Noch ein Fall von "Mail delivery failed: returning message to sender" Hallo Forum,
jetzt scheint es auch meine web.de-Adresse erwischt zu haben.
Ich bekomme seit ein paar Tagen haufenweise folgendes von und auf web.de gesendet:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of
its recipients. This is a permanent error. The following address
failed:
"genna0412@mail.ru":
SMTP error from remote server after transfer of mail text:
host: mxs.mail.ru
spam message rejected. Please visit hxxp://mail.ru/notspam/abuse?c=428wVMAr-jeKaXvEoBmHjZTQqGxUq-cBdlLMdZgFf20jNOiZeI8RjgYAAABDLQAAb66IDA~~ or report details to abuse@corp.mail.ru. Error code: 54306FE337FA2BC0C47B698A8D8719A06CA8D09401E7AB5475CC52766D7F059899E834238E118F78. ID: 0000000600002D430C88AE6F.
--- The header of the original message is following. ---
Received: from web.de ([180.210.205.73]) by smtp.web.de (mrweb102) with ESMTPA
(Nemesis) id 0LfzxX-1TjAuN1TgZ-00pb9y for <genna0412@mail.ru>; Mon, 08 Oct
2012 05:46:53 +0200
Date: Mon, 8 Oct 2012 11:46:46 +0400
From: =?windows-1251?Q?Violetta_Trushevskaya?= <pilleeichi@web.de>
Organization: uijdzbfdrpwpk
X-Priority: 3 (Normal)
Message-ID: <1119029615.20121008114646@web.de>
To: genna0412@mail.ru
Subject: =?windows-1251?Q?drasti_miliy_=21_?=
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: 8bit
X-Provags-ID: V02:K0:t+o+u3gEs5h9ScouYOGnpsPx7/U15x8A3oc4pqfI8SY
nPCwSN9FqzjKXIf1+xcLigb3XMX+/7F2s4zRy/n910T/NFPIcT
VSoFnu1s/mf3QJUJVG1yBTV0Z2OgToQnlC1KWWGC+Pc3VScJhM
oGiDAiQwp5EwZfba+B+D7Mb8X6Uj/RM16pJiTVw8Ids7Gta7HE
4GFzmetDCjvaZN5A7WYog==
Ein paar vereinzelte sind satt "@mail.ru" mit "@list.ru"
Malwarebytes Anti-Malware und OTL habe ich mit folgenden Ergebnissen laufen lassen:
Malewarebytes: Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Datenbank Version: v2012.10.08.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: *** [Administrator]
09.10.2012 17:30:11
mbam-log-2012-10-09 (18-48-16).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 505852
Laufzeit: 1 Stunde(n), 17 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
E:\Mail_in\coretemp_1236.exe (PUP.BundleOffers.IIQ) -> Keine Aktion durchgeführt.
(Ende) OTL: Code:
OTL logfile created on: 09.10.2012 21:43:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pille\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 32,74% Memory free
10,00 Gb Paging File | 6,32 Gb Available in Paging File | 63,24% Paging File free
Paging file location(s): c:\pagefile.sys 6142 6142 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 40,85 Gb Total Space | 4,84 Gb Free Space | 11,86% Space Free | Partition Type: NTFS
Drive D: | 115,29 Gb Total Space | 8,53 Gb Free Space | 7,40% Space Free | Partition Type: NTFS
Drive E: | 440,03 Gb Total Space | 45,30 Gb Free Space | 10,30% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: Pille | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Pille\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\Napster 5\Napster 5.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Pille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - D:\Programme\BOINC DATA\projects\www.worldcommunitygrid.org\wcg_hpf2_rosetta_6.40_windows_intelx86 (New York University Center For Comparative Functional Genomics in collaboration with the University of Washington and IBM Corporation)
PRC - D:\Programme\BOINC DATA\projects\www.worldcommunitygrid.org\wcg_faah_autodock_6.40_windows_intelx86 (The Scripps Research Institute and IBM Corporation)
PRC - D:\Programme\BOINC DATA\projects\www.worldcommunitygrid.org\wcg_hcc1_img_6.42_windows_intelx86 ()
PRC - D:\Programme\BOINC DATA\projects\www.worldcommunitygrid.org\wcg_hfcc_autodock_6.40_windows_intelx86 (The Scripps Research Institute and IBM Corporation)
PRC - D:\Programme\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
PRC - D:\Programme\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
PRC - d:\Programme\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft)
PRC - D:\Programme\Mozilla Sunbird\sunbird.exe (Mozilla)
========== Modules (No Company Name) ==========
MOD - C:\Users\Pille\AppData\Local\Temp\sfamcc00001.dll ()
MOD - C:\Users\Pille\AppData\Local\Temp\sfareca00001.dll ()
MOD - c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll ()
MOD - c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - D:\Programme\Napster 5\Napster 5.exe ()
MOD - D:\Programme\BOINC DATA\projects\www.worldcommunitygrid.org\wcg_hcc1_img_6.42_windows_intelx86 ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- D:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (CobianBackup10) -- d:\Programme\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft)
SRV - (cbVSCService) -- d:\Programme\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (ithsgt) -- C:\Windows\SysNative\drivers\ithsgt.sys ()
DRV:64bit: - (lilsgt) -- C:\Windows\SysNative\drivers\lilsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\drivers\tifsfilt.sys (Acronis)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (cpuz132) -- C:\Windows\SysNative\drivers\cpuz132_x64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (s117unic) -- C:\Windows\SysNative\drivers\s117unic.sys (MCCI Corporation)
DRV:64bit: - (s117obex) -- C:\Windows\SysNative\drivers\s117obex.sys (MCCI Corporation)
DRV:64bit: - (s117nd5) -- C:\Windows\SysNative\drivers\s117nd5.sys (MCCI Corporation)
DRV:64bit: - (s117mdm) -- C:\Windows\SysNative\drivers\s117mdm.sys (MCCI Corporation)
DRV:64bit: - (s117mgmt) -- C:\Windows\SysNative\drivers\s117mgmt.sys (MCCI Corporation)
DRV:64bit: - (s117mdfl) -- C:\Windows\SysNative\drivers\s117mdfl.sys (MCCI Corporation)
