Also für mich als Laie sieht es schonmal gut aus: Code:
ComboFix 12-07-21.01 - Voigt 23.07.2012 12:34:41.1.4 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16340.15320 [GMT 2:00]
ausgeführt von:: c:\users\Voigt\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Voigt\ace_uninstaller.exe
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-23 bis 2012-07-23 ))))))))))))))))))))))))))))))
.
.
2012-07-23 10:39 . 2012-07-23 10:39 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-22 21:51 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9C1632C5-2E68-442D-9BA6-88E527CC3E61}\mpengine.dll
2012-07-22 18:45 . 2012-07-22 18:45 -------- d-----w- C:\_OTL
2012-07-21 21:14 . 2012-07-22 14:35 -------- d-----w- c:\users\Voigt\AppData\Roaming\xsecva
2012-07-21 20:59 . 2012-07-21 21:00 -------- d-----w- c:\users\Voigt\AppData\Local\NFS Underground 2
2012-07-19 15:40 . 2012-07-19 15:40 -------- d-----w- c:\users\Voigt\jagexcache
2012-07-16 19:18 . 2012-07-16 19:18 -------- d-----w- c:\program files (x86)\Microsoft XNA
2012-07-14 21:23 . 2009-09-27 07:39 369152 ----a-w- c:\windows\SysWow64\avisynth.dll
2012-07-14 21:23 . 2005-07-14 10:31 32256 ----a-w- c:\windows\SysWow64\AVSredirect.dll
2012-07-14 21:23 . 2004-02-22 08:11 719872 ----a-w- c:\windows\SysWow64\devil.dll
2012-07-14 21:23 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2012-07-14 21:23 . 2004-01-24 22:00 70656 ----a-w- c:\windows\SysWow64\i420vfw.dll
2012-07-14 21:22 . 2012-07-14 21:22 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2012-07-14 21:17 . 2012-07-14 21:17 -------- d-----w- c:\program files (x86)\eRightSoft
2012-07-13 20:47 . 2012-07-13 20:48 -------- d-----w- c:\users\Voigt\AppData\Local\Ubisoft Game Launcher
2012-07-13 20:47 . 2012-07-13 20:47 -------- d-----w- c:\programdata\Solidshield
2012-07-13 20:33 . 2012-07-13 20:33 -------- d-----w- c:\users\Voigt\AppData\Roaming\Ubisoft
2012-07-13 20:32 . 2012-07-13 20:32 -------- d-----w- c:\program files (x86)\Ubisoft
2012-07-13 15:15 . 2012-07-13 15:15 -------- d-----w- c:\users\Voigt\AppData\Roaming\Trine2
2012-07-13 15:11 . 2012-07-13 15:11 -------- d-----w- c:\program files (x86)\Microsoft LifeCam
2012-07-13 15:11 . 2012-07-13 15:11 -------- d-----w- c:\program files\Microsoft LifeCam
2012-07-12 17:33 . 2012-07-12 17:33 -------- d-----w- C:\UnrealTournament
2012-07-12 15:31 . 2012-07-12 15:32 -------- d-----w- c:\users\Voigt\Heaven
2012-07-12 15:30 . 2012-07-12 15:30 -------- d-----w- c:\program files\Heaven DX11 Benchmark 3.0
2012-07-11 13:40 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 04:35 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-10 22:51 . 2012-07-10 22:53 -------- d-----w- c:\users\Voigt\AppData\Roaming\Red Alert 3
2012-07-10 21:57 . 2012-07-22 21:45 -------- d-----w- c:\users\Voigt\AppData\Roaming\tropico 4
2012-07-08 17:01 . 2012-07-08 17:01 -------- d-----w- c:\program files\StreamMyGame
2012-07-06 14:44 . 2012-07-06 14:44 -------- d-----w- c:\program files\MagiWOL
2012-07-05 21:41 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-04 13:32 . 2012-07-22 21:45 -------- d-----w- c:\users\WG
2012-07-01 18:23 . 2012-07-01 18:23 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-07-01 18:23 . 2012-07-01 18:23 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-28 15:44 . 2012-06-28 15:44 428904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-06-25 18:29 . 2012-06-25 18:29 -------- d-----w- c:\users\Voigt\AppData\Roaming\Notepad++
2012-06-25 18:29 . 2012-06-25 18:29 -------- d-----w- c:\program files\Notepad++
2012-06-25 18:15 . 2012-06-25 18:15 -------- d-----w- c:\users\Voigt\AppData\Local\My Games
2012-06-25 18:14 . 2012-06-25 18:14 -------- d-----w- c:\programdata\REVOLT
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 18:25 . 2012-05-08 16:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 18:25 . 2012-05-08 16:40 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-29 03:37 . 2012-05-08 16:02 969064 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-06-29 03:37 . 2012-05-08 16:02 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-29 03:37 . 2012-05-08 16:02 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-06-29 03:37 . 2012-05-08 16:02 2723688 ----a-w- c:\windows\system32\nvapi64.dll
2012-06-29 03:37 . 2012-05-08 16:02 1758056 ----a-w- c:\windows\system32\nvdispco64.dll
2012-06-28 23:56 . 2012-05-08 16:02 2667062 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-28 23:55 . 2012-05-08 16:02 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-06-28 23:55 . 2012-05-08 16:02 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-28 23:55 . 2012-05-08 16:02 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-06-28 23:55 . 2012-05-08 16:02 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-28 23:55 . 2012-05-08 16:02 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-06-28 23:55 . 2012-05-08 16:02 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-06-13 17:34 . 2012-06-13 17:34 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2012-06-02 22:19 . 2012-06-21 06:09 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:09 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:09 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:09 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:09 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:09 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:09 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:09 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:09 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 12:06 . 2012-05-09 17:35 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-05-26 12:06 . 2012-05-08 19:14 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-05-25 19:04 . 2012-05-08 19:14 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-25 17:47 . 2012-05-08 19:14 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-21 07:34 . 2012-05-08 16:02 1468264 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2012-05-18 18:29 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-05-18 18:29 . 2009-08-18 09:24 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-05-17 13:20 . 2012-05-17 13:14 21840 ----atw- c:\windows\SysWow64\SIntfNT.dll
2012-05-17 13:20 . 2012-05-17 13:14 17212 ----atw- c:\windows\SysWow64\SIntf32.dll
2012-05-17 13:20 . 2012-05-17 13:14 12067 ----atw- c:\windows\SysWow64\SIntf16.dll
2012-05-15 10:48 . 2012-05-23 09:45 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-05-23 09:45 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2012-05-15 10:48 . 2012-05-08 16:02 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-08 17:18 . 2012-05-08 17:18 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-08 17:18 . 2012-05-08 17:18 252296 ----a-w- c:\windows\system32\javaws.exe
2012-05-08 17:18 . 2012-05-08 17:18 188808 ----a-w- c:\windows\system32\javaw.exe
2012-05-08 17:18 . 2012-05-08 17:18 188808 ----a-w- c:\windows\system32\java.exe
2012-05-08 17:16 . 2012-05-08 17:16 772552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-05-08 17:16 . 2012-05-08 17:16 687560 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-08 16:17 . 2012-05-08 16:17 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-05-08 16:17 . 2012-05-08 16:17 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-05-08 16:17 . 2012-05-08 16:17 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-05-08 16:17 . 2012-05-08 16:17 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-05-08 16:17 . 2012-05-08 16:17 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-05-08 16:17 . 2012-05-08 16:17 82432 ----a-w- c:\windows\system32\icardie.dll
2012-05-08 16:17 . 2012-05-08 16:17 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-05-08 16:17 . 2012-05-08 16:17 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-05-08 16:17 . 2012-05-08 16:17 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-05-08 16:17 . 2012-05-08 16:17 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-05-08 16:17 . 2012-05-08 16:17 697344 ----a-w- c:\windows\system32\msfeeds.dll
2012-05-08 16:17 . 2012-05-08 16:17 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-05-08 16:17 . 2012-05-08 16:17 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-05-08 16:17 . 2012-05-08 16:17 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-05-08 16:17 . 2012-05-08 16:17 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-05-08 16:17 . 2012-05-08 16:17 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-05-08 16:17 . 2012-05-08 16:17 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-05-08 16:17 . 2012-05-08 16:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-05-08 16:17 . 2012-05-08 16:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-05-08 16:17 . 2012-05-08 16:17 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-05-08 16:17 . 2012-05-08 16:17 448512 ----a-w- c:\windows\system32\html.iec
2012-05-08 16:17 . 2012-05-08 16:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-05-08 16:17 . 2012-05-08 16:17 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-05-08 16:17 . 2012-05-08 16:17 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-05-08 16:17 . 2012-05-08 16:17 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-05-08 16:17 . 2012-05-08 16:17 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-05-08 16:17 . 2012-05-08 16:17 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-05-08 16:17 . 2012-05-08 16:17 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-08 16:17 . 2012-05-08 16:17 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-05-08 16:17 . 2012-05-08 16:17 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-05-08 16:17 . 2012-05-08 16:17 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-05-08 16:17 . 2012-05-08 16:17 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-05-08 16:17 . 2012-05-08 16:17 222208 ----a-w- c:\windows\system32\msls31.dll
