:56:12 | 000,000,027 | ---- | C] () -- C:\Users\Dominik\.appcfg_nag
[2012.05.06 17:46:29 | 000,000,193 | ---- | C] () -- C:\Windows\wordpad.INI
[2012.04.19 18:01:10 | 005,056,989 | ---- | C] () -- C:\Users\Dominik\Dokumente19042012.pdf
[2012.04.15 18:24:28 | 000,000,029 | ---- | C] () -- C:\Windows\UML.INI
[2012.04.04 19:48:06 | 000,039,394 | ---- | C] () -- C:\Users\Dominik\reader.kl
[2012.04.04 19:43:08 | 000,156,529 | ---- | C] () -- C:\Users\Dominik\output.html
[2012.04.04 19:42:54 | 000,016,591 | ---- | C] () -- C:\Users\Dominik\primitives.clj
[2012.03.30 14:45:42 | 005,427,898 | ---- | C] () -- C:\Users\Dominik\ebook_manual_en_dive-into-html5.pdf
[2012.03.21 09:10:50 | 013,655,880 | ---- | C] ( ) -- C:\Users\Dominik\FreeMind-Windows-Installer-0.9.0-max.exe
[2012.03.11 10:44:25 | 000,903,531 | ---- | C] () -- C:\Users\Dominik\BEC_Higher.pdf
[2012.02.29 18:08:42 | 001,164,874 | ---- | C] () -- C:\Users\Dominik\Formblatt8-1.pdf
[2012.02.24 13:13:47 | 000,000,079 | ---- | C] () -- C:\Users\Dominik\mercurial.ini
[2012.02.13 12:54:31 | 000,057,564 | ---- | C] () -- C:\Users\Dominik\AppData\Roaming\Photo.jpg
[2012.02.06 15:40:23 | 001,306,620 | ---- | C] () -- C:\Users\Dominik\Nielsen-D2011-internet.pdf
[2012.01.09 16:15:54 | 000,001,482 | ---- | C] () -- C:\Users\Dominik\.waterfront.config.clj
[2011.12.28 18:05:29 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\qftestc.exe
[2011.12.28 18:05:29 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\qftest.exe
[2011.12.25 13:30:46 | 000,000,112 | ---- | C] () -- C:\Users\Dominik\.asadminpass
[2011.12.06 23:38:44 | 000,000,599 | ---- | C] () -- C:\Windows\eReg.dat
[2011.11.28 22:51:43 | 000,535,173 | ---- | C] () -- C:\Users\Dominik\Assignment 5 (Dominik and Muhammad Usman).pdf
[2011.11.20 21:02:47 | 132,827,166 | ---- | C] () -- C:\Users\Dominik\Studienarbeit.7z
[2011.11.11 19:25:57 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011.10.27 13:14:33 | 001,093,138 | ---- | C] () -- C:\Users\Dominik\algorithmen.pdf
[2011.10.19 22:02:19 | 000,000,672 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.10.19 20:43:13 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2011.04.25 14:29:16 | 000,000,043 | ---- | C] () -- C:\Windows\gswin64.ini
[2011.03.08 22:34:51 | 001,779,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.04 19:30:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.12.06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2010.11.02 07:41:10 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
[2010.11.02 07:39:30 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.02 07:38:43 | 000,001,653 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2010.11.01 23:04:31 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.11.01 23:04:31 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
[2010.11.01 22:57:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.08 05:16:07 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.09.08 05:16:07 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010.09.08 05:16:07 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
========== LOP Check ==========
[2011.05.22 15:55:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\abgx360
[2012.05.30 18:04:00 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1
[2012.05.18 15:41:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Bizagi Ltd
[2012.01.27 21:37:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2012.07.04 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Dropbox
[2012.07.04 17:49:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Epson
[2011.12.18 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\eXtra feelings
[2011.04.04 22:47:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\FloodLightGames
[2012.06.26 15:23:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Foxit Software
[2012.04.28 17:35:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GrindEQ
[2012.07.04 17:56:27 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Hiuxe
[2012.04.25 20:50:55 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ
[2011.03.25 20:01:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ImgBurn
[2012.06.26 15:23:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Inbued
[2012.05.18 15:41:08 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\IsolatedStorage
[2012.04.10 20:31:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Macroplant LLC
[2012.02.13 12:26:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Motorola
[2011.10.28 16:42:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MySQL
[2011.06.20 22:28:26 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Notepad++
[2011.10.28 16:29:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\postgresql