DRV:64bit: - (s117bus) -- C:\Windows\SysNative\drivers\s117bus.sys (MCCI Corporation)
DRV:64bit: - (tap0801) -- C:\Windows\SysNative\drivers\tap0801.sys (The OpenVPN Project)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 D1 85 2B 06 6B CA 01 [binary data]
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: FF_AddOn@viewtubes.de:3.2.0
FF - prefs.js..network.proxy.autoconfig_url: "chrome://viewtubes/content/viewtubes_false.pac"
FF - prefs.js..network.proxy.backup.ftp: "173.190.218.30"
FF - prefs.js..network.proxy.backup.ftp_port: 16379
FF - prefs.js..network.proxy.backup.socks: "173.190.218.30"
FF - prefs.js..network.proxy.backup.socks_port: 16379
FF - prefs.js..network.proxy.backup.ssl: "173.190.218.30"
FF - prefs.js..network.proxy.backup.ssl_port: 16379
FF - prefs.js..network.proxy.ftp: "96.3.178.103"
FF - prefs.js..network.proxy.ftp_port: 23112
FF - prefs.js..network.proxy.http: "96.3.178.103"
FF - prefs.js..network.proxy.http_port: 23112
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "96.3.178.103"
FF - prefs.js..network.proxy.socks_port: 23112
FF - prefs.js..network.proxy.ssl: "96.3.178.103"
FF - prefs.js..network.proxy.ssl_port: 23112
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.04.17 22:23:04 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: d:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.04.17 22:23:04 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@thrixxx.com/WebLaunch: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: d:\Programme\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@thrixxx.com/WebLaunch: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.09.11 11:15:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.03 09:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: d:\Programme\Mozilla Firefox\components [2012.09.09 20:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: d:\Programme\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: D:\Programme\Mozilla Sunbird\components [2010.04.14 00:47:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: D:\Programme\Mozilla Sunbird\plugins [2011.05.04 21:08:44 | 000,000,000 | ---D | M]
[2012.09.09 20:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pille\AppData\Roaming\mozilla\Extensions
[2012.09.16 23:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pille\AppData\Roaming\mozilla\Firefox\Profiles\fdypsb4v.default\extensions
[2012.09.16 23:27:52 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Pille\AppData\Roaming\mozilla\Firefox\Profiles\fdypsb4v.default\extensions\ich@maltegoetz.de
[2012.10.09 19:05:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pille\AppData\Roaming\mozilla\Sunbird\Profiles\0im0evx5.default\extensions
[2009.11.21 01:23:19 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\Pille\AppData\Roaming\mozilla\Sunbird\Profiles\0im0evx5.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2009.12.30 19:56:15 | 000,000,000 | ---D | M] (.vcs Support) -- C:\Users\Pille\AppData\Roaming\mozilla\Sunbird\Profiles\0im0evx5.default\extensions\{efcbec50-6821-11db-bd13-0800200c9a66}
[2009.11.08 02:48:44 | 000,000,000 | ---D | M] (MyPhoneExplorer) -- C:\Users\Pille\AppData\Roaming\mozilla\Sunbird\Profiles\0im0evx5.default\extensions\myphoneexplorer@fjsoft.at
[2012.09.13 23:42:52 | 000,012,042 | ---- | M] () (No name found) -- C:\Users\Pille\AppData\Roaming\mozilla\firefox\profiles\fdypsb4v.default\extensions\FF_AddOn@viewtubes.de.xpi
========== Chrome ==========
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:64bit: - HKLM..\Run: [boincmgr] D:\Programme\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] D:\Programme\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Cobian Backup 10 Interface] D:\Programme\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1931835600-3465660405-1110096234-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Pille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Pille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Pille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sunbird.exe.lnk = D:\Programme\Mozilla Sunbird\sunbird.exe (Mozilla)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14A82592-84EC-4E7A-A6D9-DACF6713082C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{67520250-1e6c-11e0-bab6-001d929b85e8}\Shell - "" = AutoRun
O33 - MountPoints2\{67520250-1e6c-11e0-bab6-001d929b85e8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{705d1025-d756-11de-b0f0-001d929b85e8}\Shell - "" = AutoRun
O33 - MountPoints2\{705d1025-d756-11de-b0f0-001d929b85e8}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{cc7703fc-809d-11e0-9db4-001d929b85e8}\Shell - "" = AutoRun
O33 - MountPoints2\{cc7703fc-809d-11e0-9db4-001d929b85e8}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{e76824c8-1d83-11df-8685-001d929b85e8}\Shell - "" = AutoRun
O33 - MountPoints2\{e76824c8-1d83-11df-8685-001d929b85e8}\Shell\AutoRun\command - "" = "J:\Adobe CS5\Set-up.exe"
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.09 21:40:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pille\Desktop\OTL.exe
[2012.10.09 01:22:49 | 000,000,000 | ---D | C] -- C:\Users\Pille\AppData\Roaming\Malwarebytes
[2012.10.09 01:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.09 01:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.09 01:22:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.09 01:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.10.09 01:22:04 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Pille\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.26 07:35:13 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.23 13:21:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\stalker-shoc