2012-05-08 16:17 . 2012-05-08 16:17 197120 ----a-w- c:\windows\system32\msrating.dll
2012-05-08 16:17 . 2012-05-08 16:17 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-05-08 16:17 . 2012-05-08 16:17 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-05-08 16:17 . 2012-05-08 16:17 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-05-08 16:17 . 2012-05-08 16:17 160256 ----a-w- c:\windows\system32\wextract.exe
2012-05-08 16:17 . 2012-05-08 16:17 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-05-08 16:17 . 2012-05-08 16:17 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-05-08 16:17 . 2012-05-08 16:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-05-08 16:17 . 2012-05-08 16:17 149504 ----a-w- c:\windows\system32\occache.dll
2012-05-08 16:17 . 2012-05-08 16:17 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-05-08 16:17 . 2012-05-08 16:17 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-05-08 16:17 . 2012-05-08 16:17 12288 ----a-w- c:\windows\system32\mshta.exe
2012-05-08 16:17 . 2012-05-08 16:17 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-05-08 16:17 . 2012-05-08 16:17 114176 ----a-w- c:\windows\system32\admparse.dll
2012-05-08 16:17 . 2012-05-08 16:17 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-05-08 16:17 . 2012-05-08 16:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-05-08 16:17 . 2012-05-08 16:17 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-05-08 16:17 . 2012-05-08 16:17 103936 ----a-w- c:\windows\system32\inseng.dll
2012-05-08 16:17 . 2012-05-08 16:17 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-05-04 11:06 . 2012-06-13 21:16 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 11:00 . 2012-06-13 22:16 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-05-04 10:03 . 2012-06-13 21:16 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 21:16 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-07-01 18:23 . 2012-05-08 17:13 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-21 . E589BCD6041786C5E38E2D223C24C193 . 680960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
[-] 2010-11-21 . E589BCD6041786C5E38E2D223C24C193 . 680960 . . [6.1.7601.17514] .. c:\windows\system32\termsrv.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 94208 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 94208 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 94208 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 94208 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Infium"="c:\programme\QIP 2012 Jeak-Edition\qip.exe" [2011-12-28 7318992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 291608]
"Abyssus"="c:\programme\Razer Abyssus\razerhid.exe" [2010-05-10 223744]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
.
c:\users\Voigt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Voigt\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\programme\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-08 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 ALSysIO;ALSysIO;c:\users\Voigt\AppData\Local\Temp\ALSysIO64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GPU-Z;GPU-Z;c:\users\Voigt\AppData\Local\Temp\GPU-Z.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-08 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-01 113120]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-01-28 36720]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-20 1255736]
R4 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;c:\programme\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-12-22 818952]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R4 ArchiCrypt Ultimate RAM-Disk 3;ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk;c:\windows\system32\ACRAMDiskHandlerService64RD3.exe [2011-02-21 437208]
R4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\programme\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
R4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\programme\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
R4 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2012-04-19 736104]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [2010-11-22 303408]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-05-08 834544]
S1 ACMoFlex64RD3;ACMoFlex64RD3;c:\windows\system32\drivers\ACMoFlex64RD3.sys [2011-02-21 24536]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/05/31 22:48];c:\programme\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl [2012-01-11 20:57 146928]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-01-10 120408]
S2 DokanMounter;DokanMounter;c:\program files (x86)\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\programme\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-28 382312]
S2 TeamViewer7;TeamViewer 7;c:\users\Voigt\temp\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys [2009-10-30 10880]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 18:25]
.
2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-08 17:14]
.
2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-08 17:14]
.
2012-07-23 c:\windows\Tasks\QIPdater 2012.job
- c:\programme\QIP 2012 Jeak-Edition\qipdater.exe [2012-01-02 10:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 97792 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 97792 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 97792 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:58 97792 ----a-w- c:\users\Voigt\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-03-20 6468712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: Nach Microsoft &Excel exportieren - c:\programme\Microsoft Office\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Voigt\AppData\Roaming\Mozilla\Firefox\Profiles\n92hw3xj.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
AddRemove-BattlEye for A2 - c:\spiele\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - c:\spiele\steam\steamapps\common\arma 2 operation arrowheadExpansion\BattlEye\UnInstallBE.exe
AddRemove-Sid Meier's Alpha Centauri - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\programme\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-435027588-1902165278-2241592477-1000\Software\SecuROM\License information*]
"datasecu"=hex:8f,90,ea,dd,49,1e,e0,f6,7b,22,ed,ee,f4,fe,b5,92,2b,d3,4d,2e,06,
45,ab,93,38,e2,92,d8,58,6d,50,30,c2,32,ba,47,50,e1,99,e6,e2,86,e6,35,dd,d7,\
"rkeysecu"=hex:84,b3,73,79,02,49,bd,b7,3d,ff,a9,08,46,30,75,c7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\programme\Razer Abyssus\razerofa.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-23 12:41:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-23 10:41
.
Vor Suchlauf: 16 Verzeichnis(se), 98.135.912.448 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 119.148.654.592 Bytes frei
.
- - End Of File - - BC69C2CE883CF17B8BF3FED98A84407C Code:
OTL logfile created on: 23.07.2012 12:43:07 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Voigt\Desktop\Trojaner
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,96 Gb Total Physical Memory | 14,15 Gb Available Physical Memory | 88,69% Memory free
31,91 Gb Paging File | 30,14 Gb Available in Paging File | 94,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476,84 Gb Total Space | 111,06 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive F: | 931,50 Gb Total Space | 168,11 Gb Free Space | 18,05% Space Free | Partition Type: NTFS
Computer Name: VOIGTPC | User Name: Voigt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Voigt\Desktop\Trojaner\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Voigt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Users\Voigt\temp\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Programme\QIP 2012 Jeak-Edition\qip.exe (QIP)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe ()
PRC - C:\Programme\Razer Abyssus\razerhid.exe ()
PRC - C:\Programme\Razer Abyssus\razerofa.exe (Razer Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\QIP 2012 Jeak-Edition\Protos\Social\Social.dll ()
MOD - C:\Programme\QIP 2012 Jeak-Edition\Protos\MRA\mra.dll ()
MOD - C:\Programme\QIP 2012 Jeak-Edition\Protos\MRA\pics.dll ()
MOD - C:\Programme\QIP 2012 Jeak-Edition\Protos\InfICQ\inficq.dll ()
MOD - C:\Programme\QIP 2012 Jeak-Edition\Core\voip.dll ()
MOD - C:\Programme\XSplit\avformat-53.dll ()
MOD - C:\Programme\XSplit\avutil-51.dll ()
MOD - C:\Programme\XSplit\avcodec-53.dll ()
MOD - C:\Programme\XSplit\swscale-0.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Razer Abyssus\razerhid.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (ArchiCrypt Ultimate RAM-Disk 3) -- C:\Windows\SysNative\ACRAMDiskHandlerService64RD3.exe (Softwareentwicklung Remus - ArchiCrypt)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TunngleService) -- C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer7) -- C:\Users\Voigt\temp\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Programme\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CLHNServiceForPowerDVD12) -- C:\Programme\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (CyberLink Corp.)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Programme\PowerDVD12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (ABBYY.Licensing.FineReader.Professional.11.0) -- C:\Programme\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (DokanMounter) -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe ()
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) Intel(R) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) Intel(R) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) Intel(R) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ACMoFlex64RD3) -- C:\Windows\SysNative\drivers\ACMoFlex64RD3.sys (Softwareentwicklung Remus - ArchiCrypt.com)
DRV:64bit: - (Dokan) -- C:\Windows\SysNative\drivers\dokan.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (mirrorv3) -- C:\Windows\SysNative\drivers\rminiv3.sys (Famatech International Corp.)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\vHidDev.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Abyssus) -- C:\Windows\SysNative\drivers\Abyssus.sys (Razer (Asia-Pacific) Pte Ltd)
DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (BrSerIf) -- C:\Windows\SysNative\drivers\BrSerIf.sys (Brother Industries Ltd.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Programme\PowerDVD12\PowerDVD12\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ntk_PowerDVD12) -- C:\Programme\PowerDVD12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys (Cyberlink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 475801843
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AD C1 C9 61 A3 1C CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..network.proxy.no_proxies_on: "local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files (x86)\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.08 19:14:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.01 20:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.05.12 14:10:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.01 20:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.12 14:10:26 | 000,000,000 | ---D | M]
[2012.05.09 09:01:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Voigt\AppData\Roaming\mozilla\Extensions
[2012.05.14 10:58:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Voigt\AppData\Roaming\mozilla\Firefox\Profiles\n92hw3xj.default\extensions
[2012.05.14 10:58:39 | 000,023,087 | ---- | M] () (No name found) -- C:\USERS\VOIGT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N92HW3XJ.DEFAULT\EXTENSIONS\{5B52016C-D097-4AEC-BE61-9F129D8FDDBA}.XPI
[2012.05.08 19:22:28 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
O1 HOSTS File: ([2012.07.23 12:40:32 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Abyssus] C:\Programme\Razer Abyssus\razerhid.exe ()
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Infium] C:\Programme\QIP 2012 Jeak-Edition\qip.exe (QIP)
O4 - Startup: C:\Users\Voigt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Voigt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEF89CC2-A147-4C17-A801-26A40303533D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.23 12:42:06 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Desktop\Trojaner
[2012.07.23 12:41:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.07.23 12:40:32 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.07.23 12:34:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.07.23 12:34:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.07.23 12:34:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.07.23 12:34:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.07.23 12:34:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.07.23 12:28:55 | 004,582,474 | R--- | C] (Swearware) -- C:\Users\Voigt\Desktop\ComboFix.exe
[2012.07.22 20:45:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.21 23:14:01 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\xsecva
[2012.07.21 22:59:39 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Local\NFS Underground 2
[2012.07.21 22:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2012.07.19 17:40:32 | 000,000,000 | ---D | C] -- C:\Users\Voigt\jagexcache
[2012.07.18 16:02:29 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Documents\Hard Reset Extended
[2012.07.16 21:19:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.07.16 21:18:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012.07.16 12:54:55 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Documents\Dust
[2012.07.14 23:23:01 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2012.07.14 23:23:01 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2012.07.14 23:23:01 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012.07.14 23:23:01 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2012.07.14 23:22:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2012.07.14 23:19:31 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drvc.dll
[2012.07.14 23:19:31 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2012.07.14 23:19:31 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2012.07.14 23:19:31 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2012.07.14 23:19:31 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2012.07.14 23:19:31 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2012.07.14 23:19:31 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2012.07.14 23:19:31 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2012.07.14 23:19:31 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2012.07.14 23:19:31 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2012.07.14 23:19:31 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2012.07.14 23:19:31 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2012.07.14 23:19:31 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2012.07.14 23:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012.07.14 23:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPER
[2012.07.14 23:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2012.07.13 23:31:25 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Documents\ANNO 2070
[2012.07.13 22:47:23 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Local\Ubisoft Game Launcher
[2012.07.13 22:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2012.07.13 22:33:44 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\Ubisoft
[2012.07.13 22:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.07.13 17:15:56 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\Trine2
[2012.07.13 17:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2012.07.13 17:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2012.07.13 17:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2012.07.12 19:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament G.O.T.Y. Edition
[2012.07.12 19:33:08 | 000,000,000 | ---D | C] -- C:\UnrealTournament
[2012.07.12 17:31:08 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Heaven
[2012.07.12 17:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
[2012.07.12 17:30:33 | 000,000,000 | ---D | C] -- C:\Program Files\Heaven DX11 Benchmark 3.0
[2012.07.11 10:44:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.11 10:44:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.11 10:44:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.11 10:44:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.11 10:44:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.11 10:44:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.11 10:44:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.11 10:44:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.11 10:44:46 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.11 10:44:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.11 10:44:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.11 10:44:46 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.11 10:44:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.11 06:35:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 06:35:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.11 06:35:16 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 06:35:16 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 06:35:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 00:51:31 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\Red Alert 3
[2012.07.10 23:57:52 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\tropico 4
[2012.07.08 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\StreamMyGame
[2012.07.06 16:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\MagiWOL
[2012.07.06 14:07:07 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Documents\Remote Assistance Logs
[2012.07.05 23:41:17 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.05 11:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidShare
[2012.07.03 17:20:12 | 026,226,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.07.03 17:20:12 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.07.03 17:20:12 | 019,828,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.07.03 17:20:12 | 018,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.07.03 17:20:12 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.07.03 17:20:12 | 015,290,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.07.03 17:20:12 | 014,806,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.07.03 17:20:12 | 012,388,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.07.03 17:20:12 | 009,164,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.07.03 17:20:12 | 007,699,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.07.03 17:20:12 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.07.03 17:20:12 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.07.03 17:20:12 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.07.03 17:20:12 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.07.03 17:20:12 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.07.03 17:20:12 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.07.03 17:20:12 | 000,828,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012.07.03 17:20:12 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012.07.03 17:20:12 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012.07.03 17:20:12 | 000,188,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.07.03 17:20:12 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.07.02 01:02:07 | 000,000,000 | ---D | C] -- C:\Users\Voigt\Documents\Endless Space
[2012.06.30 20:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games
[2012.06.25 20:29:05 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\Notepad++
[2012.06.25 20:29:05 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.06.25 20:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.06.25 20:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012.06.25 20:15:00 | 000,000,000 | ---D | C] -- C:\Users\Voigt\AppData\Local\My Games