[2011.11.29 10:59:00 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Scooter Software
[2012.04.28 17:37:21 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Shared
[2011.03.05 16:38:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SNS
[2011.06.07 22:27:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\SoftGrid Client
[2012.04.14 17:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Spotify
[2012.05.16 10:39:52 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\syntevo
[2011.03.24 21:08:14 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Thunderbird
[2012.02.13 12:50:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Total Immersion
[2011.03.08 22:36:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TP
[2012.04.16 12:43:29 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\UDC Profiles
[2011.05.22 11:48:28 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Unity
[2012.06.26 15:23:48 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Uqli
[2011.11.09 13:01:01 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras.txt: Code:
OTL Extras logfile created on: 04.07.2012 18:05:18 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Dominik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 39,41% Memory free
7,73 Gb Paging File | 4,49 Gb Available in Paging File | 58,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 25,66 Gb Free Space | 5,67% Space Free | Partition Type: NTFS
Computer Name: TERM | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005C29EF-1BC4-4939-AA36-C77E2B1B5815}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A4D9D03-A934-41AF-B0CA-3EB3A0A3FE7D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1548578B-DA1D-44FC-8EFD-2B9EA977DA18}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2924F6AA-5306-4E57-A838-29E2CFEAC3A9}" = lport=445 | protocol=6 | dir=in | app=system |
"{309D80F5-DD4B-4B40-97DC-E47D9818A94D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3120C4A2-6D0A-487E-B36C-B8EC578C2ABF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38D6E411-987E-495B-BEF4-BDA897E85B51}" = rport=445 | protocol=6 | dir=out | app=system |
"{426FCBDE-8E78-4156-AD2F-07AA6D31203C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4CC524BC-FB6D-46AE-949C-C31388B80115}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5510B10D-77CC-4DCE-B3EB-CCEF5EE0DE74}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A2841C0-FB61-4BC1-9CC5-FE44F7A3C1FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63F03FF9-2472-4CB3-A49E-CB541129C2A0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{678547F6-6532-4F9C-AE3D-72EAA9A56E72}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78650E05-8FF9-4070-9711-DD761DE6CF0B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{80E590CD-9194-476F-8A50-578D1E0FB570}" = rport=139 | protocol=6 | dir=out | app=system |
"{837FE16F-9EC7-46E4-9DAF-82731C7D19FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{A56A93F0-687A-472B-87D8-6F5BA29C320A}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAEB3335-D9DB-4CF3-84A5-D0DFE6F8ED63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B686F91C-8DF9-438E-B10F-EBD018AE3F2B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BDAC6631-F9B6-4540-9DD5-1F7510BECF95}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C1320F34-A5CC-49A1-B3F0-81E4544B4528}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE9B911F-0D27-4B8F-AFCC-94795A78494F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E6EF953F-B850-47B2-AEBE-17D2AC363479}" = rport=138 | protocol=17 | dir=out | app=system |
"{ED138E83-EDF0-4C7D-A987-18DB5CAABF36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{EE610DE8-0971-413E-B259-FACF57BB8AA5}" = lport=139 | protocol=6 | dir=in | app=system |
"{FB77AC4B-E089-4807-BA58-DC1EF3DF9BE4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FE6D7A1F-5C3B-4BCE-80E1-3B3D19A727A4}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F08EE0-8EA1-496D-86D3-B100F8A922AD}" = dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{0370A667-60F0-41F3-AE69-7DCAB12A102E}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{070C8A8C-E6BC-4B93-9D5D-91225A1543FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{087BD5BB-172B-40F6-9BC1-5188608045D9}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0C057662-7C1A-42BB-9B54-460C7AD5F5AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{17D6CA09-3C36-488F-8F6A-359710DEFB45}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{1E4C8075-55C0-4FB4-9A9F-244E6A1F4B16}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{26D26DCB-6ED7-49F3-801C-0554B66F745E}" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_26\jre\bin\java.exe |
