Bedrohung: Win32:Gataka-C [Trj] Fund Avast in Java cache Guten Abend,
habe Heute mal mein System durchforsten lassen und Avast Free zeigte mir einen Fund.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\326fb7d2-1e25a3b0
Bedrohung: Win32:Gataka-C [Trj]
Habe dies dann auch bei Virustotal hochgeladen und 37/42 Befunde.
Natürlich dann auch wie vorgeschrieben OTL geladen und ausgeführt. Einzigen Programme die liefen waren Für Maus/Tastatur und Avast.
OTL.txt Code:
OTL logfile created on: 24.08.2012 20:00:32 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\***\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,11% Memory free
7,99 Gb Paging File | 6,45 Gb Available in Paging File | 80,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 504,68 Gb Free Space | 54,18% Space Free | Partition Type: NTFS
Drive D: | 657,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.08.24 19:58:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.05.26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011.04.04 14:56:00 | 000,556,072 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
PRC - [2009.11.20 13:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.08.04 18:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2007.12.10 15:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\Pixart\Pac7302\Monitor.exe
========== Modules (No Company Name) ==========
MOD - [2010.06.22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
MOD - [2009.08.11 21:18:28 | 000,497,664 | ---- | M] () -- C:\Windows\SysWOW64\ac3filter.acm
MOD - [2009.07.30 19:15:32 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.10.06 23:27:18 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.02.03 06:17:10 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.24 00:23:36 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.19 00:25:21 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.02.28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.09.12 21:46:41 | 000,411,432 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009.08.06 07:51:20 | 000,065,536 | R--- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.04.03 17:47:41 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.03 06:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.02.03 05:23:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.02 09:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.11.20 13:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.11.20 13:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.10.29 10:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.28 10:07:52 | 000,532,480 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PAC7302.SYS -- (PAC7302)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011.06.22 16:39:06 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AD 67 DC 41 4F 68 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {B3D9A795-BEE0-42e9-B03B-319F0202319F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2EB145C2-A307-4f57-AA59-B9E8CD222CE6}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
IE - HKCU\..\SearchScopes\{B3D9A795-BEE0-42e9-B03B-319F0202319F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{D3BB0717-83AB-4b22-BAD2-D9FF2F96369F}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.30 14:07:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.12 19:14:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 00:25:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.03 16:38:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 00:25:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.03 16:38:11 | 000,000,000 | ---D | M]
[2011.04.01 19:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.04.01 19:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\8juek1e4.default\extensions
[2012.08.10 05:59:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions
[2012.04.30 09:29:48 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.03.04 22:59:57 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.04.19 21:19:14 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2011.05.12 20:48:48 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2012.03.29 05:15:48 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2012.05.03 16:39:28 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011.10.26 02:28:32 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\firebug@software.joehewitt.com
[2012.05.03 16:39:31 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\rjds629y.default\extensions\firefox@ghostery.com
[2012.07.23 03:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.23 03:43:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.11.25 20:27:26 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.07.01 17:30:56 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\quickstores@quickstores.de