[2012.06.25 20:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\REVOLT
[2012.06.25 20:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Civilization.V.GOTY.incl.Gods.and.Kings
[1 C:\Users\Voigt\Desktop\*.tmp files -> C:\Users\Voigt\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.23 12:40:36 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.23 12:40:32 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\QIPdater 2012.job
[2012.07.23 12:40:32 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.07.23 12:40:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.23 12:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.23 12:29:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.23 12:28:56 | 004,582,474 | R--- | M] (Swearware) -- C:\Users\Voigt\Desktop\ComboFix.exe
[2012.07.23 12:11:40 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 12:11:40 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.23 12:10:29 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.23 12:10:29 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.23 12:10:29 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.23 12:10:29 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.23 12:10:29 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.19 17:48:14 | 000,000,024 | ---- | M] () -- C:\Users\Voigt\random.dat
[2012.07.19 17:40:32 | 000,000,044 | ---- | M] () -- C:\Users\Voigt\jagex_cl_runescape_LIVE.dat
[2012.07.14 23:12:07 | 000,116,854 | ---- | M] () -- C:\Users\Voigt\Desktop\League_of_Legends_LOGO.jpg
[2012.07.14 23:08:48 | 344,989,520 | ---- | M] () -- C:\Users\Voigt\Desktop\ts3_recording_12_07_14_22_38_44.wav
[2012.07.12 23:52:01 | 000,001,282 | ---- | M] () -- C:\Users\Voigt\Desktop\shutdown.lnk
[2012.07.12 20:25:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.12 20:25:37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.12 17:30:45 | 000,003,072 | ---- | M] () -- C:\Users\Voigt\AppData\Local\file__0.localstorage
[2012.07.11 16:48:12 | 000,288,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.11 15:46:51 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini
[2012.07.08 18:00:06 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.07.08 18:00:06 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2012.07.06 11:10:58 | 000,007,608 | ---- | M] () -- C:\Users\Voigt\AppData\Local\Resmon.ResmonCfg
[2012.07.04 15:30:29 | 000,000,000 | -H-- | M] () -- C:\Users\Voigt\Documents\Default.rdp
[2012.06.29 05:37:00 | 026,226,536 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.29 05:37:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.29 05:37:00 | 019,828,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.06.29 05:37:00 | 018,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.29 05:37:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.06.29 05:37:00 | 015,290,216 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.06.29 05:37:00 | 014,806,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.06.29 05:37:00 | 012,388,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.06.29 05:37:00 | 009,164,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.29 05:37:00 | 007,699,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.06.29 05:37:00 | 002,744,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.29 05:37:00 | 002,723,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.06.29 05:37:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.06.29 05:37:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.06.29 05:37:00 | 002,216,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.29 05:37:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.06.29 05:37:00 | 001,758,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.06.29 05:37:00 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.06.29 05:37:00 | 000,969,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012.06.29 05:37:00 | 000,828,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012.06.29 05:37:00 | 000,247,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012.06.29 05:37:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012.06.29 05:37:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.06.29 05:37:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.06.29 05:37:00 | 000,016,048 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.06.29 01:56:15 | 002,667,062 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.06.29 01:55:57 | 003,266,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.06.29 01:55:46 | 006,193,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.06.29 01:55:40 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.06.29 01:55:40 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.06.29 01:55:39 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.06.28 17:44:42 | 000,428,904 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[1 C:\Users\Voigt\Desktop\*.tmp files -> C:\Users\Voigt\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.23 12:34:09 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.23 12:34:09 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.23 12:34:09 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.23 12:34:09 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.23 12:34:09 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.07.19 17:40:32 | 000,000,044 | ---- | C] () -- C:\Users\Voigt\jagex_cl_runescape_LIVE.dat
[2012.07.19 17:40:32 | 000,000,024 | ---- | C] () -- C:\Users\Voigt\random.dat
[2012.07.14 23:23:01 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.07.14 23:19:31 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2012.07.14 23:19:31 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax
[2012.07.14 23:19:31 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2012.07.14 23:19:31 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2012.07.14 23:19:31 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2012.07.14 23:19:31 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.07.14 23:19:31 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2012.07.14 23:19:31 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2012.07.14 23:19:31 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2012.07.14 23:19:31 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2012.07.14 23:19:31 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2012.07.14 23:12:07 | 000,116,854 | ---- | C] () -- C:\Users\Voigt\Desktop\League_of_Legends_LOGO.jpg
[2012.07.14 22:38:51 | 344,989,520 | ---- | C] () -- C:\Users\Voigt\Desktop\ts3_recording_12_07_14_22_38_44.wav
[2012.07.12 17:30:45 | 000,003,072 | ---- | C] () -- C:\Users\Voigt\AppData\Local\file__0.localstorage
[2012.07.11 15:46:51 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012.07.04 15:30:29 | 000,000,000 | -H-- | C] () -- C:\Users\Voigt\Documents\Default.rdp
[2012.06.28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.06.20 15:08:18 | 000,000,219 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.06.20 15:08:18 | 000,000,084 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.06.20 15:08:11 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012.06.20 15:08:11 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.06.20 15:08:11 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.06.14 23:37:11 | 000,000,258 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012.05.21 16:22:29 | 000,007,608 | ---- | C] () -- C:\Users\Voigt\AppData\Local\Resmon.ResmonCfg
[2012.05.18 15:31:56 | 000,000,262 | ---- | C] () -- C:\Windows\game.ini
[2012.05.17 15:14:42 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012.05.17 15:14:42 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012.05.17 15:14:42 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.05.17 14:27:12 | 000,000,224 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012.05.15 23:04:01 | 000,004,439 | ---- | C] () -- C:\Windows\jhbqq32.ini
[2012.05.15 23:04:01 | 000,001,442 | ---- | C] () -- C:\Windows\cxpcqs-h48.ini
[2012.05.14 10:58:07 | 000,000,600 | ---- | C] () -- C:\Users\Voigt\PUTTY.RND
[2012.05.08 21:14:34 | 000,281,032 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.08 21:14:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.08 20:02:52 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.08 19:14:34 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.08 18:12:09 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.05.08 18:12:09 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.05.08 18:05:49 | 000,057,494 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.05.08 18:04:35 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.05.08 18:04:29 | 000,040,555 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.01.10 14:49:16 | 000,035,840 | ---- | C] () -- C:\Windows\SysWow64\dokan.dll
========== LOP Check ==========
[2012.05.11 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\.minecraft
[2012.05.31 21:22:59 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\aacs
[2012.05.08 19:04:28 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\ArchiCrypt Ultimate RAM-Disk3
[2012.05.13 16:06:15 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Ashampoo
[2012.06.04 21:13:46 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Cinspiration
[2012.05.08 19:59:48 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\DAEMON Tools Lite
[2012.07.23 12:40:38 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Dropbox
[2012.07.22 23:45:25 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\IrfanView
[2012.05.08 18:30:32 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\jeak.de
[2012.07.10 23:56:35 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Kalypso Media
[2012.05.08 23:15:59 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\LolClient
[2012.05.24 18:13:06 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\LolClient2
[2012.06.25 20:29:16 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Notepad++