"{28DE0E00-EEC2-4496-A732-0C7DE1594380}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2BC81CCE-0DFA-45AC-B4E7-DDAB5E76E8A8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{36338681-A821-4E05-AFCF-0A148531FA3E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{369B0BB9-2184-4866-BEFF-8D11CF4AA4DB}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\spotify\spotify.exe |
"{389627C9-53CB-4804-B8E3-8EE4D125C12C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{3A16426A-BBAF-4920-AD54-FE9F5A7E87D9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{444F879A-7521-4CD9-A682-8A066DAB78F1}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\vlc setup helper.exe |
"{467D4300-9628-406F-A6DC-2CD65012F58E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{499B3427-6A00-45FC-8E8E-BD2E8841A0C4}" = protocol=6 | dir=out | app=system |
"{4B8D6A62-FB9C-4B1B-9167-B5E39944E459}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{520AD98F-2235-4E8A-BB02-9946251D7DE7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{55C351E7-60CB-4DA2-B7E4-0B6CCCDE7936}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{574A3C99-98FA-4EE4-8FA6-7778F4A37F92}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{5B12041E-CC62-41A4-A3AF-0FDFE2AF83F3}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\spotify\spotify.exe |
"{5CB77B10-FAD2-442C-B85E-39E3313B5724}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{5E157EF1-A0E7-4428-9FF5-325373F8B719}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6B3D8292-DB3C-4028-A08E-01765958F175}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C80072A-6B41-410F-B2DD-753CAEF38430}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{6DE5F853-77FB-493E-A03B-C2991E04CC13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{741D4239-FD92-403B-A0F1-93440A403E5E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76A8FCF1-3AAA-4758-BA9F-3C57C8CE0869}" = protocol=17 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\database\ingres\bin\iigcd.exe |
"{78153DED-91E9-4B83-94C6-7A804B0F95CE}" = protocol=6 | dir=in | app=c:\program files\tortoisehg\thgw.exe |
"{79FAFEE1-1EEB-49BC-9740-9CEC013A67A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A6C6259-C411-4C46-921C-A8176405601F}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{7A746B04-F39D-45B1-9D4D-D2AF685CE26A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{7CD85E30-1E74-4938-AE9B-D0FD30C27F30}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{847B0D50-C835-457C-8049-D92FF9FD519C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{853D90FF-95C7-471C-AF76-9C3141F4A638}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{854F1B0E-F795-44A4-8883-43C2639F0B8D}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe |
"{8A929EEC-70A4-4700-9B87-D75FCFC1C39F}" = protocol=6 | dir=in | app=c:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"{8B44CBA6-0188-405D-84DB-73559112E372}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8C8B6FB4-8168-40BF-9D73-1C283E805D7E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{8E05DC06-3DA1-4F61-B834-066F5D5D9D02}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe |
"{95C0779F-1B25-4FC1-9DE5-E68B521FD31A}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe |
"{9A854E8E-DE4B-4483-931F-5F9123E4D092}" = protocol=6 | dir=in | app=c:\cygwin\bin\xwin.exe |
"{9C10CDA2-E42E-467C-A873-8532A3256BF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9D64CE65-D3D5-42F5-A74A-CD49BF2B78C0}" = protocol=6 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\database\ingres\bin\iigcc.exe |
"{A6813100-BA7F-4CBB-96FD-833445010EA7}" = protocol=17 | dir=in | app=c:\program files\tortoisehg\thgw.exe |
"{AA0EC993-5B9B-4DE6-A8B1-25063ED51144}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ABA9D21D-E2DE-48A0-9042-8FE2637A6E34}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B016F854-1C40-4E20-9304-CBF2B88F824F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0EA791E-D9E5-4ED2-B26C-400591D41139}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B924CF34-AEB9-491D-A53B-9BFCD00E585F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C05283BC-C3CF-47A1-9704-68ECB988BDEB}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"{C36D0354-7CC7-48DF-9FCE-4C7284148191}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C69682F8-5B27-4801-804D-60D19281672C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9199A71-554B-4C19-ABDA-3D6E8AFCC491}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{CBB58B9D-B88C-44FD-9F12-F58CD1C9F651}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC3CF6CB-10EA-4911-A68D-7D80C0EB6EB2}" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_26\jre\bin\java.exe |
"{CDB48C3D-3DED-4A13-A0B0-E08FCC78C46F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE0B0EA4-444A-49B4-8289-0D4DD18D12E3}" = protocol=17 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\database\ingres\bin\iigcc.exe |