[2012.09.23 11:25:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.23 11:25:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.23 11:25:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.23 11:25:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.23 11:25:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.23 11:25:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.23 11:25:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.23 11:25:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.23 11:25:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.23 11:25:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.23 11:25:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.23 11:25:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.23 11:25:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.23 11:25:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.23 11:25:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.12 10:52:44 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.12 10:52:44 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.12 10:52:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.12 10:52:43 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.11 11:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.09.11 00:22:14 | 000,000,000 | ---D | C] -- C:\Users\Pille\Documents\SEGA
[2012.09.10 01:54:50 | 000,000,000 | ---D | C] -- C:\Users\Pille\Desktop\Gesa_21_Infiltrator_120612_4f393a9
========== Files - Modified Within 30 Days ==========
[2012.10.09 21:40:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pille\Desktop\OTL.exe
[2012.10.09 19:02:31 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 19:02:31 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 18:55:03 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.10.09 18:54:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.09 18:54:51 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.09 18:54:13 | 000,000,020 | ---- | M] () -- C:\Users\Pille\defogger_reenable
[2012.10.09 18:51:03 | 097,008,497 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.10.09 01:22:37 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.09 01:22:13 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Pille\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.08 23:04:54 | 001,565,939 | ---- | M] () -- C:\Users\Pille\Desktop\Unbenannt-1.jpg
[2012.10.06 11:17:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.09.30 23:17:27 | 001,492,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 23:17:27 | 000,651,996 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 23:17:27 | 000,614,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 23:17:27 | 000,129,036 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 23:17:27 | 000,105,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 17:52:59 | 000,503,057 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.09.29 02:57:02 | 000,000,212 | ---- | M] () -- C:\Users\Pille\Desktop\XCOM Enemy Unknown Demo.url
[2012.09.23 14:38:30 | 000,000,079 | ---- | M] () -- C:\Users\Pille\AppData\Local\CrystalDiskMark30.ini
[2012.09.12 23:43:48 | 000,000,209 | ---- | M] () -- C:\Users\Pille\Desktop\Portal 2.url
[2012.09.12 11:24:58 | 000,000,210 | ---- | M] () -- C:\Users\Pille\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
========== Files Created - No Company Name ==========
[2012.10.09 18:54:12 | 000,000,020 | ---- | C] () -- C:\Users\Pille\defogger_reenable
[2012.10.09 01:22:37 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.08 23:04:51 | 001,565,939 | ---- | C] () -- C:\Users\Pille\Desktop\Unbenannt-1.jpg
[2012.09.29 02:57:02 | 000,000,212 | ---- | C] () -- C:\Users\Pille\Desktop\XCOM Enemy Unknown Demo.url
[2012.09.23 14:35:19 | 000,000,079 | ---- | C] () -- C:\Users\Pille\AppData\Local\CrystalDiskMark30.ini
[2012.09.12 23:43:48 | 000,000,209 | ---- | C] () -- C:\Users\Pille\Desktop\Portal 2.url
[2012.09.12 11:24:58 | 000,000,210 | ---- | C] () -- C:\Users\Pille\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2012.07.23 02:33:16 | 000,001,456 | ---- | C] () -- C:\Users\Pille\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.11.27 22:51:13 | 000,000,478 | ---- | C] () -- C:\Users\Pille\AppData\Roaming\GPU Monitor_Settings.ini
[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.05 13:43:26 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011.11.05 13:43:26 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011.11.05 13:43:26 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011.11.05 13:43:26 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011.11.05 13:43:26 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011.09.30 00:49:57 | 001,589,202 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.05.22 18:03:53 | 000,000,000 | ---- | C] () -- C:\Users\Pille\AppData\Local\{752C8005-72D3-41A2-8ED7-D8DA4D677E44}
[2011.01.31 14:56:01 | 000,001,655 | ---- | C] () -- C:\Users\Pille\AppData\Roaming\SvcTraceViewer.exe.settings
[2011.01.21 16:59:34 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010.12.30 22:16:16 | 000,033,937 | ---- | C] () -- C:\Windows\scunin.dat
[2010.09.12 13:41:47 | 000,001,031 | ---- | C] () -- C:\Users\Pille\AppData\Roaming\ShiftN.ini
[2010.08.03 01:23:41 | 000,007,680 | ---- | C] () -- C:\Users\Pille\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.24 23:53:04 | 000,000,118 | ---- | C] () -- C:\Users\Pille\AppData\Local\Config_4E29823E.dat