[2012.05.08 18:05:07 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Opera
[2012.05.08 20:20:34 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Origin
[2012.05.08 21:13:59 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\QuickStoresToolbar
[2012.06.13 20:30:55 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Radmin
[2012.06.20 19:51:50 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\RapidShare
[2012.07.11 00:53:39 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Red Alert 3
[2012.05.13 00:37:24 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\ScummVM
[2012.06.19 14:27:28 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\six-updater
[2012.06.13 14:14:26 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\six-zsync
[2012.06.20 09:26:51 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Spirited Machine
[2012.05.08 19:28:48 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\SplitMediaLabs
[2012.06.13 19:53:48 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\TeamViewer
[2012.05.09 15:50:47 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\The Creative Assembly
[2012.07.13 17:15:56 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Trine2
[2012.07.22 23:45:25 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\tropico 4
[2012.06.13 19:47:38 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\TrueCrypt
[2012.07.22 23:45:25 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\TS3Client
[2012.05.17 18:41:15 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Tunngle
[2012.07.13 22:33:44 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\Ubisoft
[2012.06.19 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\uTorrent
[2012.07.22 16:35:55 | 000,000,000 | ---D | M] -- C:\Users\Voigt\AppData\Roaming\xsecva
[2012.07.23 12:40:32 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\QIPdater 2012.job
[2012.06.30 16:47:05 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > Code:
OTL Extras logfile created on: 23.07.2012 12:43:07 - Run 2
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Voigt\Desktop\Trojaner
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,96 Gb Total Physical Memory | 14,15 Gb Available Physical Memory | 88,69% Memory free
31,91 Gb Paging File | 30,14 Gb Available in Paging File | 94,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476,84 Gb Total Space | 111,06 Gb Free Space | 23,29% Space Free | Partition Type: NTFS
Drive F: | 931,50 Gb Total Space | 168,11 Gb Free Space | 18,05% Space Free | Partition Type: NTFS
Computer Name: VOIGTPC | User Name: Voigt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Programme\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11133E79-9500-4273-B79C-7CDF258474AF}" = lport=56312 | protocol=17 | dir=in | name=pando media booster |
"{13C69212-5ED4-4F5B-B78F-702791566046}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E625BA7-0F15-434E-9B96-6B524525A580}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28FE33B0-F0F2-450E-8281-FEDF66D8B9AC}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C6FCC8A-701A-4B3F-994F-563F7685D2F5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DBE224A-573F-4363-BD8F-75F0CF40948D}" = rport=137 | protocol=17 | dir=out | app=system |
"{369E9668-5246-4633-83B3-ACBD0F67C6D1}" = lport=3389 | protocol=6 | dir=in | app=system |
"{39DF2746-ED90-439E-A6BF-E056CAB23937}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3E0640D7-2938-4A80-B5C3-952C64F8EE41}" = lport=138 | protocol=17 | dir=in | app=system |
"{55F9E4E9-4AAC-492A-AB23-ECDB8FAD770E}" = lport=139 | protocol=6 | dir=in | app=system |
"{63BD3D38-625F-4946-8B62-A171392EECCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FFD4446-FC97-4620-8F2B-ADAFBC856FE4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76C3AF4F-95FE-44EE-89AA-286624499633}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84F23324-4F20-4507-B549-751D603CBBFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87A52F7D-F8F6-4FE8-B3F5-8AE2694D4D2F}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{94166667-E0A5-4F94-B34B-F37C76D0943B}" = rport=138 | protocol=17 | dir=out | app=system |
"{957B8CA8-B656-48A8-9D41-19CF210C8CAD}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{97767966-CA2B-4ACA-8647-231F6CC136F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{988B632A-753F-4E69-9114-797BB198B221}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B0A7F8A-A6D7-44F6-8F1F-DAE985B4E1ED}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EF12D9B-58EE-421F-88CC-F30E89362862}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9F05A85C-C8B0-4E70-AB5E-98C72F1A1415}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{A0F2C23F-1288-4364-8D78-FA3F9F21A9EB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AFA15AD9-8B5B-46C9-B107-CE820D2EC968}" = lport=3389 | protocol=6 | dir=in | app=system |
"{B2963B52-0FFF-432A-925B-A05D9101CA48}" = lport=56312 | protocol=17 | dir=in | name=pando media booster |
"{B42DF9FB-96F9-4C96-8BD9-8C4B2662F314}" = lport=445 | protocol=6 | dir=in | app=system |
"{B7EE538B-854B-4BBA-BBB9-A13634203FA7}" = lport=56312 | protocol=6 | dir=in | name=pando media booster |
"{C1A4CD50-CB3A-448D-B166-C31D6B25FDFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C209176D-C629-42A1-8BD5-26CE80953AA0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D9449613-3442-4411-A8E3-C949B916422D}" = rport=139 | protocol=6 | dir=out | app=system |
"{EB9E521A-9442-4581-82CD-C9EBD5F68352}" = lport=56312 | protocol=6 | dir=in | name=pando media booster |
"{FA666194-EC25-43EC-B53C-BF3CCF8FD4DC}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EEE9B0-D818-4E79-9311-FF95AB12070D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{019B5410-9923-41B0-BD2E-F25BE431BACB}" = protocol=17 | dir=in | app=c:\users\voigt\temp\teamviewer\version7\teamviewer_service.exe |
"{0219837D-8BAE-47EA-8D83-CA09128B9BA5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0264D0CE-A0FE-4F12-B842-66C239A82795}" = protocol=17 | dir=in | app=c:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe |
"{05989811-D626-4A99-ADE6-D7296DC16572}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\empire total war\empire.exe |
"{06132A31-C871-4D7A-B48E-1E7CD5DFBAA0}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{07561F57-7F02-4D5F-A78B-8ABF1778976A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{0987F1FA-9BDB-44F9-9B2E-C0071DE1F2ED}" = dir=out | app=%systemdrive%\spiele\port royale 3\appdata.exe |
"{0F95868E-1B10-4A20-9487-8ED220D2E31F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{0FFCBFAD-408F-4611-8853-D2C05950C274}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{13716341-DE41-4599-B8FC-2E41E461B424}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{15874ECF-AB61-440E-BD07-8BFBB83BCE71}" = protocol=6 | dir=in | app=c:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe |
"{15D3413E-337C-4177-86F1-C582AEC5B353}" = protocol=17 | dir=in | app=c:\spiele\battlefield 3\bf3.exe |
"{16403E0F-4E16-486D-842B-3BA485B369AE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{19A7874C-E5EE-4CAF-9E68-8F52B12825B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1ABDE08D-6884-43FF-9FAC-A95AB4A33004}" = protocol=17 | dir=in | app=c:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe |
"{1B2EFB11-81DC-4011-A65D-0B5C590BE6D2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{1CDF3874-430B-42C1-AD09-04E080CA2533}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{1D74C941-BD08-4E42-81BE-3890A43C8992}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1E57E4D8-B6E3-4995-B1D3-61C24B36C54E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{1FD8A704-442A-4F12-ACD0-3A631FF3AB56}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\metro 2033\metro2033.exe |
"{200BD918-E7CC-4217-A6C5-09C8D5398C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{20D17A80-1313-4C84-BB9F-157FA5ABA014}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{21E4CDC3-C289-4F86-851F-B4D4C0D4AC48}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{250E2690-4290-4A87-8089-985516B572A0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{269845BA-74F4-4F73-90A0-1C599479089B}" = protocol=6 | dir=in | app=c:\spiele\anno 2070\anno5.exe |
"{26E5DF80-CA7A-47E9-8B7F-0C6DBC842EB5}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\magicka\magicka.exe |
"{28816B91-CED9-48B6-B3EB-30F90E5CD44D}" = protocol=17 | dir=in | app=c:\spiele\diablo iii\diablo iii.exe |
"{2ABBF26C-0E80-41B7-9F44-7238F3F81324}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\powerdvd12ml.exe |
"{2B31C937-5F64-45E3-816A-D4C09267DE9B}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\empire total war\empire.exe |
"{2CAAFC8F-E93C-4D2A-A97B-5FE72A682E25}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{2D8F43F8-6F9B-4F3E-89A9-F17DF74A802B}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{2DD57997-022A-4C25-9070-5A418A375562}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{2EFF2310-DA83-482B-BB0B-F9A62363DFC7}" = protocol=17 | dir=in | app=c:\spiele\lost planet 2\lp2dx9.exe |
"{31EB821A-D956-41EF-93CB-67B2D2416D2F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{32C2881C-5288-4568-A958-998AC2EEE398}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\recettear\custom.exe |
"{357ADA6C-9941-45E0-BB01-207EC97F2BAA}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{35A5BF4D-E39A-4D32-8C36-F2CA9B2F6EEA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{36D544AB-70E5-458C-BE8F-0E5722961AEB}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{3759CA84-F401-421E-B0E0-9A1D0EC47DC2}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{3827F82E-6BEE-493A-A405-D4CAB45D88F3}" = protocol=6 | dir=in | app=c:\spiele\lost planet 2\lp2dx9.exe |
"{388A658F-290E-4A22-BA17-32DD444162E2}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{393EAA27-D57A-4F78-B577-8BE36B10F5E1}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{3A49EDEE-9FC9-447E-93C9-30DB8EF2EB0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{3B31709E-AC8D-4EF9-88B4-091559E5DC47}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\the binding of isaac\isaac.exe |
