Code:
OTL logfile created on: 12/7/2012 8:33:34 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 61.14% Memory free
5.99 Gb Paging File | 4.60 Gb Available in Paging File | 76.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 900.41 Gb Total Space | 774.80 Gb Free Space | 86.05% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 10.23 Gb Free Space | 34.11% Space Free | Partition Type: NTFS
Computer Name: TINI-PC | User Name: Tini | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tini\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
PRC - C:\Program Files\Giraffic\Veoh_Giraffic.exe (Giraffic)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (x10nets) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (X10)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
========== Driver Services (SafeList) ==========
DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
DRV - (catchme) -- C:\Users\Tini\AppData\Local\Temp\catchme.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - ({60DB6561-0A84-4c94-AF33-288405CFD56D}) -- C:\Program Files\CyberLink\PowerCinema Movie\000.fcl (CyberLink Corp.)
DRV - (NxpCap) -- C:\Windows\System32\drivers\NxpCap.sys (NXP Semiconductors Germany GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (hidkmdf) -- C:\Windows\System32\drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider)
DRV - (NW1950) -- C:\Windows\System32\drivers\NW1950.sys ()
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{475187CA-0775-4017-AB51-E948BBA1661F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{724E5287-594D-4019-8370-B60D14AD497B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050&SSPV=IENOSGBR
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{CBB82912-64F8-4C6E-A618-3762C439712D}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{EA68F8AA-9B47-4A4E-9BCC-0939262B3DCC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\Tini\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tini\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/09 20:32:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012/12/05 20:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/05 20:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012/12/05 20:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 00:14:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 00:14:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 00:14:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 00:14:48 | 000,000,000 | ---D | M]
[2011/09/02 22:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tini\AppData\Roaming\mozilla\Extensions
[2012/10/23 21:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tini\AppData\Roaming\mozilla\Firefox\Profiles\ecfa2ova.default\extensions
[2012/10/27 00:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/10/27 00:14:50 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/20 13:01:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/31 19:59:23 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/20 13:01:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/20 13:01:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/20 13:01:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/20 13:01:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/11/28 12:09:36 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000..\Run: [HP Deskjet 3070 B611 series (NET)] C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Tini\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18FB4348-A233-4652-9588-6B0492EB5C9F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DA6FBA5-A79C-4CC1-9878-85963AFB2B96}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/30 13:38:47 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/11/28 12:12:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/28 12:11:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/11/28 11:09:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/11/28 11:09:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/11/28 11:09:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/11/28 11:09:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/11/28 11:09:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/11/28 11:04:29 | 005,008,415 | R--- | C] (Swearware) -- C:\Users\Tini\Desktop\ComboFix.exe
[2012/11/28 08:21:16 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tini\Desktop\tdsskiller.exe
[2012/11/27 22:22:39 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tini\Desktop\aswMBR.exe
[2012/11/27 19:58:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tini\Desktop\OTL.exe
[2012/11/15 23:31:09 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/11/15 23:31:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/11/15 23:30:18 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/11/15 23:30:17 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/11/15 23:30:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/11/15 23:29:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/11/15 23:29:16 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/11/15 23:29:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/11/15 23:29:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/11/15 23:29:14 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/11/15 23:29:13 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/11/15 23:29:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/11/15 23:29:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/11/15 16:58:37 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/15 16:58:34 | 002,344,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/11 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\Tini\AppData\Roaming\Mozilla-Cache