[2010.01.24 23:53:04 | 000,000,036 | ---- | C] () -- C:\Users\Pille\AppData\Local\Index_4E29823E.dat
[2009.12.24 01:13:26 | 000,007,604 | ---- | C] () -- C:\Users\Pille\AppData\Local\Resmon.ResmonCfg
[2009.11.21 00:47:18 | 000,002,528 | ---- | C] () -- C:\Users\Pille\AppData\Roaming\$_hpcst$.hpc
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2009.11.22 12:47:14 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Acronis
[2010.07.18 12:57:09 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\aicon
[2012.02.04 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Auslogics
[2012.01.26 15:24:46 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\AVG2012
[2010.01.01 16:48:58 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Azureus
[2012.03.29 21:13:32 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\com.Rhapsody.Napster5
[2010.08.09 01:55:35 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\cPicture
[2009.12.04 21:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Cuttermaran
[2010.02.28 23:20:53 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DAEMON Tools
[2010.01.01 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DAEMON Tools Lite
[2009.12.26 13:19:54 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DeepBurner
[2012.02.20 20:05:30 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DesktopIconForAmazon
[2012.10.09 21:25:09 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Dropbox
[2011.12.20 01:41:06 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DVDVideoSoft
[2011.12.20 01:40:58 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.02 01:32:41 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\eFMer
[2010.02.23 01:12:05 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\EPSON
[2012.08.14 01:00:31 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\JAM Software
[2012.02.12 19:53:45 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Kalypso Media
[2011.09.28 10:59:46 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Lexware
[2009.11.21 14:27:39 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\ML
[2011.11.01 13:52:48 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\MOGware, Inc
[2012.01.27 01:31:13 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Mp3tag
[2012.04.17 19:04:04 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\MusicBrainz
[2009.11.21 18:15:59 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\MyPhoneExplorer
[2012.08.30 12:49:51 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Opera
[2012.08.29 12:02:46 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Origin
[2010.02.20 00:50:28 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\PacificPoker
[2009.11.20 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\PC Suite
[2010.10.15 11:19:34 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\QIP
[2010.11.14 15:11:03 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Samsung
[2011.12.08 17:54:46 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.06.27 00:13:33 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\SteelSeries Xai
[2010.11.28 22:54:40 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Systweak
[2011.10.11 23:40:16 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Ubisoft
[2011.12.04 15:00:32 | 000,000,000 | ---D | M] -- C:\Users\Pille\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C895616B
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:7631EA83
< End of report > Extras: Code:
OTL Extras logfile created on: 09.10.2012 21:43:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pille\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 32,74% Memory free
10,00 Gb Paging File | 6,32 Gb Available in Paging File | 63,24% Paging File free
Paging file location(s): c:\pagefile.sys 6142 6142 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 40,85 Gb Total Space | 4,84 Gb Free Space | 11,86% Space Free | Partition Type: NTFS
Drive D: | 115,29 Gb Total Space | 8,53 Gb Free Space | 7,40% Space Free | Partition Type: NTFS
Drive E: | 440,03 Gb Total Space | 45,30 Gb Free Space | 10,30% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: Pille | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Photoshop CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE FOTOSCHAU] -- "d:\Programme\CEWE COLOR\FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "d:\Programme\CEWE COLOR\FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "d:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe\Photoshop CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE FOTOSCHAU] -- "d:\Programme\CEWE COLOR\FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "d:\Programme\CEWE COLOR\FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [PlayWithVLC] -- "d:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03BF3EB3-3282-4BFA-B8AB-5109B4F27FE1}" = rport=137 | protocol=17 | dir=out | app=system |
"{04E5E58E-C53D-4AF5-ABC3-1E979C4D70FB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0D724183-F593-4EDB-A422-0BBC6585F09C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17126863-7484-4701-834E-505078CB19A3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1B4E3875-73D0-477A-862A-848F2E234A04}" = rport=138 | protocol=17 | dir=out | app=system |
"{1C9B22C3-746E-4177-A2C0-D3940B3EF2E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26105809-C47A-4285-B595-AB819BAFAE14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BE0375E-80BB-4D1D-9101-171792F726CB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A643558-4B52-432B-9FED-B9076B670F38}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5A9929A9-FC4B-4365-94D2-ADF6FA33CF32}" = lport=10243 | protocol=6 | dir=in | app=system |