"{3B8D27CB-6EC1-4487-8663-12D296DE5A1A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3DFE8E92-60AA-4714-8CCB-9A1BA3ADDA8A}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3E162E53-6029-4F45-9987-0C59C3F00768}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3F5E0246-0A1C-40A8-B9AF-8E22E41BA860}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\from dust\from_dust.exe |
"{3F94EC1B-BE7A-4EDF-87F9-3BDD9827F9F5}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{429BD15B-D862-4E1F-A747-3247EF9A045A}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base5\dosbox.exe |
"{46A143F6-7745-4415-8049-4D08BB616C95}" = dir=in | app=c:\programme\qip 2012 jeak-edition\qip.exe |
"{46DAA37A-281D-4559-A05F-3C0A3F8494D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46EF7051-2947-42C9-B97D-845EF3246EAD}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base3\dosbox.exe |
"{484AEC97-2989-4065-9F14-4006F81CC929}" = dir=out | app=%programfiles%\powerdvd12\powerdvd12\powerdvd12.exe |
"{4881FBDE-6252-48C9-BCA5-04155330CAED}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{4A6EECA5-17B2-46FE-9DFA-3B5EA74F158E}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{4B1ADDCD-E3C9-410E-937E-F7946A993ED6}" = protocol=17 | dir=in | app=c:\spiele\guild wars 2\gw2.exe |
"{4D517E7F-D0A2-42FB-B546-757C206C701D}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\the binding of isaac\isaac.exe |
"{4E8302CF-419C-4C7F-BC4F-6348C2188E59}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4EA077DB-E6C9-464C-B734-3774CEB3A61E}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\empire total war\empire.exe |
"{4EE2864B-381F-4FC5-AF49-0CC8913BDBC2}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{50E5B809-32BA-4CC7-98D1-A30A87D1430D}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\magicka\magicka.exe |
"{518C7E9B-BEFB-4B1D-A9AD-F5A910C5F15A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{52DE310B-D6B7-4ED0-AFA8-EFCAEA2B1FE9}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\endless space\endlessspace.exe |
"{53F4FC20-45CB-4991-BF9D-43932D720811}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{551BCDB2-B9D0-4878-9E2B-BB12C171CA21}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{5568E85F-A1B1-4754-910C-9872952B8E83}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{55929CA1-6954-4884-8AD5-B83F9AA18B37}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{5D13BCB0-EA91-4C1A-A94F-1D48969A0384}" = protocol=6 | dir=in | app=c:\users\voigt\temp\teamviewer\version7\teamviewer.exe |
"{5E3DC797-B069-4481-9F44-1F6E3000A0DE}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{5F3B5360-3ABE-46C9-9A94-B4A831CBA610}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60A9877C-C440-4B02-9421-D4BF0491ECCA}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\monkey2\monkey2.exe |
"{60F3DD54-13EC-45FD-BAE6-B62CCDBFF7BB}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{62AB7480-60B8-4517-AB1E-E57A919F69AB}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\srcds.exe |
"{6316A827-1D3D-4576-B108-A8FF7DEE76B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63667025-A985-4978-A8CA-20C84AB0962C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{639A3913-B0F3-451C-97E3-56D9C5F29B13}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{642F9C5E-F080-44CB-98F6-43451E3DFFAB}" = protocol=6 | dir=in | app=f:\crack\gw2.exe |
"{64E4D1FD-D38B-4782-82F8-E81881C59807}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base2\dosbox.exe |
"{65CA0E8B-A8A9-4C88-BBD9-03D95F7800CF}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\tropico 4\tropico4.exe |
"{6673D8CE-DC50-4A81-96A7-553669BADDFD}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\portal 2\portal2.exe |
"{67453C0A-AE62-46EE-94D3-1116B23B528E}" = protocol=6 | dir=in | app=c:\spiele\arma 2\arma2oa.exe |
"{68484328-EDAB-4987-9477-A69B41D95C93}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{686A6C1E-BEF2-484F-90B3-77A45F4E252E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{69D41122-9570-4FDD-908D-2CDA9706304F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{6ADCF435-2F56-4BE6-AB5D-604AB9903D19}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6B9A2600-E518-47FD-BEA9-AE250A61634B}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{6BB04A43-4DC7-4BA4-8E94-F08D361990D9}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{6C252907-30F2-4913-BDE1-327B382DFB86}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{6E60A92E-60A8-478B-8F5C-877502D1841F}" = protocol=6 | dir=in | app=c:\spiele\diablo iii\diablo iii.exe |
"{6EF00E83-C466-44F3-B599-E01B88B753DC}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{6F4FB8A5-982F-4E61-BEBA-BB2418907068}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{6FAD891B-6B21-4E36-BFED-772E4FA557FB}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{6FB1D33B-6AAE-441B-A7C5-297CF2163E4D}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\endless space\endlessspace.exe |
"{70560EFD-C934-442B-9317-510A8660BFCF}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\medieval ii total war\launcher.exe |
"{723593D0-882E-408F-863C-F2898890C3D4}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\metro 2033\metro2033.exe |
"{729A5272-A0DD-4677-93D9-C0D70C8EEB80}" = protocol=6 | dir=in | app=c:\spiele\anno 2070\initengine.exe |
"{73F1AF60-8B6C-46DA-B53D-16C354FE0907}" = dir=out | app=%systemdrive%\spiele\tropico 4\tropico4.exe |
"{74B30F76-5006-447E-9580-9F195000E1B6}" = protocol=6 | dir=in | app=c:\users\voigt\temp\teamviewer\version7\teamviewer_service.exe |
"{75422710-34FF-48E6-9E59-DD81AF546DE4}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{757CA2FC-1B4B-4FA7-B786-055023D876DD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{76DB7F45-5237-4081-9F0B-4377B56F4323}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{78666ED4-E3AB-4450-BA8B-2E3E871C36C4}" = protocol=6 | dir=in | app=c:\spiele\lost planet 2\lp2dx11.exe |
"{7998AF52-CE4A-490A-B055-32A1630EA49A}" = protocol=17 | dir=in | app=c:\spiele\anno 2070\autopatcher.exe |
"{799FF451-B7D9-4F93-BFD8-6F89EECF293B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7AA3B83F-C619-4F41-8359-D38B9758D55A}" = protocol=6 | dir=out | app=system |
"{7BB50457-91A1-4EF7-82FE-146D72AD85FA}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\monkey2\monkey2.exe |
"{7BFAE219-806B-460C-BC01-896CA2EE4714}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\powerdvd12.exe |
"{7CFA3836-CD9A-4A6D-97F4-2540DB0E6E49}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7D95F6F3-D873-4D46-9FC2-9DAF1B9BB994}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7EF941B9-BB06-4712-97AE-419BB472B220}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{8083C60B-028F-47F0-8BBD-9E1BEFABE189}" = protocol=17 | dir=in | app=f:\crack\gw2.exe |
"{813F347B-4569-43AD-8F40-731462D075C4}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base2\dosbox.exe |
"{831F4A84-2A66-4DB7-ABF7-490F49492CF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84C2D230-FD9B-4257-A419-2007A6A0436A}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{8556E1D4-0BBF-4C03-8BD7-ED8F736BC5C9}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\hardreset\hardreset.exe |
"{856DA167-BCB3-4F72-884D-2B5C7C435608}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{856DF8B2-E839-437C-9B72-8E584ECDEC3D}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{8706AFED-BC85-48E4-9A60-8B826CCB469F}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{8978997A-0AF2-459C-A744-00F0AF4EB0D0}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base3\dosbox.exe |
"{8B565C4B-9B09-4026-A062-7192E8BF4878}" = protocol=6 | dir=in | app=c:\spiele\anno 2070\autopatcher.exe |
"{8B9431B0-7BC7-47F4-A12B-1753790D4D80}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{8F0222AB-FFE0-45A5-9068-EC59DA7C4FA2}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{8FCDE823-AE5C-4D90-B83B-81CC1B2EE46B}" = protocol=6 | dir=in | app=c:\spiele\guild wars 2\gw2.exe |
"{9212D8BB-CE88-44C0-B197-273AE6A285F2}" = protocol=17 | dir=in | app=c:\spiele\steam\steam.exe |
"{927B9602-8DC1-481B-B92E-7A15B8A1B08D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{940AFBF8-803E-4DE6-BBE2-B917118C502A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{9888571C-0443-4782-8904-F2F368068049}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99664804-0016-4012-8C2E-DE4C7924F2A1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9F168631-02D7-41AF-A20F-14FC7707882C}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base1\dosbox.exe |
"{9F9109F5-45FE-48F2-973E-39B51A6F556C}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{A15721B0-36F6-468C-9DEB-A5ADA6E2DA1A}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{A1BC0B4F-6AA6-430A-9348-7CB991DD958C}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base1\dosbox.exe |
"{A2D10247-8317-4E25-BB53-4685246491B9}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\recettear\recettear.exe |
"{A32AC50B-C25B-4961-9DDE-974BE5A572C3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A5C7FE5F-78E4-43EC-818E-29483B276C14}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base4\dosbox.exe |
"{A6B202F3-1B9F-4C61-9DC8-4E3527762552}" = protocol=6 | dir=in | app=c:\spiele\battlefield 3\bf3.exe |
"{A6C0B632-E63D-4822-96C7-E4AF1DFD79CE}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A80C30D9-B0BF-42B4-A382-4420D425FC9C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{A845A8C8-4ABA-488C-B7FD-F4725863F60D}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\portal 2\portal2.exe |
"{AA5D9BC0-3186-4FDE-BD67-E2EF830422B3}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{AAFE55DC-82AE-49E1-97E6-9209B03BDAEA}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{AC0D43F3-642B-472A-B6B7-038FB912E60F}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\srcds.exe |