"{D13BF77D-A81A-4153-ABA8-EFA0694CCBA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4B9F7B9-799D-4A1A-9831-A515E312D853}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{DE47C1E9-9B15-4DF2-BD25-121EB8FEEC7D}" = protocol=17 | dir=in | app=c:\cygwin\bin\xwin.exe |
"{DF3F6602-4043-4C19-9772-7D8FB12A2403}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{E0577069-02B8-498D-A9A5-42B2E2723BBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E216F3AC-8474-43B5-875E-13916F63CC86}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E2974A5C-A657-4195-B540-97A9FEC34CAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9F073AE-53D9-423A-A593-D3C803C80CA0}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe |
"{ED25D21E-6532-4278-B812-08F5B860E9D9}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{EDC77514-D946-48DF-96C0-CD085836D13C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F25F36AD-3128-49E5-9388-7FB31484B984}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9797CC0-5458-4603-9B8C-AF527EF2334D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FBEABE68-7445-491D-8B68-1396C695E8F2}" = protocol=6 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\database\ingres\bin\iigcd.exe |
"{FC7B3049-154C-49E8-A564-7BB1E9FBBDCA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD8540FA-1DF1-4859-8D5A-959212509AB7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FEE511E1-CB95-443F-BA6C-AA1924F7B5A9}" = protocol=17 | dir=in | app=c:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"TCP Query User{0D0F5FFA-0444-4DDF-9F85-F05B0982C68F}C:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe |
"TCP Query User{1512B8AB-8AE4-4526-BCAF-E2DC33DEC2B1}C:\program files (x86)\java\jdk1.6.0_26\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_26\jre\bin\javaw.exe |
"TCP Query User{22871EFF-7427-4CBB-8EF4-993CFF38027E}C:\cygwin\bin\xwin.exe" = protocol=6 | dir=in | app=c:\cygwin\bin\xwin.exe |
"TCP Query User{2B026E30-0D35-4841-BF2A-6BEE1FF5967F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{2FEE23ED-027F-4632-8B28-C788A565C284}C:\program files\glassfish3\jdk7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\glassfish3\jdk7\bin\java.exe |
"TCP Query User{31C35DD4-853E-4EC4-903E-DDD25C6ADECF}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{3DBC4194-01CD-4CB5-8AAD-252A11CF892B}C:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{71817E56-37EB-460C-8AC1-544C380E46E3}C:\program files\java\jdk1.6.0_26\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_26\bin\java.exe |
"TCP Query User{788635F4-90E5-48A8-9580-244B204B5B95}C:\program files\java\jdk1.7.0_01\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\javaw.exe |
"TCP Query User{78A9AF4B-B8EE-4F0E-8AD3-3743CDDDA073}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe |
"TCP Query User{91CC0007-FEA8-4826-A697-29C1331B63D4}C:\program files\java\jdk1.6.0_26\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_26\jre\bin\java.exe |
"TCP Query User{A21C345A-D528-4622-B8F8-92E0DF6C977C}C:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
"TCP Query User{B6E53698-724C-477B-A5B2-72B5D0D853F2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B9052220-28C0-4AEB-9766-A4F8CABBB516}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{BD09697B-60DC-4408-8C7E-A41C7ACF67E2}C:\program files (x86)\rapid-i\rapidnet\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\jre\bin\javaw.exe |
"TCP Query User{C7AC182E-A132-4155-943A-0A198168C005}C:\program files\tortoisehg\thgw.exe" = protocol=6 | dir=in | app=c:\program files\tortoisehg\thgw.exe |
"TCP Query User{C919B8CE-C5D9-4CA6-A0DE-A252A4E50677}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{D7F89455-45CF-47F9-9396-1B77BEB56844}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{DC81FD78-2F9D-481D-ACC2-BFAF74296E31}C:\program files (x86)\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"TCP Query User{EE864F86-6FDF-44A6-8E64-EE14D9E8949B}C:\program files (x86)\postgresql\enterprisedb-apache\php\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\postgresql\enterprisedb-apache\php\apache\bin\httpd.exe |
"TCP Query User{EEB777B0-9785-4032-BAC1-153F83C8054E}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{F37D857B-73B7-4CAD-A0AF-470AB11A29F6}C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe |
"TCP Query User{FEAFE14F-8657-4B39-AF66-03687AD8AF5D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{0F4CA21C-6875-403E-9EB4-09F508F0446B}C:\program files (x86)\java\jdk1.6.0_26\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_26\jre\bin\javaw.exe |
"UDP Query User{248AED19-EF08-4F91-92AA-4B3EEB88B929}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe |
"UDP Query User{3A98B6A2-68A8-4EAA-9593-4832627389F5}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{4B419482-271A-4B5A-AC64-2997BC887912}C:\program files\java\jdk1.6.0_26\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_26\bin\java.exe |
"UDP Query User{55757337-CB9B-44B3-A134-D654C78CBE7B}C:\program files (x86)\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"UDP Query User{6D1F77E2-F268-4EE7-8EA4-EEBEFEED0B24}C:\program files\tortoisehg\thgw.exe" = protocol=17 | dir=in | app=c:\program files\tortoisehg\thgw.exe |
"UDP Query User{7F2CD71A-D924-4B32-8C25-28B38C6B83A1}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{8B280B61-A997-4825-BDFC-44EC2849DF2D}C:\program files (x86)\rapid-i\rapidnet\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rapid-i\rapidnet\jre\bin\javaw.exe |
"UDP Query User{95346695-867E-4202-9A48-C92DE6A0CA4C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{9F0A1331-2237-439D-8AA1-ADCE561AE048}C:\cygwin\bin\xwin.exe" = protocol=17 | dir=in | app=c:\cygwin\bin\xwin.exe |
"UDP Query User{A1534A38-527E-4B2F-8AD3-573A686A1657}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{AA1AF79A-2918-4377-BE07-417C1D443AC7}C:\program files\java\jdk1.6.0_26\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_26\jre\bin\java.exe |
"UDP Query User{AB1DD6F1-78BA-47A6-BDB4-6337746DE843}C:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia theatre 5\utotalmediatheatre5.exe |
"UDP Query User{AD874A0B-3B98-41DA-BC6B-E5D7AB790E31}C:\program files\glassfish3\jdk7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\glassfish3\jdk7\bin\java.exe |
"UDP Query User{B8747CE8-BDA3-42BE-8928-28DBDE421D43}C:\program files (x86)\postgresql\enterprisedb-apache\php\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\postgresql\enterprisedb-apache\php\apache\bin\httpd.exe |
"UDP Query User{BB17AF01-5356-4DC2-9F09-7AA0056C3EA1}C:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hobbyist software\vlc setup helper\mdnsresponder.exe |
"UDP Query User{BCDC4248-DB7E-4731-8252-DF46292854E3}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{C75EEF00-A28A-466F-9675-DE8C25351A66}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E5BB6B82-6839-46F6-91E6-BB6924871025}C:\program files\java\jdk1.7.0_01\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_01\bin\javaw.exe |
"UDP Query User{E92E09EC-2288-4BB2-8FC3-7F8A77BF947C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{F611D85D-D778-402A-B962-B2655653216D}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F845E2FB-6AED-4F48-B948-636025FFDCDD}C:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{FD47AB74-C5D5-411D-9CB6-3725E298D763}C:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files\wamp\bin\apache\apache2.2.21\bin\httpd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0067268E-3A9D-491F-A1F0-15D1662F9DE3}" = MySQL Server 5.5
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}" = Microsoft SQL Server System CLR Types (x64)
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{47BA3A3A-6B4E-307F-A43B-724079FE90C6}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1 (64-bit)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8583E7E3-2237-4981-B957-E28E5E9AB678}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIOR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-1000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-1000-0000000FF1CE}_Office14.VISIOR_{1F29ED16-958F-4278-B8DD-5F421E1166DA}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-1000-0000000FF1CE}_Office14.VISIOR_{9081486B-B26D-42DB-8D31-81C525A9526A}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64
"{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}" = Motorola Mobile Drivers Installation 5.4.0
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{B9B42FD7-57AF-4D81-8537-8B80ABC23ECD}" = TortoiseHg 2.3.0 (x64)
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C44218B2-EC4D-4EB9-A3E3-F8F4A46927EC}" = MySQL Connector/ODBC 5.1
"{C6400179-A2BD-4491-AD13-CEC9DD066246}" = Oracle VM VirtualBox 4.1.14
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{E802A021-0F24-3484-97F7-D74D74CB93A0}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"GPL Ghostscript 9.02" = GPL Ghostscript
"GrindEQ" = GrindEQ Math Utilities (x64) (remove only)
"GrindEQw2l" = GrindEQ Word-to-LaTeX (x64) (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista
"{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{090C73E1-BB48-403D-9DFF-A60FD71FF73A}" = MySQL Connector J
"{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{13B27F83-C633-4967-9E13-4B8C982E87CB}" = MySQL Installer
"{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish
"{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech
"{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24F919AA-4819-4241-9CCE-37AFB666EC81}" = HSearch Installation