[2012/11/11 15:04:32 | 000,000,000 | ---D | C] -- C:\Users\Tini\AppData\Roaming\Party
[2012/11/11 15:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker
[2012/11/11 15:03:44 | 000,000,000 | ---D | C] -- C:\Programs
[2012/11/08 17:27:09 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2012/11/08 17:26:29 | 000,000,000 | ---D | C] -- C:\Poker
[20 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/12/07 20:31:37 | 000,001,958 | ---- | M] () -- C:\Users\Tini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk
[2012/12/07 20:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/07 20:29:59 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 20:29:59 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 20:22:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/07 20:22:02 | 2414,432,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/07 20:01:00 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012/12/07 19:59:35 | 000,540,743 | ---- | M] () -- C:\Users\Tini\Desktop\adwcleaner.exe
[2012/12/02 10:37:19 | 000,654,436 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/12/02 10:37:19 | 000,616,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/02 10:37:19 | 000,130,050 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/12/02 10:37:19 | 000,106,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/29 22:29:57 | 000,000,512 | ---- | M] () -- C:\Users\Tini\Desktop\MBR.dat
[2012/11/29 20:40:08 | 410,885,832 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/11/28 12:09:36 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/11/28 11:04:51 | 005,008,415 | R--- | M] (Swearware) -- C:\Users\Tini\Desktop\ComboFix.exe
[2012/11/28 08:21:19 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tini\Desktop\tdsskiller.exe
[2012/11/27 22:23:06 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tini\Desktop\aswMBR.exe
[2012/11/27 21:34:55 | 000,302,592 | ---- | M] () -- C:\Users\Tini\Desktop\k572brui.exe
[2012/11/27 19:58:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tini\Desktop\OTL.exe
[2012/11/20 14:34:29 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/20 14:34:29 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/11/18 18:58:09 | 000,023,587 | ---- | M] () -- C:\Users\Tini\Desktop\concept-bmx-bicycle-2.jpg
[2012/11/16 17:38:26 | 000,093,775 | ---- | M] () -- C:\Users\Tini\Desktop\Hisoka_by_vilsen.jpg
[2012/11/16 08:41:50 | 000,289,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/15 17:12:22 | 000,589,144 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/11/15 17:12:22 | 000,043,608 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kltdi.sys
[2012/11/11 15:04:00 | 000,001,699 | ---- | M] () -- C:\Users\Tini\Desktop\PartyPoker.lnk
[20 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/12/07 19:59:26 | 000,540,743 | ---- | C] () -- C:\Users\Tini\Desktop\adwcleaner.exe
[2012/11/28 11:09:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/28 11:09:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/28 11:09:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/28 11:09:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/28 11:09:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/27 22:43:44 | 000,000,512 | ---- | C] () -- C:\Users\Tini\Desktop\MBR.dat
[2012/11/27 21:34:54 | 000,302,592 | ---- | C] () -- C:\Users\Tini\Desktop\k572brui.exe
[2012/11/18 18:58:05 | 000,023,587 | ---- | C] () -- C:\Users\Tini\Desktop\concept-bmx-bicycle-2.jpg
[2012/11/16 17:38:22 | 000,093,775 | ---- | C] () -- C:\Users\Tini\Desktop\Hisoka_by_vilsen.jpg
[2012/11/15 23:31:12 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 23:30:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/11 15:04:00 | 000,001,699 | ---- | C] () -- C:\Users\Tini\Desktop\PartyPoker.lnk
[2012/07/04 09:37:23 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat
[2012/03/24 11:27:57 | 000,000,017 | ---- | C] () -- C:\Users\Tini\AppData\Local\resmon.resmoncfg
[2012/02/17 18:06:12 | 000,000,624 | ---- | C] () -- C:\Windows\eReg.dat
[2012/02/15 21:30:29 | 000,347,472 | ---- | C] () -- C:\Users\Tini\AppData\Local\MB.SAV
[2012/01/19 18:44:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/10/12 18:40:30 | 000,005,632 | ---- | C] () -- C:\Users\Tini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/02 22:55:09 | 000,017,408 | ---- | C] () -- C:\Users\Tini\AppData\Local\WebpageIcons.db
[2011/06/08 22:49:42 | 001,929,576 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3070_B611.dll
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Code:
OTL Extras logfile created on: 12/7/2012 8:33:34 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tini\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 61.14% Memory free