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.07.19 00:25:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.30 21:44:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.06.30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.05.03 16:38:07 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.03 16:38:07 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.03 16:38:07 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.03 16:38:07 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.03 16:38:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.03 16:38:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CE87D97-F762-4417-82C0-599DCC3A312B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.12.13 00:37:43 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.12.13 00:37:43 | 000,000,045 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2003.12.13 00:37:43 | 000,001,042 | R--- | M] () - D:\autorun.ini -- [ CDFS ]
O33 - MountPoints2\{bb9b8853-5c75-11e0-8c55-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bb9b8853-5c75-11e0-8c55-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2003.12.13 00:37:43 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
O33 - MountPoints2\{c29770d4-5c90-11e0-88b2-d85d4c804a4c}\Shell - "" = AutoRun
O33 - MountPoints2\{c29770d4-5c90-11e0-88b2-d85d4c804a4c}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.24 19:58:42 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.24 15:53:06 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2012.08.24 02:01:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{130B984F-F94A-4777-95A5-EA95016CD8D3}
[2012.08.23 14:01:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{51A0F33B-27D3-4BCB-BAA0-90A9AB2232E0}
[2012.08.22 18:53:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C0D2361C-9455-483C-A3F1-1CAB5B8CF31C}
[2012.08.18 06:18:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{78973A5E-F896-4BDD-9246-7212E868A278}
[2012.08.17 18:17:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{9C1D0E54-47FE-4E0E-92FB-60B746301736}
[2012.08.17 06:16:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{6BAE28E7-3893-45D2-9A3C-0CE911F9F4D4}
[2012.08.16 18:15:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{49F405C6-A3B8-4C65-AEBC-3313021E8B85}
[2012.08.16 06:15:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{85CF7E5B-0E2F-4FBD-ADC0-F39476212C8F}
[2012.08.15 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{B3658DE8-991B-42B9-8F4A-CC625D18C4AF}
[2012.08.15 06:20:09 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Trainingseinheiten
[2012.08.15 06:13:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2C67AFF0-AAC3-4868-A7C5-6E803FEE223D}
[2012.08.14 18:12:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C2D14821-54F3-41F6-B2A7-B01A8F036919}
[2012.08.14 06:12:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1BA603C4-6167-4DBE-A35B-D62DCA9EE22E}
[2012.08.14 06:11:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{DFBFCAA4-0F60-4C41-BFE3-48FBF8B33F9B}
[2012.08.14 03:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warsow 1.0
[2012.08.13 21:45:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.08.13 21:45:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Windows Live Writer
[2012.08.13 07:20:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Syndicate
[2012.08.13 07:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2012.08.13 07:12:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2012.08.12 20:26:54 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C4DFB2E2-F9C9-47BB-A0E2-EB90F8CAD875}
[2012.08.12 16:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012.08.12 16:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012.08.12 08:26:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C85CE77D-CDEF-468C-9912-EE5C10E849B3}
[2012.08.11 20:25:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{8C816815-7A18-40E8-874A-F3A2973DFA9C}
[2012.08.11 08:24:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{50C342C5-00C6-46FA-A332-BDC1E4BAAD6D}
[2012.08.11 03:17:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\storage
[2012.08.10 20:23:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E73F8115-0A40-4BD6-997B-CB2E4479AA3A}
[2012.08.10 08:22:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{58D9B307-5254-4AC3-B3AE-1BCD435E27C2}
[2012.08.10 06:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader 2
[2012.08.09 20:22:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{BF3E80FE-BE45-47AC-A955-A63B5907ABAB}
[2012.08.09 20:21:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{33E2BD18-CDCA-40C4-BC0A-22EBF098FCB1}
[2012.08.08 16:39:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{660A5F68-C0B2-4477-B1B4-A91BEB393D6A}
[2012.08.08 16:39:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{6D3C3021-A2A2-4093-823E-5CC2891F4DE1}
[2012.08.07 19:19:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{3B670BD3-6F5A-4DAD-8F0B-FE5177F73101}
[2012.08.07 19:19:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{94BB345E-AC29-4F67-9521-923C6C940E08}
[2012.08.04 16:23:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{F2E79516-036C-4221-8452-2D777056DACB}