"{622A68FB-96AA-4197-868D-6089644C6D39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{673226B7-648D-4426-8129-706AB71C3CCD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{838F9F36-BE21-4E28-8468-C1E91D9BE943}" = lport=139 | protocol=6 | dir=in | app=system |
"{8471CFCD-E4CC-4300-92C0-C9DFD3A23226}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8B3F1443-4AC0-4A89-B800-D5D9B538ADA1}" = lport=137 | protocol=17 | dir=in | app=system |
"{8CEC30E5-EDAE-4BBC-B97D-97429DAEB289}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |
"{9879ADDD-67DA-4CCD-8020-B81E3788DC42}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9890C982-03BC-4270-A24A-0C8B6469B855}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{989B5877-15F3-4F69-92EB-E3C5F20C3C69}" = lport=138 | protocol=17 | dir=in | app=system |
"{A6779F43-2748-4A2C-BB1B-D4D3526A6431}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B47DB911-706B-439D-B14B-E89CB6E4B2F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{B597E769-22B9-49A8-97C3-3568B5357686}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8C20AFF-EC23-413F-8D47-84DB678096A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C822EA41-D7DD-4D5E-9369-576BCE7B29FC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D00CBC74-0ADF-4031-BF4E-3CBBAEE3D1B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DA05CEAE-93FE-4AF9-9B67-82F23E4404F9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8C9A929-FD54-418B-B2DB-4C87F9830815}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB0616B4-FF45-4A81-8260-F2B719DB0E1A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ED0CCD24-CC17-4DAC-806F-0020171AB632}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED37BE3F-8D9C-47F3-98E5-86ACA1DD184B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE77BE5B-F840-45D7-AC17-F99C91667E21}" = rport=445 | protocol=6 | dir=out | app=system |
"{F14AB106-192E-45A5-A2C7-5A68E245C3F5}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04052B7F-1CED-43A7-B84A-C49D785ECDB6}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\xcom-enemy-unknown-demo\binaries\win32\xcomgame.exe |
"{042BAD3A-DB4E-47E9-97A5-F62E35007350}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{04E63DFF-726E-491B-9C9B-38B100967DC1}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"{09C6E213-D851-4D4C-A7EE-D4B292B61177}" = protocol=17 | dir=in | app=d:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"{0A9FFCDA-996F-4330-ABCA-7FABF2614EE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0CA388B7-7131-4C5C-8E29-CBAFA0F242F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1331AD8A-7287-4504-9A0A-78BDA227A004}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\portal 2\portal2.exe |
"{16434E63-DCC4-4829-8B3C-CBCACAFC59FA}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{169FA8E1-7C77-45E3-B895-F6481D323EB7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16A9BE05-17FA-42AC-932B-31233C428339}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BC52C72-8E1A-4DE8-8F9D-D4C43865371E}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{20B3C555-F9A0-40F8-A7CA-AE901B22F830}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{2759CBDA-4FFB-4553-B22F-357CA3743C35}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\assassin's creed revelations\acrsp.exe |
"{30CB77F2-AF8D-474C-BFFC-0CE194D6BA4D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{32AB8257-12E6-4710-ABE8-6DE0CB989036}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{3AF250AB-C7D4-4EB6-BD69-F621CC7D1209}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{44A9930B-4F3A-4CED-B0FB-8D692311E1C3}" = protocol=6 | dir=in | app=d:\programme\samsung\npsvsvr.exe |
"{47F7111F-E41F-4B92-82B1-81CEEDFA9C13}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe |
"{4A7394D1-CFD2-4F4D-899D-F61812BC155E}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe |
"{4CD98398-9179-43B6-81EB-D68061C6938A}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{4D61F543-53CA-405E-9081-081D3AC570B5}" = protocol=6 | dir=in | app=d:\programme\samsung\npsasvr.exe |
"{4FB8514E-6B7B-4F22-853F-C5F0BBF0A78B}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
"{4FF8FEAA-C9DD-44F7-B8E6-9C171D065B42}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm |
"{52801498-AA3D-4439-89DB-9408893ED738}" = protocol=17 | dir=in | app=d:\programme\opera x64\opera.exe |
"{53B88378-484F-4376-A1BB-08F6B6911F90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{547072D5-3CC0-4694-8452-841629ACD876}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{56133C48-BCB1-474D-9F8E-7CAF36FA6BBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58867118-6A30-4B5A-A19C-FCCF3772FB70}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{59149081-CF50-4F5B-B81D-695F403DB454}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{5C9CE9B8-96B7-41BD-BFBE-FD403FAB2519}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{5E1FA221-6203-470E-9154-153E33137122}" = protocol=6 | dir=in | app=d:\spiele\call of duty 5\codwaw.exe |
"{5E9F9E8A-178F-488D-917E-85023E6B9FBC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{691C0C51-2349-4C0B-BD2F-4FD549962A72}" = protocol=17 | dir=in | app=d:\programme\samsung\npsvsvr.exe |
"{6E9819DF-5BB8-4952-B93E-25084E2F0A75}" = dir=in | app=d:\programme\skype\phone\skype.exe |
"{718BB11C-B4CB-4A97-B200-7AE1237A35B7}" = protocol=6 | dir=out | app=system |