5.99 Gb Paging File | 4.60 Gb Available in Paging File | 76.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 900.41 Gb Total Space | 774.80 Gb Free Space | 86.05% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 10.23 Gb Free Space | 34.11% Space Free | Partition Type: NTFS
Computer Name: TINI-PC | User Name: Tini | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B66BA7-7313-4F1B-BF12-3BCBE1F23A03}" = lport=137 | protocol=17 | dir=in | app=system |
"{14482380-1C2C-4FCF-AB6D-72B714F98F5C}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{22DBE5F4-FABC-4091-99F5-E5603BAED2DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22EC563F-A530-4147-BBA9-50A4CBB22FA9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2885682F-D4E9-446D-8C20-02D9B817CD59}" = lport=445 | protocol=6 | dir=in | app=system |
"{2D6171EC-D1A7-4A25-80D1-B0DC6115BD7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2E81D8A9-73D7-49B0-A812-CD1E341C96C5}" = rport=139 | protocol=6 | dir=out | app=system |
"{36E49077-75DF-4C48-A8A0-48082AB8210B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4218BF11-0466-49A7-B672-4FF5BC762B73}" = lport=139 | protocol=6 | dir=in | app=system |
"{5296EA67-B982-48D5-9030-57EC7616461E}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{64B5DE84-1C17-4C6A-968A-AD8A322FAAFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{695FF718-853C-41C6-A44B-F0345A94270E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{71DE3893-88AC-4B2D-ABBC-8B1A3F896EF5}" = rport=138 | protocol=17 | dir=out | app=system |
"{7B35D43D-4C39-4238-B471-1F8EDD8E6E90}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B78F9A0-57F0-4E6E-9B4D-2F81CAFE8DB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F0A4F15-7330-4756-B59D-95FE3B129D04}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C1E297D-E260-4718-8C77-1A72FECA8884}" = rport=137 | protocol=17 | dir=out | app=system |
"{8D909FB4-3E35-4527-9F5B-BE681967A32F}" = lport=138 | protocol=17 | dir=in | app=system |
"{A3676597-BE3E-4ACD-8E05-B0EA62050DFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A5FDC51E-8A17-49AE-954B-EF34F9E6B01A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AEBA1A77-D360-4C08-9E48-BC24AAC24D7E}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B36D696F-A9B2-40E0-A375-A1F6792752B2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C688A4D6-5925-4B9E-9335-7E4DD6C10925}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CDAC8DBA-ED4E-448C-8E4B-2DC9147A009F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D6CBB05B-4AD5-4110-8192-0E5C23BB9F8C}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{DDCC2E78-B1BC-45D1-A5DF-655516479917}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DE5B441E-8D5A-4EDD-AD83-1A4B6DC40ACD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F78E6D00-A235-4236-9FAC-717C0334A2DF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FB45BDA9-E58D-4941-A902-0A6D26FECD79}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E205A1F-7B4D-4880-967A-656C2CCBF713}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dmp\clbrowserengine.exe |
"{0E4BF218-D8B7-4765-8D7A-14D51769761A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\tropico 4\tropico4.exe |
"{16692856-EDFA-4DA9-831B-ED956197DBB0}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{1728E32E-3129-48E5-9FA9-6E484810CBEF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1A275D4D-4C83-417A-97CF-E46E02EFE0B0}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{1BA58D5D-AB49-459A-BDEF-5BA79B2F2F63}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dc universe online\launchpad.exe |
"{1CE96BC5-722C-4AE7-BB58-63400AE6E441}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{205EFAE2-DE2A-40B3-89F0-A2B341CE0A39}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{2306076A-26F6-4A3D-8784-5761A1B444BF}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{253C9EB5-389B-4735-A4A9-83D2F5D70FC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{29A33729-F7F8-48EC-B59F-753C08769FED}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{2C6AF0BF-DDD4-4CFB-82A9-1018628EAB98}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe |
"{2CD68159-0DCA-4F92-9C72-56C2C0235445}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{2FD99BF1-616F-4980-9531-3B24002422CE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\everquest 2\launchpad.exe |
"{33E4CEBA-43E3-48E8-8F9A-1FEF2210544F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\aoeonline.exe |
"{351EDA4A-2AD0-4E15-8DEC-0C354B7DD295}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{3C5B610A-8F10-4B34-9153-446D510582AF}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe |
"{3F133E00-2929-40BC-930B-FFA10E9B1E96}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43B867BA-3506-4306-8268-8AD04734A9F7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{486A3686-1F14-4C02-A3DB-1CAE86D5548A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51BFFB9D-CE17-4943-A504-0DD09A8C1485}" = dir=in | app=c:\program files\cyberlink\youmemo\youmemo.exe |
"{5213E768-814F-4042-8FEA-ABE7B3A01614}" = dir=in | app=c:\program files\cyberlink\youmemo\pcmservice.exe |
"{53B01539-20BA-45DA-BA9C-57203CD9AA96}" = protocol=17 | dir=in | app=c:\program files\giraffic\veoh_girafficwatchdog.exe |