[2012.08.04 16:22:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{D5F811E5-B9E7-41C8-A7D6-672841CEDE30}
[2012.08.02 19:05:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1EEA2B70-38C8-436A-BCA4-DF8009E08149}
[2012.08.02 07:05:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{A7A3FE74-D288-42B9-A8A5-6D56530FE561}
[2012.08.01 19:04:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{63AD406F-3541-47BB-AC5C-B25E3826B7A7}
[2012.08.01 18:11:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve
[2012.08.01 18:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2012.08.01 07:03:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{CD94D489-975D-42B8-9FAF-001801D5BB04}
[2012.07.31 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{D801CD88-1ADF-491C-95BF-C20EBB6DD276}
[2012.07.31 19:02:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{4CF79283-1C35-4036-8EEC-4620268B0DD1}
[2012.07.31 02:12:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{011EAF07-71F9-4D4F-B961-5F7768FEAE8E}
[2012.07.31 02:11:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{25738D69-99E3-430B-9D0D-18B08311BB02}
[2012.07.30 14:11:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{F56EA356-7441-4560-B9C2-6F192DD4C052}
[2012.07.30 14:11:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1D5663F8-79D0-4D77-B392-A89A86A76DB1}
[2012.07.30 14:07:27 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.07.29 18:07:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{CD494DBA-7B50-439A-B269-581AC77DAE80}
[2012.07.29 18:06:48 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1DF05826-1EA3-46EF-86C8-2FCA0D600EC5}
[2012.07.28 17:51:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{9ABC9AB9-319E-48D7-93C5-53B45205FA2F}
[2012.07.28 17:50:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{1A67832A-A5E3-4113-9FB9-DC03F8414DE2}
[2012.07.27 16:36:18 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{68632FAB-11E0-4B63-872E-D7C25E6BB7D9}
[2012.07.27 16:35:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{11AB6E88-D469-41EB-8583-A7C9C90F8749}
[2012.07.27 15:52:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\gamigoGr
[2012.07.27 15:49:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Martial Empires Launcher
[2012.07.27 15:49:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\launcher
[2012.07.27 15:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Martial Empires
[2012.07.27 14:59:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2012.07.27 04:35:18 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{3D3F5207-440C-4F19-A1A0-CC259178D280}
[2012.07.26 19:09:45 | 000,000,000 | ---D | C] -- C:\PWRD
[2012.07.26 19:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PWD
[2012.07.26 19:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War of the Immortals DE
[2012.07.26 16:34:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2530B4FE-D7D4-4D54-9C45-5ECB87B060CB}
[2012.07.26 16:33:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2F4616BD-0A41-435A-860E-6431EBBBA3A2}
[2012.07.26 04:33:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{FCB66B5D-CE8E-46DE-8273-E1EC0024E70A}
[2012.01.04 22:49:32 | 003,495,256 | ---- | C] (AVAST Software) -- C:\Program Files\AVAST Softw
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.24 19:58:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.24 16:14:03 | 001,611,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.24 16:14:03 | 000,696,132 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.24 16:14:03 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.24 16:14:03 | 000,147,428 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.24 16:14:03 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.24 15:38:02 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.24 15:38:02 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.24 15:28:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.24 15:28:26 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.16 23:06:54 | 000,005,786 | ---- | M] () -- C:\Users\***\Desktop\wswconvert
[2012.08.15 05:33:51 | 000,002,697 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.08.14 06:06:14 | 000,004,292 | ---- | M] () -- C:\Users\***\Desktop\DesktopOK.ini
[2012.08.14 05:51:51 | 000,014,126 | ---- | M] () -- C:\Users\***\Documents\cc_20120814_055145.reg
[2012.08.14 03:58:36 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk
[2012.08.13 07:18:39 | 000,002,409 | ---- | M] () -- C:\Users\Public\Desktop\Syndicate.lnk
[2012.08.12 16:16:02 | 000,002,424 | ---- | M] () -- C:\Users\Public\Desktop\Spec Ops The Line.lnk
[2012.08.11 03:17:03 | 000,001,572 | ---- | M] () -- C:\Users\***\Desktop\conviction_game.exe - Verknüpfung.lnk
[2012.08.10 06:06:39 | 000,001,977 | ---- | M] () -- C:\Users\***\Desktop\JDownloader 2.lnk
[2012.08.04 18:25:53 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.07.30 14:07:27 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.07.30 14:07:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.16 23:06:53 | 000,005,786 | ---- | C] () -- C:\Users\***\Desktop\wswconvert