"{72DE592B-7E3D-456A-8A79-4D1D702282BA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7531A644-04AE-4741-B948-24A4FEEB8F1B}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{7ABAF6FF-C022-4CE1-9947-3862FDCDC96B}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\assassin's creed revelations\acrsp.exe |
"{7FDC725E-E1E6-4B65-A225-723880F6C9C4}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{871C2753-1128-449B-9CE6-E648A4AA4D7B}" = dir=out | app=d:\programme\adobe\photoshop cs5\adobe photoshop cs5 (64 bit)\logtransport2.exe |
"{87569B2F-7689-4D6E-BDF5-6A0723150F65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A90FDF9-EDBC-47AB-9CE2-CA66C0569CF0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{91C22B7E-311F-4CAA-ABD7-07208814B234}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{93E59738-BCFC-4395-8712-2388BC35E219}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{961DBA26-38DF-4E30-887B-9C70165CF8A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C7BBE9B-5A93-4BD5-8855-09724DB7767F}" = protocol=17 | dir=in | app=c:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe |
"{9F717F51-801C-45D9-9D1E-AAE57AA25036}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{9F816EDA-0AD0-4BA1-9240-EC207CF11796}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{A1760288-FA87-4CED-9C00-C68D2C878050}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A3A13F0C-429F-4DF8-8C07-03DFD08519AB}" = protocol=17 | dir=in | app=d:\programme\samsung\npsasvr.exe |
"{A972B135-471A-4602-9FBD-81302CD5241A}" = protocol=6 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{ACD4E87D-C2B2-4FF8-9EE3-FA2D984DC5A7}" = protocol=17 | dir=in | app=d:\programme\samsung\npsguide.exe |
"{ADC76708-CCEB-45C0-B86A-B5CD5CB13352}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B73467DF-BC96-41B1-B053-1ECBAE36EB6B}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\renegade ops\renegadeops.exe |
"{B7BCE167-5E92-478E-9394-9DDF8313A534}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{B94BE3E6-91E3-49AC-801C-95037AA6713B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B997585C-86EB-48AE-A376-E3D357249A61}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{BBF77D71-2649-4393-9CC9-8A033DFC95C5}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{C0F67B61-56D5-4821-835F-A37448230370}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\xcom-enemy-unknown-demo\binaries\win32\xcomgame.exe |
"{C6F8EF3F-04A8-42C6-9C3B-9695FE76CA6C}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{C8389598-821C-4289-BD16-14B9ACEE56A8}" = dir=out | app=d:\programme\adobe\photoshop cs5\adobe photoshop cs5 (64 bit)\photoshop.exe |
"{C94E3E6C-12D5-49A7-9763-FAD47CCB77B4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{CA49C49E-3DDE-4CB1-BD24-481BDE0F9951}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\renegade ops\renegadeops.exe |
"{CE42B98C-EAD6-4EDD-8DB2-BF0B2C582833}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D413F0BA-A777-4A50-9E28-74C3D1B8D656}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{D5D1564E-64E1-4BC3-8DFC-A4941515EF27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8957D20-5DF8-4DA4-A41D-796771B86F66}" = protocol=6 | dir=in | app=c:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe |
"{DAEBB9C1-1AD7-49CF-B959-687C9203A2DA}" = protocol=17 | dir=in | app=d:\programme\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{DCC29FE2-D132-41CD-AAF3-DFEE8C09BD46}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\grid\grid.exe |
"{DFF8A626-B3F9-4159-A1DD-8E813701D8AF}" = protocol=17 | dir=in | app=d:\spiele\call of duty 5\codwawmp.exe |
"{E3B36DBC-8FDC-4714-A144-5FB9B379E05D}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\grid\grid.exe |
"{E53B677D-1FC7-46AF-A6CD-59706CA59410}" = protocol=6 | dir=in | app=d:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe |
"{E76E3C1C-CD51-42E2-B135-0BC491F7D061}" = protocol=6 | dir=in | app=d:\programme\samsung\npsguide.exe |
"{E7C363B7-6266-420B-8CBC-CB50A6D6A3F9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ED9900C0-4011-44E5-BC12-4A0DFB4DF2FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{EDC297E5-0FB8-4E22-B46D-83A716BAD399}" = protocol=6 | dir=in | app=d:\programme\opera x64\opera.exe |
"{F32D0DDB-0C9B-40B7-8638-97D930306358}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F4E0816B-C205-498F-B5FA-785E26B3CAC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF0BE6CE-4B18-4D74-92FD-EA096514FFE1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{0C69500A-884C-4F88-87D0-10CAE1174FA2}D:\programme\musicbrainz picard\picard.exe" = protocol=6 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"TCP Query User{2906D72A-1E78-4382-B341-6BF48D4E0B35}D:\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\spiele\call of duty 2\cod2mp_s.exe |
"TCP Query User{2974E429-B758-4ADD-81EC-9F715264AC94}D:\programme\samsung\npsdmpplayer.exe" = protocol=6 | dir=in | app=d:\programme\samsung\npsdmpplayer.exe |
"TCP Query User{43BF5DE5-816A-46E4-A334-92932D359E35}D:\programme\qip\qip.exe" = protocol=6 | dir=in | app=d:\programme\qip\qip.exe |
"TCP Query User{495DC0C4-8C9C-4E03-88CF-D0372BE83055}D:\spiele\age of empires ii\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=d:\spiele\age of empires ii\age2_x1\age2_x1.exe |
"TCP Query User{80D1F695-0670-41DB-B7CF-AA8F43D43613}C:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{9F1BDC67-F0FD-4B8A-9740-A23ADEB48E38}\\***\spiele\flatout2\flatout2.exe" = protocol=6 | dir=in | app=\\***\spiele\flatout2\flatout2.exe |