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German
"{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English
"{2DDC7E93-29AB-4260-A9DB-697F7FA88157}" = MySQL Connector Net 6.4.4
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean
"{3CD4C30E-BD82-4592-B64A-8AD9784ECA9F}" = BMWi-Softwarepaket 10
"{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{525BA381-389C-4975-BDD3-C36DCF66D5BD}" = BMWi Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58582B88-0260-4C80-9A89-8CA0923AFD26}" = WordNet 2.1
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79846AA4-622E-5B48-18B2-02F53F423DFE}" = BMWi-Businessplaner Fuehren
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84E40904-0BC4-4645-9672-81119DEB9578}" = SQLite ADO.NET 2.0/3.5 Provider
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing
"{89E2DA1C-7AAA-A29B-0FF3-38375A85D3FE}" = Balsamiq Mockups For Desktop
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager
"{8A5B016F-D452-4650-92D4-219567EA257A}" = Bizagi Process Modeler
"{8D430DDB-7BC0-4072-9875-23A5D2989E32}" = MySQL Documents 5.5
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{936310AE-694E-4D55-9E5D-3A97B04DC289}" = MSRedists
"{944322AF-5D21-43F7-87DE-06BB30A1C369}" = MySQL Workbench 5.2 CE
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{975C3A93-2491-3D44-A071-F6CBF153E46D}" = Google Talk Plugin
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish
"{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A78D01C7-2979-11D5-BDFA-00B0D0AD4485}" = Ingres RN
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AE010604-007D-11DD-A3C1-001636EEECBD}" = Google App Engine
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light
"{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional
"{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6C3EAA5-8012-4239-BC80-BF189B79E58A}" = MySQL Examples and Samples 5.5
"{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New
"{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish
"{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation
"{CAD6AA29-9CA1-384D-8034-566261CFCC9B}" = Microsoft Visual Studio 2010 Professional - DEU
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Phone to PC 4.1.6.0
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian
"{DA0AB139-B29E-5B54-726C-B2A5CE6DA2CC}" = BMWi-Businessplaner Gründung
"{DBB123AF-C399-48BB-B3E3-14B953321D0B}" = AVRStudio4
"{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E4F5FEFF-AF01-4D35-B245-68D47C1ACA6A}" = Ingres .NET Data Provider 2.1
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek
"1106-5897-7327-6550" = Visual Paradigm for UML 9.0
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"abgx360" = abgx360 v1.0.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Android SDK Tools" = Android SDK Tools
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1" = Balsamiq Mockups For Desktop
"BeyondCompare3_is1" = Beyond Compare Version 3.3.3
"BMWi Updater" = BMWi Updater
"BMWiBusinessplanerFuehren" = BMWi-Businessplaner Fuehren
"BMWiBusinessplanerGruenden" = BMWi-Businessplaner Gründung
"BMWi-Softwarepaket 10" = BMWi-Softwarepaket 10
"DAEMON Tools Lite" = DAEMON Tools Lite
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"Digital Editions" = Adobe Digital Editions
"EPSON Scanner" = EPSON Scan
"EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series
"Foxit Reader_is1" = Foxit Reader 5.1
"Identity Card" = Identity Card
"ImgBurn" = ImgBurn
"Ingres RN" = Ingres RN
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{8A5B016F-D452-4650-92D4-219567EA257A}" = Bizagi Process Modeler
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012
"iTwin_is1" = iTwin 3.2 Final
"JDownloader" = JDownloader
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft Visual Studio 2010 Professional - DEU" = Microsoft Visual Studio 2010 Professional - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 13.0.1 (x86 de)" = Mozilla Thunderbird 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MS Access 97 SP2" = MS Access 97 SP2
"Notepad++" = Notepad++
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"QF-Test_is1" = QF-Test 3.4.3
"SimCity 3000 Unlimited" = SimCity 3000 Unlimited
"SmartCVS 7.1_is1" = SmartCVS 7.1.6
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"VLC media player" = VLC media player 1.1.7
"VLC Setup Helper_is1" = VLC Setup Helper
"WampServer 2_is1" = WampServer 2.2
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088216" = Agatha Christie - Death on the Nile
"WT088226" = Bejeweled 2 Deluxe
"WT088228" = Build-a-lot 2
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088292" = Zuma Deluxe
"WT088416" = FATE
"WT088420" = Final Drive Nitro
"WT088448" = John Deere Drive Green
"WT088452" = Penguins!