[2012.08.15 05:33:51 | 000,002,697 | ---- | C] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.08.14 05:51:48 | 000,014,126 | ---- | C] () -- C:\Users\***\Documents\cc_20120814_055145.reg
[2012.08.14 03:58:36 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk
[2012.08.13 07:18:39 | 000,002,409 | ---- | C] () -- C:\Users\Public\Desktop\Syndicate.lnk
[2012.08.12 16:16:02 | 000,002,424 | ---- | C] () -- C:\Users\Public\Desktop\Spec Ops The Line.lnk
[2012.08.11 03:17:03 | 000,001,572 | ---- | C] () -- C:\Users\***\Desktop\conviction_game.exe - Verknüpfung.lnk
[2012.08.10 06:06:39 | 000,001,977 | ---- | C] () -- C:\Users\***\Desktop\JDownloader 2.lnk
[2012.08.10 06:05:27 | 000,001,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader 2.lnk
[2012.08.01 18:15:28 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.07.30 14:07:27 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.07.24 00:44:58 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.24 00:23:34 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.06.21 10:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.06.06 17:57:42 | 000,059,377 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012.05.10 19:30:56 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.03.26 21:07:52 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2012.03.17 19:13:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.02.26 11:09:14 | 000,000,170 | ---- | C] () -- C:\Users\***\.jupload.properties
[2011.12.11 20:53:44 | 000,000,062 | ---- | C] () -- C:\Windows\WinInit.Ini
[2011.11.11 03:33:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.10.22 20:16:03 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.10.22 20:16:03 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.10.22 20:16:03 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.10.06 22:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.10.03 12:53:16 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.07.27 18:27:23 | 000,000,860 | ---- | C] () -- C:\Windows\wiso.ini
[2011.06.14 15:30:48 | 000,007,098 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2011.05.21 22:18:58 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.05 19:15:05 | 000,000,868 | ---- | C] () -- C:\Windows\SysWow64\SP7302.INI
[2011.04.01 20:49:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.01 20:47:00 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.01 20:41:06 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2011.04.01 20:36:11 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.02.18 20:23:57 | 000,059,904 | ---- | C] () -- C:\Program Files (x86)\zlib1.dll
========== LOP Check ==========
[2012.05.01 02:15:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.05.25 23:50:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASCON Installer
[2012.05.25 23:55:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASCON Programme
[2011.07.27 18:28:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service
[2011.07.23 23:06:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2012.08.14 05:50:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.08.19 00:51:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2012.07.27 16:24:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gamigoGr
[2012.04.30 09:32:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GARMIN
[2011.05.22 17:50:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\geany
[2012.07.27 15:49:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2011.06.14 15:30:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2011.07.24 23:53:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hi-Rez Studios
[2012.07.27 15:52:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\launcher
[2011.02.18 20:33:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2012.05.30 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient2
[2012.07.27 15:52:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Martial Empires Launcher
[2012.05.28 03:21:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2011.09.05 07:09:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2011.10.07 18:21:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2012.05.10 19:30:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PunkBuster
[2012.04.03 12:08:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2011.04.14 19:51:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011.03.04 00:47:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\THE LINDER COMPANY Software
[2012.08.16 17:44:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2011.10.19 16:23:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tunngle
[2012.06.24 05:01:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2011.05.28 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unity
[2010.12.17 01:34:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Warsow 0.5
[2011.10.07 19:34:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Warsow 0.6