"TCP Query User{B8443AE4-70DC-462D-8497-99525EECE22C}D:\spiele\age of empires ii\age2_x1.exe" = protocol=6 | dir=in | app=d:\spiele\age of empires ii\age2_x1.exe |
"TCP Query User{CE4BE159-53AF-4644-B8C7-0926D3A307D0}D:\programme\steam\steamapps\common\assassin's creed revelations\acrpr.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\assassin's creed revelations\acrpr.exe |
"TCP Query User{D03BF8EC-0092-46E9-80ED-A5E49CC90715}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E1F19C63-72AC-4226-8BF8-6B25D5991E60}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{E70F4D2A-1CDF-44A6-B7E9-68E6F904FBB2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{EBFDF0C6-804F-47AA-954A-69EFCA9E9591}D:\programme\emule\emule.exe" = protocol=6 | dir=in | app=d:\programme\emule\emule.exe |
"TCP Query User{F7661099-BF0B-41C0-BE38-4FAB28DE8389}D:\programme\qip\qip.exe" = protocol=6 | dir=in | app=d:\programme\qip\qip.exe |
"UDP Query User{0C496F0E-9485-44C9-A5A0-56FE3C010F17}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{2F6E25E6-FB73-4B2A-B1AD-C87DD1172F4C}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{3904F8BF-9960-4B6A-B8ED-FE8D6CA5C949}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4C26BD5C-16E9-4499-9E5A-C3F673C4AD87}D:\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\spiele\call of duty 2\cod2mp_s.exe |
"UDP Query User{612B149E-F68F-494A-912B-3FF7702F8DC0}D:\spiele\age of empires ii\age2_x1.exe" = protocol=17 | dir=in | app=d:\spiele\age of empires ii\age2_x1.exe |
"UDP Query User{618D0430-7291-4AD8-95C3-ED81E76E2CFE}D:\programme\steam\steamapps\common\assassin's creed revelations\acrpr.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\assassin's creed revelations\acrpr.exe |
"UDP Query User{69AF59C5-B38B-4862-A48A-E2525172B451}D:\programme\qip\qip.exe" = protocol=17 | dir=in | app=d:\programme\qip\qip.exe |
"UDP Query User{7176C3D4-5B83-4549-B75F-848AB6FC2B6C}D:\programme\samsung\npsdmpplayer.exe" = protocol=17 | dir=in | app=d:\programme\samsung\npsdmpplayer.exe |
"UDP Query User{742421D8-1CA0-4099-BDB0-5C31A5CAEA4E}\\***\spiele\flatout2\flatout2.exe" = protocol=17 | dir=in | app=\\***\spiele\flatout2\flatout2.exe |
"UDP Query User{9348871E-843F-4E68-A933-583002831100}D:\programme\qip\qip.exe" = protocol=17 | dir=in | app=d:\programme\qip\qip.exe |
"UDP Query User{D99F029A-642D-4A99-9CC9-CD6B68A682E4}D:\programme\emule\emule.exe" = protocol=17 | dir=in | app=d:\programme\emule\emule.exe |
"UDP Query User{E73C9315-DE93-4A23-A7E3-C7BA0E2CD9E7}C:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\pille\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{E798B193-53A8-41ED-B7E2-11CF97DDB217}D:\programme\musicbrainz picard\picard.exe" = protocol=17 | dir=in | app=d:\programme\musicbrainz picard\picard.exe |
"UDP Query User{F134F2EA-0DFC-4E84-96BB-52FBED409071}D:\spiele\age of empires ii\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=d:\spiele\age of empires ii\age2_x1\age2_x1.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{344C0D46-2EF4-4BC8-AE03-3DACDA9B9485}" = AVG 2012
"{361A49FA-59B3-49FB-8C3E-08AF3EA5791A}" = Application Verifier (x64)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6F29F195-B11C-3EAD-B883-997BB29DFA17}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3826F5-A2C1-40E3-A03F-49EFB2ABF62A}" = BOINC
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{965DF723-5688-359E-84D2-417CAFE644B5}" = Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"AVG" = AVG 2012
"camcodec" = CamStudio Lossless Codec
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.19
"MediaInfo" = MediaInfo 0.7.25
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Opera 12.02.1578" = Opera 12.02
"Pen Tablet Driver" = Bamboo
"Recuva" = Recuva
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1" = GPSBabel 1.4.3
"{1D9943F4-2568-6DE3-0F01-C4A5BC665703}" = Napster 5 Beta
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{44D9A2CB-0692-3180-B5E2-26F4E807D067}" = Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FFEC1CA-DD48-43C4-8BA1-01A82B2C8837}" = QIP 2010 4444 Jeak-Edition
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77E57197-30EC-444F-B1B8-A99AA2A45794}" = SteelSeries Xai Laser Mouse
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{CD27A577-BD77-481D-9E07-314AE9059A77}" = bcTester 4.9 (de)
"{D16CBD59-07B3-4F98-A404-01B6D87A90F2}" = BoneLab
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E237FA24-CFB3-431F-B356-DF8FB116DE4B}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Active@ DVD Eraser v 1.1" = Active@ DVD Eraser v 1.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Airport Mania" = Airport Mania
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CobBackup10" = Cobian Backup 10
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.Rhapsody.Napster5" = Napster 5 Beta
"Cpukiller3_is1" = Cpukiller3 v1.0.5
"Dangerous Waters_is1" = Dangerous Waters
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"eMule" = eMule
"EPSON Scanner" = EPSON Scan
"GetASFStream" = GetASFStream
"Google Updater" = Google Updater
"GPS-Track-Analyse.NET_is1" = 5.0.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{97EE1BAC-C04F-4935-8110-B1BBAB99D09D}" = Call of Duty(R) - World at War(TM) 1.4.1 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E237FA24-CFB3-431F-B356-DF8FB116DE4B}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"Mp3tag" = Mp3tag v2.49b
"MPE" = MyPhoneExplorer
"MusicBrainz Picard" = MusicBrainz Picard
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.1.2
"Origin" = Origin
"PC Wizard 2012_is1" = PC Wizard 2012.2.0