"{AD9F49E8-2D67-4FDD-AEE8-0DE47FF0AADB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{B21BE642-99F5-459C-8845-10CC27637F18}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base5\dosbox.exe |
"{B23F30EB-C73E-4791-BFEE-DCE4B0AD43E9}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\empire total war\empire.exe |
"{B28B9842-46D6-49E6-A304-DA3E41BD5E30}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\tropico 4\tropico4.exe |
"{B2B86614-190A-4655-8B78-5BBF1CAC6551}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B2C849A3-EC17-486F-97DA-82FAB9642FBC}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\bastion\bastion.exe |
"{B31617DD-7048-4CE5-90DA-4F8D222BE93A}" = protocol=17 | dir=in | app=c:\spiele\arma 2\arma2oa.exe |
"{B3E10ADD-1B5C-4EBE-8DCB-48CF43AB316E}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{B6F56D61-2D49-4AA8-8DF9-789DFE6C8C99}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{B6FCE947-E252-4FC3-A67A-CCE58D85FC96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8203D78-448D-4DA5-A57B-64FF48C07C3F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B90DEB95-5D07-4D8A-9197-F0F7E717AAD4}" = dir=in | app=c:\spiele\port royale 3\portroyale3.exe |
"{B925A3E1-2150-4746-9219-5A5425270F0B}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{BC6D6763-1619-4ADE-8F96-1CFFF894ABFB}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{BD3D58B8-E724-454E-8741-1D05E3C514CC}" = dir=in | app=c:\programme\powerdvd12\powerdvd12\powerdvd12agent.exe |
"{BD56A8BB-CAF3-41CE-8182-48FCC15A4253}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{BDFA8673-1FDD-42F7-B961-DB6C811C9389}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{BEAE3679-672C-4157-B806-ACE9EA3E0EF5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C00E2CB6-A067-457B-BF89-6E345F883505}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{C0652C13-FF66-4B32-846E-AF91E53AF752}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{C10517D8-61B2-4BAC-8D77-19004753DEDF}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{C3AEAAA7-11F8-4746-80D0-F03771C88318}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{C53EFA67-E895-45B9-B208-03296141C47C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CB889DD3-7DE6-4065-8616-BD6D1305F3F6}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{CBEE602B-382D-469D-8329-73A434EFF3E4}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{CE87135D-64DE-49D7-8FBD-8F554AE47800}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CE92BD7C-FFA4-40F4-9A2E-AB2B76F1AE7C}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{CF226839-E06F-4A1F-AC7C-1566DB6EC719}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CFD3BF59-574F-4594-B9F4-65C961899C16}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D204C316-78D3-49A9-922B-B249DDD594D2}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{D25EAD5C-C7C8-4385-9FE5-ACF54E07D25C}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{D2B44AC8-3EC2-4381-8A95-F1AE6BF8298B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D31D9372-0042-4A4C-A1E7-E743EE1DD9FA}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\from dust\from_dust.exe |
"{D33D1B6E-8A21-4EB6-AE32-B00C7F6C6D1C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D47C7572-EF26-4338-BC3A-5593B507C248}" = protocol=6 | dir=in | app=c:\spiele\steam\steam.exe |
"{D611F84D-E6B4-429A-B086-33E8CE5E1DF9}" = protocol=6 | dir=in | app=c:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe |
"{D64DFB81-32BD-4AD0-A8F8-24CA6508A90A}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2\arma2.exe |
"{D7DA5464-6C7E-40E1-9893-77E8A6F987E9}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D7E6B534-E55B-4827-A15E-779672C42DF2}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{D971C6EA-C621-423A-9832-F6A2BAB1F3A8}" = protocol=17 | dir=in | app=c:\users\voigt\temp\teamviewer\version7\teamviewer.exe |
"{DAAE9F33-4F27-4A2C-972E-EC848053D7E5}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\bastion\bastion.exe |
"{DC2387B5-5A47-42CE-A50B-65FD1F9ABDA7}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{DC570DE1-5BF6-44D2-BACC-DB5B253C54BA}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\recettear\recettear.exe |
"{DD305C48-A433-46D2-AB4B-66C9373E5A65}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\medieval ii total war\launcher.exe |
"{DD553E55-2CE3-4972-8084-BFA0A9958025}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{DF20192E-1D55-40A4-B329-B2FA8A320637}" = protocol=17 | dir=in | app=c:\spiele\anno 2070\initengine.exe |
"{E80E490C-2BD3-4A4B-B2DA-3C1F8621BBF1}" = protocol=17 | dir=in | app=c:\spiele\anno 2070\anno5.exe |
"{E8AE48F9-54DF-4CBF-8D8B-943900CEF378}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E8D7228D-01BD-4B07-95C0-C823B2D9C693}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\commander keen\base4\dosbox.exe |
"{E8F7A4CA-5505-4B9B-AAAB-C29046E8A703}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E9F02B66-EFA6-4D51-AA85-DA70B5CAE28D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{EBD87CB5-D00D-48F9-8FB1-5A507B82E79E}" = protocol=17 | dir=in | app=c:\spiele\lost planet 2\lp2dx11.exe |
"{EC11C196-7628-41E9-8938-741A329286CB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{EC4A2F7B-85E0-4C22-A98C-5A0E5709C932}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EC73670A-6B02-4892-A81E-369E14D3517E}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{ECA3087E-B28D-44C9-B01B-54ABEB209D9F}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\portal 2\portal2.exe |
"{EFDFF3E0-DCEE-4F4F-8334-4FD8F4C1B465}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{F001D429-538F-410D-B277-E74006B1F2CB}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F16F767A-C5C3-41BA-908B-2A81C750B315}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{F2A0FD3D-9A24-43C8-96DE-C3956A0028A5}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\hardreset\hardreset.exe |
"{F86D442C-5446-4763-B89F-666624BFBCAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F8E30D46-F183-47E0-B04F-58032773B520}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{FA073334-5FD8-49BA-893B-005EBD78B96D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{FC0576D5-0E52-4788-AE24-FC962763EA6F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\portal 2\portal2.exe |
"{FF284CF8-F232-4BCF-8C08-6AE85E9D67B0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FF422439-8B78-4C4A-8FC1-CA3DF2E86C46}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\recettear\custom.exe |
"TCP Query User{04D555E8-E52B-49F7-B825-67D7F0E7C6C4}C:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{0FCAF9EA-6E57-469E-A786-7EC7CF6B237C}C:\program files\powerdvd12\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe" = protocol=6 | dir=in | app=c:\program files\powerdvd12\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"TCP Query User{111DB6E6-A664-4E0B-9D4A-D545C4E9DC53}C:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe |
"TCP Query User{150922DD-EE60-462C-BDA6-4ED9A4A95E6E}C:\program files\streammygame\streamer_player.exe" = protocol=6 | dir=in | app=c:\program files\streammygame\streamer_player.exe |
"TCP Query User{262B320B-5D8F-4558-814F-50FCAA5B35AA}C:\program files\qip 2012 jeak-edition\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012 jeak-edition\qip.exe |
"TCP Query User{3E6DB301-0CED-4D6F-9C20-25439A07CC38}F:\crack\gw2.exe" = protocol=6 | dir=in | app=f:\crack\gw2.exe |
"TCP Query User{47E3B042-95D0-4962-B023-8BE85613136D}C:\spiele\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\spiele\empire earth\empire earth.exe |
"TCP Query User{49F47DA8-1A15-45B8-979D-288941578D70}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{5E7C5E83-CB80-4F05-ADF4-F741ED61A7D4}C:\spiele\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\spiele\star trek online\star trek online\live\gameclient.exe |
"TCP Query User{64408FD4-1531-40CC-86B4-AEE68B3DB99C}C:\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\spiele\call of duty 2\cod2mp_s.exe |
"TCP Query User{6530A06E-EA07-4FBC-8370-E568A8858496}C:\program files\streammygame\streamer_server.exe" = protocol=6 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"TCP Query User{6D2DA9D9-6910-47F2-B38B-FD887C68C8D7}C:\spiele\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\spiele\diablo iii\diablo iii.exe |
"TCP Query User{926C16EA-36DB-4303-A654-CD9D18C7AC87}C:\spiele\red alert 3\data\ra3_1.12.game" = protocol=6 | dir=in | app=c:\spiele\red alert 3\data\ra3_1.12.game |
"TCP Query User{9A785DB2-F93C-478B-929D-67E49BAFA551}C:\program files\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files\six updater\tools\bin\rsync.exe |
"TCP Query User{A3D3F0E7-BAA2-4590-9D0C-A2B166D1D490}C:\program files\powerdvd12\powerdvd12\powerdvd12agent.exe" = protocol=6 | dir=in | app=c:\program files\powerdvd12\powerdvd12\powerdvd12agent.exe |
"TCP Query User{C17BB9F8-AAC8-4084-8C68-369B8609AEB4}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{C1BE2349-5F42-4C5B-82F1-9407C0114624}C:\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\unrealtournament\system\unrealtournament.exe |
"TCP Query User{D6903FCB-C3DA-400A-A71F-E6CCCB309FCE}C:\program files\qip 2012 jeak-edition\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2012 jeak-edition\qip.exe |
"TCP Query User{DA68D632-4BA1-4AEC-B8DF-61F682F6B43D}C:\spiele\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\spiele\guild wars 2\gw2.exe |
"TCP Query User{E05200E0-8E86-451C-960D-8CE66DAEF4F5}C:\spiele\steam\steamapps\voigt15\condition zero deleted scenes\hl.exe" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\voigt15\condition zero deleted scenes\hl.exe |
"TCP Query User{ED0E846E-F61B-469E-A7A3-BDEC18B1FE2E}C:\spiele\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\spiele\counter-strike 1.6\hl.exe |