[2012.08.13 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.07.30 14:07:27 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2011.09.26 14:02:33 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA(19).DAT
[2012.08.24 15:28:36 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.17 19:34:13 | 000,000,296 | ---- | M] () -- C:\Windows\Tasks\Toolbox.exe_{9D6FFD2B-0BEB-4D0A-8CD9-6AD25B1E51B0}.job
[2012.03.17 19:34:09 | 000,000,306 | ---- | M] () -- C:\Windows\Tasks\WOWPrint.exe_{27302207-D2E0-4E32-B050-1E9047216D44}.job
[2011.11.14 06:24:57 | 000,000,198 | ---- | M] () -- C:\Windows\Tasks\{C328DFA4-38F6-4C68-AB91-984D139855EA}.job
========== Purity Check ==========
< End of report > Extras.txt Code:
OTL Extras logfile created on: 24.08.2012 20:00:33 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\***\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,11% Memory free
7,99 Gb Paging File | 6,45 Gb Available in Paging File | 80,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 504,68 Gb Free Space | 54,18% Space Free | Partition Type: NTFS
Drive D: | 657,75 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B692C9-007D-449C-890F-935F30F2CCC6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05711664-7337-419B-BC3D-2829E76959D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{09100EB8-CE1C-4ED2-B95C-5094FAAA02A1}" = rport=139 | protocol=6 | dir=out | app=system |
"{0C241B75-6728-40D6-8910-39CE8A81772A}" = rport=445 | protocol=6 | dir=out | app=system |
"{19A9AA2A-BE38-4CDE-8ECE-A75DC2854920}" = lport=58680 | protocol=17 | dir=in | name=pando media booster |
"{22F8F4FB-C598-4760-BBF4-50B3ECD57F01}" = rport=138 | protocol=17 | dir=out | app=system |
"{237D0EA3-4F79-401F-AE1D-6E241E20E716}" = lport=10243 | protocol=6 | dir=in | app=system |
"{32C94806-3D32-4726-8DD2-C84EB5DDCF99}" = lport=139 | protocol=6 | dir=in | app=system |
"{32D6A69A-4D1E-49C8-869C-C980BC1951AA}" = lport=57387 | protocol=17 | dir=in | name=pando media booster |
"{456C11B6-84FB-4002-B9E7-833FE8F854E6}" = lport=56362 | protocol=6 | dir=in | name=pando media booster |
"{4610B042-52E5-4B98-97D0-D23194368FB6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{486C3926-197D-4D63-960B-ED9C6F135228}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48BE73C5-30B8-4B35-80EC-CFD73E858B69}" = rport=10243 | protocol=6 | dir=out | app=system |
"{495A3E95-6AD9-4E39-B598-A2AC2FFB2EEB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4DF99506-345B-4BE3-8CC0-821015CFF272}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{51B18436-C810-46C7-BED1-BB5BD9C5D0D9}" = lport=56362 | protocol=17 | dir=in | name=pando media booster |
"{5A870358-4DD6-45FB-9713-1B38CFA2E76A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5C4A4CDF-DE52-46BB-83D5-8B38EFF8C035}" = lport=58680 | protocol=17 | dir=in | name=pando media booster |
"{5D9154F5-DABF-476D-8336-62CAB946B885}" = lport=57387 | protocol=6 | dir=in | name=pando media booster |
"{5FF32939-4A8B-42B3-8ECD-3BB0F34E4966}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6CD9ECE2-3E92-4325-8957-1CDD035CF4AE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{84953F2A-B067-46C3-869B-839BE2797515}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C6CA3EE-E9D3-4881-98FE-C755AE50901E}" = lport=57387 | protocol=17 | dir=in | name=pando media booster |
"{956A77B7-2DEE-47D2-98D4-4FC5DA2310DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{956ED670-52BB-4842-9AC4-1358AAB58EF0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A33412E2-71AC-4D35-8B2F-7F30CF896933}" = lport=137 | protocol=17 | dir=in | app=system |
"{A62FFCFD-FC9B-4D19-A2A4-9939F8AA85BE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B910921D-E36E-42B3-BFD8-A3F2E28166A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BBBEE7A6-E123-404B-BA48-32814EBF3CF4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BD426899-2398-41A3-8679-14A86FB20794}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C211FDC7-EAC7-454B-AD65-5C233F94B148}" = rport=137 | protocol=17 | dir=out | app=system |
"{CF6F9A18-49D9-4278-82B2-F638FEFA4704}" = lport=58680 | protocol=6 | dir=in | name=pando media booster |
"{D4AEB112-5677-41E7-A0E5-C990A7908745}" = lport=56362 | protocol=17 | dir=in | name=pando media booster |
"{D4FFD0C7-299C-4ED5-AD7E-6817ECA53F1E}" = lport=138 | protocol=17 | dir=in | app=system |
"{DFC013EC-E7A7-4C33-9B81-59D8D2A805BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8569C7B-C4E1-4C9F-A35B-A7601F7EEB0B}" = lport=56362 | protocol=6 | dir=in | name=pando media booster |
"{F9F1933E-558A-42F8-9675-4CA0412C9F28}" = lport=57387 | protocol=6 | dir=in | name=pando media booster |
"{FC142B03-D6B7-41F1-A5B7-D8B71ABB32D9}" = lport=58680 | protocol=6 | dir=in | name=pando media booster |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AE840DB-3DFB-4586-99AC-E19D76DCA665}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe |
"{0DB63989-9531-4AEC-AD37-D2ECFFFCFD62}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{11A137FD-219D-4A34-89FC-E25346E3ACBD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{15D5F50D-1ACA-4B3E-A248-A26C31F66FA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{15E80086-C754-4857-A4AA-B38816BA3E51}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1616E52A-644A-4813-80DC-425AF66C1227}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{173BAA5A-1BBA-4F36-8BAC-4760E01188D3}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{1AB50EDC-AF84-4CD9-8446-A78BEA30DB1D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe |
"{1B812B78-CF48-4677-9E6D-E21B8ADC1D3E}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"{1BC0797B-E520-4484-A1B9-B62F11DE3B60}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20829196-A8A2-47CC-AB29-9F0073349FCD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{20C60F15-26CE-4662-9792-DE23CAFA2779}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{23FCAF10-3B0F-403B-8893-FF4BAF24D33E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26C84686-7056-41CF-9C07-9E3E98C222B7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{2E9A2747-1B65-49A6-BE88-281FD3C6F572}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe |
"{2F8F4A9B-F0C1-4716-B9E8-9F8D111AF522}" = protocol=58 | dir=in | app=system |
"{32F46528-B05D-4CC7-BF7A-596FC615D17E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3670B8D1-6501-4A95-BAFE-140A7E9737B8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{375A4448-8903-4BC7-BE97-91EEED028B1F}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"{37DE50CD-1692-4C04-9967-1BFABA4C5A65}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{403E9AC6-0033-4F01-98B8-69976DCC4AC5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40E55F5D-D1CC-45D1-AAFC-129A4C7053F0}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{45429444-D95B-4B89-BD7C-287E5D2AC30E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{49548344-D9E4-4703-97C8-E8EB39F7FC4A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4AB21088-1EEE-4AEA-916F-32EA81EA39B7}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4B2628CE-81E3-4A38-9410-A0C82068EA4A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{4B434653-68EB-4AAD-93D5-91DCDA25BBAC}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{50697ECB-083A-4EA5-89D5-CB9099B343BE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5E113CD8-89CA-4D43-A8EF-1123FF824A38}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5E8730E1-8D37-4AC0-AFBA-A122C8CDFC75}" = protocol=17 | dir=in | app=c:\program files\counter strike zero\czero.exe |
"{5F9532C8-39A7-4377-93E2-D5609345148A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{5FA3222A-FA85-4893-8692-3C193B786C53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62011478-E712-4793-AFCD-A34A3EDFAD20}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{6601B48F-3565-4182-9DAB-E0B8A051892B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{6A5D3235-EE87-41E1-B9EE-55D55D2620D2}" = protocol=6 | dir=in | app=c:\program files (x86)\warsow 1.0\warsow_x64.exe |
"{6C4E0A53-CF14-41BE-8A32-3374B636F9D5}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"{6E439DA6-3049-43C9-A65A-C1CF0D8F28E4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\gu.exe |
"{6E520B98-A9A5-41AF-80F4-8250EF6BE7BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7114B907-A523-4DE5-9681-C8D5EB2B8F04}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74F4217D-9ADD-422D-B958-471453FDA4F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{77CEA1C3-58E7-4132-AEA6-76A39F6A9A1A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{788AC071-4823-441A-B810-CA205AE70600}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{7AE2F52D-B37B-4142-BCE8-C56BDB3DF382}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{7C8BC09D-2FB0-473A-908F-9991F2C7BD27}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{7D365F22-65DE-4FEE-BE08-B676B5BF27BC}" = protocol=17 | dir=in | app=c:\program files (x86)\warsow 1.0\warsow_x64.exe |
"{7FBA1FD7-C894-4F23-A834-7AE1398975A1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{818FA3EE-D1DD-485B-813B-C34E6153A718}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82811BE3-E8FC-47C2-8C54-6A96B4E21F37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{82CE6229-00A4-40A0-8C85-5D87E6DB94B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8E0077E9-8551-4272-8FFE-1C68C39C2909}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90F33E47-FFF6-44A8-8651-D5DDBB32C234}" = protocol=6 | dir=out | app=system |
"{91436500-7E5A-4B8F-A25E-135F693324BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"{948C8985-8BD9-478C-86A9-C2A2D9CBA598}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94D16B97-3E44-4ECF-B96E-58AA096964AA}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{99A40C07-50AE-4099-9A6E-B9FF464EA9B6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ED53937-E78D-48C0-B74D-7B4E150B0DD9}" = protocol=6 | dir=in | app=c:\program files\counter strike zero\czero.exe |