"WT088456" = Polar Bowler
"WT088460" = Polar Golfer
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"pdfsam" = pdfsam
"RapidMiner 5" = RapidMiner 5
"RapidNet" = RapidNet
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Violet UML Editor" = Violet UML Editor
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.07.2012 02:36:37 | Computer Name = term | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 5.1.3.1201,
Zeitstempel: 0x4ed6f47d Name des fehlerhaften Moduls: facebook_plugin.fpi_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4ed5d143 Ausnahmecode: 0xc0000005 Fehleroffset:
0x06092978 ID des fehlerhaften Prozesses: 0x1194 Startzeit der fehlerhaften Anwendung:
0x01cd5753be1c2ec6 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Foxit
Software\Foxit Reader\Foxit Reader.exe Pfad des fehlerhaften Moduls: facebook_plugin.fpi
Berichtskennung:
1b2a8a61-c347-11e1-8370-afa3da3a6861
Error - 01.07.2012 02:36:39 | Computer Name = term | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 5.1.3.1201,
Zeitstempel: 0x4ed6f47d Name des fehlerhaften Moduls: facebook_plugin.fpi_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4ed5d143 Ausnahmecode: 0xc0000005 Fehleroffset:
0x06042978 ID des fehlerhaften Prozesses: 0x107c Startzeit der fehlerhaften Anwendung:
0x01cd5753b62f9031 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Foxit
Software\Foxit Reader\Foxit Reader.exe Pfad des fehlerhaften Moduls: facebook_plugin.fpi
Berichtskennung:
1cbacd2d-c347-11e1-8370-afa3da3a6861
Error - 01.07.2012 02:36:43 | Computer Name = term | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Foxit Reader.exe, Version: 5.1.3.1201,
Zeitstempel: 0x4ed6f47d Name des fehlerhaften Moduls: facebook_plugin.fpi_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4ed5d143 Ausnahmecode: 0xc0000005 Fehleroffset:
0x06252978 ID des fehlerhaften Prozesses: 0xb28 Startzeit der fehlerhaften Anwendung:
0x01cd5753a894b2b2 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Foxit
Software\Foxit Reader\Foxit Reader.exe Pfad des fehlerhaften Moduls: facebook_plugin.fpi
Berichtskennung:
1ea89aa8-c347-11e1-8370-afa3da3a6861
Error - 01.07.2012 05:10:12 | Computer Name = term | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\bizosys\hsearch-0.90\bin\chmod.exe". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2012 07:42:47 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.07.2012 07:42:47 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 999
Error - 01.07.2012 07:42:47 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 999
Error - 01.07.2012 07:42:48 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.07.2012 07:42:48 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2028
Error - 01.07.2012 07:42:48 | Computer Name = term | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2028
[ System Events ]
Error - 25.06.2012 11:07:44 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 26.06.2012 08:04:20 | Computer Name = term | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR6 gefunden.
Error - 29.06.2012 02:36:30 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 02.07.2012 09:27:57 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 03.07.2012 14:06:14 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 04.07.2012 03:22:59 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 04.07.2012 03:29:25 | Computer Name = term | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 04.07.2012 03:44:44 | Computer Name = term | Source = DCOM | ID = 10010
Description =
Error - 04.07.2012 03:46:05 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
Error - 04.07.2012 09:53:30 | Computer Name = term | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ArcSec
< End of report >
|