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"rayatitray" = Ray Adams ATI Tray Tools
"Revo Uninstaller" = Revo Uninstaller 1.92
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"Steam App 12750" = GRID
"Steam App 17460" = Mass Effect
"Steam App 201870" = Assassin's Creed Revelations
"Steam App 216690" = XCOM: Enemy Unknown Demo
"Steam App 400" = Portal
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 620" = Portal 2
"Steam App 99300" = Renegade Ops
"TreeSize Free_is1" = TreeSize Free V2.7
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 2.0.1
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"XviD" = XviD MPEG-4 Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1931835600-3465660405-1110096234-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.08.2011 16:02:34 | Computer Name = *** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Microsoft Visual Studio 9.0\VC\bin\ia64\pgosweep.exe". Die abhängige Assemblierung
"Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.08.2011 16:05:03 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 01.08.2011 16:10:04 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 02.08.2011 16:00:05 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 02.08.2011 16:05:03 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 03.08.2011 16:00:05 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 03.08.2011 16:05:04 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 03.08.2011 16:10:04 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 04.08.2011 16:00:06 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 04.08.2011 16:05:04 | Computer Name = *** | Source = VSS | ID = 8194
Description =
[ Cisco AnyConnect VPN Client Events ]
Error - 02.02.2012 09:37:55 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 02.02.2012 09:38:25 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: URL::URL File: .\Utility\URL.cpp Line: 38 Invoked Function:
URL::setURL Return Code: -28508150 (0xFE4D000A) Description: URL_ERROR_BAD_URL parameter=
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CHttpSessionAsync::OnTransportInitiateComplete File: .\IP\HttpSessionAsync.cpp
Line:
1051 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
-31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
(0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1175 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
(0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1019 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
(0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
855 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 02.02.2012 09:38:33 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901363 (0xFE47000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 02.02.2012 10:04:28 | Computer Name = *** | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.
Error - 02.02.2012 10:04:28 | Computer Name = *** | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
[ Cobian Backup Boletus VSC Service Events ]
Error - 01.10.2010 13:55:38 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Timeout für den Vorgang wurde überschritten.
Error - 01.10.2010 14:40:28 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Timeout für den Vorgang wurde überschritten.
Error - 01.10.2010 14:52:33 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Timeout für den Vorgang wurde überschritten.
Error - 01.10.2010 15:11:17 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Protocol inconsistency. Purging the current snapshot set
Error - 01.10.2010 15:11:23 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Deletion of snapshot failed: The requested object does not exist.
Error - 01.10.2010 15:23:08 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Timeout für den Vorgang wurde überschritten.
Error - 01.10.2010 16:00:03 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = Protocol inconsistency. Purging the current snapshot set
Error - 27.01.2011 17:10:03 | Computer Name = *** | Source = Cobian Backup Boletus VSC Service | ID = 0
Description = The creation of a shadow copy is already in progress.
[ OSession Events ]
Error - 02.02.2012 12:42:15 | Computer Name = *** | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 415
seconds with 360 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 08.10.2012 01:16:58 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lilsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 08.10.2012 01:17:25 | Computer Name = *** | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 08.10.2012 13:10:08 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ithsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 08.10.2012 13:10:08 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lilsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 01:14:27 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ithsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 01:14:27 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lilsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 11:19:50 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ithsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 11:19:50 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lilsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 12:55:05 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ithsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 09.10.2012 12:55:05 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lilsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
< End of report > Was kann ich nun weiter tun? |