"{A039061A-BC25-47EF-A8E0-3A4034E6685E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{B117E556-936E-432F-B2C8-CA1FAE0423F8}" = protocol=17 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"{B12CBF53-D83B-4F15-84B8-2E3767E55A96}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{B1FE8A4C-9D44-4F08-A601-A4B2A90D2578}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{B204CC7A-ABC4-477F-A384-8B68A8C08756}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{B40B0571-4763-461B-9FF2-163239A5B4AB}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{B66CACAF-0F9E-4123-B938-3FF89E0F98AB}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{B71E7135-956A-41E9-A913-12A5E91CD019}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{BAA013E0-20A3-4FB3-B6A7-FC14F67D0557}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{BC100666-EBEC-4F67-AE17-84F5DEF4235F}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"{BD440851-4B0A-474F-8A0B-880B709E26E3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6871A5E-A194-40AF-8647-3A8B042EAD8D}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{CD085E2F-53CD-44FA-8843-2C23F8FA8D0A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{CEB486E2-946E-46E1-90D8-F4E7EB2A7078}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D0900F6D-3188-4BCD-971D-5F7BC6195EC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D1B9B8A3-AB6E-47F7-BF05-B58480C70395}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{DB21F9CF-4CEF-4582-BB56-4D9C285131F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DF60424E-E015-42FA-A013-D6D09176F41D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{E3D925E1-469F-4205-80BB-A5B25E667AC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5E26B7C-AB52-496C-B86C-FFA57896D073}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{F3DEC3F5-3CFD-44A7-8F8A-339150740520}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F8CD1211-647B-46DB-A9DD-BC23FF52AC31}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FB610F37-B6D8-465C-9F06-801ADD3578D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe |
"TCP Query User{0D7DEEF5-885F-48B4-97B9-CD61068B0C97}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"TCP Query User{17BE3FD8-1DD9-4079-B1CC-E48AC2ED0747}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{245ABD91-770F-46FF-8F19-2088700B367D}C:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe |
"TCP Query User{2AE87319-CC3D-4C81-BAC8-B6522E43832D}C:\program files (x86)\gamers.irc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamers.irc\mirc.exe |
"TCP Query User{2C73F453-7221-4FAD-BE1D-D86A971282D1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{3B6E0278-A4E8-4ACD-8EEC-3637D6B4B755}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6797ED3B-80AC-454A-9A63-DE4072489E41}C:\program files\counter strike zero\czero.exe" = protocol=6 | dir=in | app=c:\program files\counter strike zero\czero.exe |
"TCP Query User{A3AAD5A4-DB45-42A7-8243-E8B1FFF5CCB0}C:\windows\syswow64\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"TCP Query User{A6590203-6E14-4D82-899C-FB864C3887FD}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{A8437AF4-0855-4852-9D21-844ED0DCAC59}C:\users\***\desktop\warsow_0.61_unified\warsow_x86.exe" = protocol=6 | dir=in | app=c:\users\***\desktop\warsow_0.61_unified\warsow_x86.exe |
"TCP Query User{D345EA76-9A13-48C5-BEE3-77BE5888DF7B}C:\program files (x86)\warsow 1.0\warsow_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warsow 1.0\warsow_x64.exe |
"TCP Query User{DCCC8268-0678-4EF1-B3C3-611E5A8D39F5}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{DE387D68-C32C-424D-B546-CF00B4F8A666}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{F49183E7-D030-4A2C-A1D3-2374081A0089}C:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe |
"UDP Query User{119D6109-F8E0-43F8-A244-34FE15871AE2}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{1D82208C-6D75-4084-8952-F1E1EDEA266C}C:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\counter-strike source\hl2.exe |
"UDP Query User{2CE5ADDA-967A-40D7-A159-4C5A213976AE}C:\windows\syswow64\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"UDP Query User{2F55F469-23A0-4D8E-BB41-8D087F7B56C1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{339588C4-43E2-421F-A474-60FB23C60367}C:\program files\counter strike zero\czero.exe" = protocol=17 | dir=in | app=c:\program files\counter strike zero\czero.exe |
"UDP Query User{3B93FB14-22DC-446C-BF39-B0EED677EDE0}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{499A61AD-C67A-4E19-8A40-04590EB5FE9A}C:\program files (x86)\warsow 1.0\warsow_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warsow 1.0\warsow_x64.exe |
"UDP Query User{5347F672-5F37-411D-B1DD-BA8DAEE1C62B}C:\users\***\desktop\warsow_0.61_unified\warsow_x86.exe" = protocol=17 | dir=in | app=c:\users\***\desktop\warsow_0.61_unified\warsow_x86.exe |
"UDP Query User{856173C7-A1B2-4677-BABA-3E73B0063F4F}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"UDP Query User{930F139E-DBFE-4EEA-9AA5-1093752EBC44}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{A64E716E-E005-4BBA-AC40-03FD39D765EF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{AD0FAE97-9652-4177-B22A-1E3760E7BB6F}C:\program files (x86)\gamers.irc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamers.irc\mirc.exe |