"TCP Query User{F03F9158-79F7-4C3A-B7C1-106527D29BBA}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{0BE91BC0-F1B6-4AF2-969F-EFDED29C348C}C:\spiele\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\spiele\guild wars 2\gw2.exe |
"UDP Query User{14FF6747-9208-4B67-8EB9-880919CEF024}C:\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\unrealtournament\system\unrealtournament.exe |
"UDP Query User{1CF7E8A5-76C3-4952-8E1C-D18B6A467243}C:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\voigt\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{1D27166E-46E6-435B-86D2-19023B789826}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{1FACA428-2EB4-4CD3-85FE-E684511FEF5B}C:\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\spiele\call of duty 2\cod2mp_s.exe |
"UDP Query User{2A14F24C-EEB6-4F55-95A3-38BEC0944B0B}C:\spiele\red alert 3\data\ra3_1.12.game" = protocol=17 | dir=in | app=c:\spiele\red alert 3\data\ra3_1.12.game |
"UDP Query User{3A5504BC-CE25-42DF-B519-E75BDADB7911}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{480B5BED-E3BA-4FA9-B997-F2A454D4DF25}C:\spiele\steam\steamapps\voigt15\condition zero deleted scenes\hl.exe" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\voigt15\condition zero deleted scenes\hl.exe |
"UDP Query User{4CF4D632-FF09-471F-8AB8-A2F3A5BED6A5}C:\spiele\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\spiele\counter-strike 1.6\hl.exe |
"UDP Query User{50841C8D-B2C5-4546-9093-170BD8C9B0BC}C:\program files\powerdvd12\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe" = protocol=17 | dir=in | app=c:\program files\powerdvd12\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"UDP Query User{69CD335D-BDEA-4158-B49A-F0851C79490D}C:\program files\powerdvd12\powerdvd12\powerdvd12agent.exe" = protocol=17 | dir=in | app=c:\program files\powerdvd12\powerdvd12\powerdvd12agent.exe |
"UDP Query User{7B1E4A81-AB63-4898-9A8A-CFCE31172F9D}C:\spiele\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\spiele\diablo iii\diablo iii.exe |
"UDP Query User{7CCCC6D1-E651-43B5-9654-2602732F47BB}C:\program files\qip 2012 jeak-edition\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012 jeak-edition\qip.exe |
"UDP Query User{7D500702-7702-4E0C-BAA0-658319D0E6A4}C:\program files\streammygame\streamer_server.exe" = protocol=17 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"UDP Query User{8820393D-0CF4-41C6-B897-AAEAB252F240}C:\program files\streammygame\streamer_player.exe" = protocol=17 | dir=in | app=c:\program files\streammygame\streamer_player.exe |
"UDP Query User{8C2770B5-67B7-4AB8-BF9E-B1245E58C660}C:\program files\qip 2012 jeak-edition\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2012 jeak-edition\qip.exe |
"UDP Query User{A7C408FB-360B-43E7-8CFE-8CF5965A584C}C:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\spiele\diablo iii\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{AF4336EF-BD5C-4919-A52A-9DB24300816A}C:\spiele\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\spiele\empire earth\empire earth.exe |
"UDP Query User{CBDB5039-2E10-4765-AA7F-91D4B16FC638}C:\program files\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files\six updater\tools\bin\rsync.exe |
"UDP Query User{EBE22E98-873C-490B-BFD9-DD48BBACD0BC}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{F345FC68-3054-4E94-8462-2C1B57489687}C:\spiele\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\spiele\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{FE5819F8-03AF-4018-A8FC-DA5F3527B45F}F:\crack\gw2.exe" = protocol=17 | dir=in | app=f:\crack\gw2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.17.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"ArchiCrypt Ultimate RAM-Disk3_is1" = ArchiCrypt Ultimate RAM-Disk 3 Version 3.1.7.2630
"JosipMedved_MagiWOL_is1" = MagiWOL 3.30
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Unigine Heaven DX11 Benchmark (Basic Edition)_is1" = Heaven DX11 Benchmark version 3.0
"Unlocker" = Unlocker 1.9.1-x64
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{102E4D60-5A93-4A3C-8105-FE390427C60D}" = Sid Meier's Alpha Centauri 2000/XP Compatibility Update
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FA5F0A-04B3-4343-AA3E-C8BA6C3BADA6}" = RapidDrive
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot™ 3
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43430808-081A-4C0D-B7CC-601000018301}" = LOST PLANET 2
"{43430808-081A-4C0D-B7CC-601000018302}" = LOST PLANET 2
"{43430808-081A-4C0D-B7CC-601000018303}" = LOST PLANET 2
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite MFC-5490CN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{68DED384-1F74-4AEE-8B8E-95AF15572FE3}" = Port Royale 3
"{6B1A1AD8-301F-46A8-9AB3-816AD02EE752}" = XSplit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7302BD5B-B67D-4144-AA59-C60520C5FDC6}" = Six Updater
"{737369DC-08E8-4787-A78C-F86943247BDF}" = LOST PLANET 2
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{77033683-0816-4D7D-8BF1-3949B4E9823D}" = Battlefield 3™
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52
"{8FDBE1E8-2922-4750-9E4B-6B28CA67DBBB}" = Unreal
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AF364116-6A2F-43E6-9D12-901ACC3CDC00}" = ArmA II Launcher
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B931991C-FA2F-4B73-8F48-43C20B7581DE}" = QIP 2012 7058 Jeak-Edition
"{CBD6B23A-B54F-476A-9527-C262F469CACF}" = Razer Abyssus
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1100000-0011-0000-0001-074957833700}" = ABBYY FineReader 11
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"6103-4188-8184-5707" = RapidShare Manager 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.00
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Civilization.V.GOTY.incl.Gods.and.Kings_is1" = Civilization.V.GOTY.incl.Gods.and.Kings
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Counter-Strike 1.6 V35" = Counter-Strike 1.6 V35
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"DokanLibrary" = Dokan Library 0.6.0
"EasyBCD" = EasyBCD 2.1
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"InstallShield_{102E4D60-5A93-4A3C-8105-FE390427C60D}" = Sid Meier's Alpha Centauri 2000/XP Compatibility Update
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"IrfanView" = IrfanView (remove only)
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.60.1185" = Opera 11.60
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"QIP 2012 7058 Jeak-Edition 4.0.7058" = QIP 2012 7058 Jeak-Edition
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"ScummVM_is1" = ScummVM 1.4.1
"Sid Meier's Alpha Centauri" = Sid Meier's Alpha Centauri
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 107100" = Bastion
"Steam App 113200" = The Binding of Isaac
"Steam App 203770" = Crusader Kings II
"Steam App 208140" = Endless Space
"Steam App 33460" = From Dust
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 35720" = Trine 2
"Steam App 43110" = Metro 2033
"Steam App 4700" = Medieval II: Total War
"Steam App 4780" = Medieval II: Total War Kingdoms
"Steam App 48000" = LIMBO
"Steam App 57690" = Tropico 4
"Steam App 70400" = Recettear: An Item Shop's Tale
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 8980" = Borderlands
"Steam App 9180" = Commander Keen Complete Pack
"Steam App 98400" = Hard Reset
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"TenomichiStreamer" = StreamMyGame software
"TigerGame XBOX+PS2+GC Game Controller Adapter_is1" = TigerGame XBOX+PS2+GC Game Controller Adapter 2.0.1.0
"TrueCrypt" = TrueCrypt
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Tropico 4" = Tropico 4 1.00
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.07.2012 18:05:44 | Computer Name = VoigtPC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2012 06:06:18 | Computer Name = VoigtPC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2012 06:33:38 | Computer Name = VoigtPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Voigt\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 23.07.2012 06:34:09 | Computer Name = VoigtPC | Source = VSS | ID = 18
Description =
Error - 23.07.2012 06:34:09 | Computer Name = VoigtPC | Source = VSS | ID = 8193
Description =
Error - 23.07.2012 06:34:09 | Computer Name = VoigtPC | Source = System Restore | ID = 8193
Description =
Error - 23.07.2012 06:35:29 | Computer Name = VoigtPC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2012 06:40:33 | Computer Name = VoigtPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Voigt\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 23.07.2012 06:42:23 | Computer Name = VoigtPC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2012 06:42:28 | Computer Name = VoigtPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Voigt\Desktop\Trojaner\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 23.07.2012 06:33:44 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 23.07.2012 06:33:44 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 23.07.2012 06:33:44 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 23.07.2012 06:33:44 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 23.07.2012 06:33:44 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 23.07.2012 06:34:09 | Computer Name = VoigtPC | Source = DCOM | ID = 10005
Description =
Error - 23.07.2012 06:35:45 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 23.07.2012 06:39:40 | Computer Name = VoigtPC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 23.07.2012 06:39:52 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 23.07.2012 06:40:31 | Computer Name = VoigtPC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
< End of report > Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.07.22.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Voigt :: VOIGTPC [Administrator]
23.07.2012 12:45:22
mbam-log-2012-07-23 (12-45-22).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 535725
Laufzeit: 7 Minute(n), 52 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) |