"UDP Query User{CF4B29FA-924A-404C-A896-910C16D1D460}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{E382691A-DA75-42A7-979A-E2005EA50CDA}C:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theonex90\team fortress 2\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F4884F1-488D-4738-8F71-65A378BB484C}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{BDAF38DA-C834-6D42-B314-B97BB214E140}" = AMD Drag and Drop Transcoding
"{C9378F0F-B547-5506-165D-98F235F11514}" = ATI AVIVO64 Codecs
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C71398-0779-7AF2-4C7A-B7E1E0A622A2}" = AMD Fuel
"CCleaner" = CCleaner
"MAXON8784BC4B" = CINEMA 4D 13.058
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.1-x64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{037CD593-D760-4A00-B030-7BBAFA1123FE}" = HP Officejet 6500 E710a-f Hilfe
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 1.0
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}" = 15354 Webcam Live
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B0414A3B-3AE3-47B8-8FC0-2129781FF425}" = t@x 2011
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = AMD VISION Engine Control Center
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"0630-0716-3135-7887" = JDownloader 2
"1489-3350-5074-6281" = JDownloader 0.9
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.2.7.1
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"LogMeIn Hamachi" = LogMeIn Hamachi
"Messenger Plus!" = Messenger Plus! 5
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Sniper Elite V2_is1" = Sniper Elite V2
"Spec Ops The Line_is1" = Spec Ops The Line
"Steam App 240" = Counter-Strike: Source
"Steam App 440" = Team Fortress 2
"Syndicate_is1" = Syndicate
"TeamViewer 7" = TeamViewer 7
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.08.2012 20:58:06 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.08.2012 22:46:58 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4febb13c Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ff1ec29 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6a99e279
ID
des fehlerhaften Prozesses: 0x511c Startzeit der fehlerhaften Anwendung: 0x01cd7e74b89d60b5
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\theonex90\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
4efc2222-ea71-11e1-b53d-d85d4c804a4c
Error - 20.08.2012 18:33:49 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4febb13c Name des fehlerhaften Moduls: filesystem_steam.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ff1ec29 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6be0e279
ID
des fehlerhaften Prozesses: 0x16fc Startzeit der fehlerhaften Anwendung: 0x01cd7f1ea2fc95f4
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\theonex90\counter-strike
source\hl2.exe Pfad des fehlerhaften Moduls: filesystem_steam.dll Berichtskennung:
1bc28fb7-eb17-11e1-b53d-d85d4c804a4c
Error - 20.08.2012 20:38:02 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.08.2012 20:02:11 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.08.2012 20:36:57 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.08.2012 07:57:16 | Computer Name = ***-PC | Source = Schedule | ID = 0
Description =
Error - 23.08.2012 07:56:19 | Computer Name = ***-PC | Source = Schedule | ID = 0
Description =
Error - 23.08.2012 20:13:41 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 23.08.2012 21:06:12 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.08.2012 09:28:35 | Computer Name = ***-PC | Source = Schedule | ID = 0
Description =
Error - 24.08.2012 10:13:38 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: winamp.exe, Version: 5.6.2.3161,
Zeitstempel: 0x4e0cc0ab Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
Zeitstempel: 0x4dace5b9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00056b1d ID des fehlerhaften
Prozesses: 0x1244 Startzeit der fehlerhaften Anwendung: 0x01cd81ffc34bc430 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Winamp\winamp.exe Pfad des fehlerhaften
Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Berichtskennung:
e58bc84c-edf5-11e1-9069-d85d4c804a4c
[ System Events ]
Error - 24.08.2012 09:29:40 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = PNRPSvc | ID = 102
Description =
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = PNRPSvc | ID = 102
Description =
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 24.08.2012 09:29:48 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 24.08.2012 09:30:55 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%216
Error - 24.08.2012 09:31:20 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%216
Error - 24.08.2012 09:32:56 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%216
< End of report > Über Hilfe würde ich mich sehr freuen und wünsche noch angenehme Abendstunden.
Grüße |