"{592B5C88-F865-491C-B151-925A6679DEA8}" = protocol=17 | dir=in | app=c:\program files\giraffic\veoh_giraffic.exe |
"{5CC70368-7173-45B4-B8A7-3C4D2264B926}" = dir=in | app=c:\program files\cyberlink\powercinema movie\powercinemamovie.exe |
"{5DAC09AE-9C13-4D3F-8A31-7C9EFA65135A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{608681DC-2D3E-41CB-B4BF-11A8FD131F34}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6A26E274-A70E-4737-8E13-8BA76C354CEB}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{6CFA5D63-88A9-4542-B08F-4BDEEAF6E3F5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\torchlight\torchlight.exe |
"{75587CFF-39A7-434A-8594-9FFAC1BEE36D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7B7DCE9A-4CF3-455B-A53A-C4EBC73962E3}" = dir=in | app=c:\program files\cyberlink\powercinema\powercinema.exe |
"{7CC28C12-E482-4BBD-96B8-7185635D51F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7CF47E76-AA46-4F53-8E0C-F444946178DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8047F2D9-96F2-4D14-92DF-35242A854325}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{805792CE-0DD1-4535-8B45-4C62C5CDCE36}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{8816C4E1-0728-4DD4-BA4C-5D767757E0AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8DA96D4B-EA4E-4309-9234-DCB9233D82F4}" = protocol=6 | dir=in | app=c:\program files\giraffic\veoh_girafficwatchdog.exe |
"{90C0943C-0EBC-43A5-98BF-6C8D2F60FCF9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warincbattlezone\rsupdate.exe |
"{91F4775C-8AFE-4B2D-97C5-42F9FC7D0AC8}" = dir=in | app=c:\program files\hp\hp deskjet 3070 b611 series\bin\devicesetup.exe |
"{92FA78DF-04AC-4E23-BF28-25EBBE8EEFCF}" = protocol=6 | dir=in | app=c:\users\tini\downloads\gamin16\gamin16\gameunp.exe |
"{947258C2-75DB-4DDE-92F2-CA0ADE9848D5}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{992CA517-D66C-437A-AD0F-778A2BE3FBBE}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{9A045F59-09AC-49AA-A8B3-D81C5F224933}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{A0E14968-0601-4DA8-9798-0B8C334095E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A685E491-B911-4B98-A67E-816716D220F3}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dmp\clbrowserengine.exe |
"{AC007553-73AA-4F0A-AC37-70DA537BF858}" = protocol=17 | dir=in | app=c:\users\tini\downloads\gamin16\gamin16\gameunp.exe |
"{ADCA0B4C-CA9B-4A1A-AEAB-D787442A1E06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1EFAA6F-1F87-401E-B13C-85D5D7678B56}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{B9E93C6D-6EE1-49DC-A7A3-1BA6EB5C2C18}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr8.exe |
"{BA26000A-3050-4612-A12F-D93991922EE7}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{BC0E86CD-974A-4787-B811-4C31D646824B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\tropico 4\tropico4.exe |
"{BEDEF5DC-A375-4D6A-A02A-F368C430EA10}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{C0015075-E31D-426D-96BB-CB2487CF509E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{C0A5606D-56DE-4790-BB11-958780FDDC9D}" = protocol=6 | dir=in | app=c:\program files\giraffic\veoh_giraffic.exe |
"{C3E658BF-91A5-4314-8FAB-7538AA61E7F5}" = protocol=6 | dir=in | app=c:\program files\giraffic\veoh_giraffic.exe |
"{C42ED4E0-2A7D-4E69-8114-92FADAB0A0BF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C434B20F-3860-476E-8837-4ACEA143555C}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{C4E2A564-4256-49AB-B384-6457E340AB17}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\warincbattlezone\rsupdate.exe |
"{C7296F54-610A-4955-851E-0357DB8CD7C7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C8A26337-BC80-4628-9F94-A687C5D21697}" = protocol=6 | dir=out | app=system |
"{CBADF560-8DCE-4362-9376-3D2CB1FE9B89}" = dir=in | app=c:\program files\cyberlink\powercinema\kernel\dms\clmsservice.exe |
"{CD57042C-F516-4ED2-A83C-E583AEB8945E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\everquest 2\launchpad.exe |
"{D46467A4-B089-404E-BD7A-883E50471182}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\aoeonline.exe |
"{D4CB2363-546C-4F75-A526-010648A01965}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D639DD0B-407F-424D-B1CB-2653BA7C6DF2}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe |
"{DD28CF10-A7F6-4943-A1A0-9DE8E1E6D9D5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DE1862E2-8815-41A6-BE0C-928C041C6F98}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{DEABD82F-187D-43E3-BC02-08378859EC8A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E1742B39-B160-45E0-9B43-E2E586018147}" = protocol=17 | dir=in | app=c:\program files\giraffic\veoh_girafficwatchdog.exe |
"{E3F61A76-FF0C-4595-917E-CA9C80494444}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{EBE86853-268F-4BA0-8138-2F51591CC806}" = dir=in | app=c:\program files\cyberlink\powercinema\pcmservice.exe |
"{EEE54435-263D-4AE8-BDE3-85BD6F0AE6C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF907E8A-F88C-401D-A67F-907C2CFD7E9C}" = protocol=6 | dir=in | app=c:\program files\giraffic\veoh_girafficwatchdog.exe |
"{F5D9781E-7635-4046-85B4-AB7A22598398}" = dir=in | app=c:\program files\cyberlink\youmemo\kernel\dms\clmsservice.exe |
"{F6E5FC8A-040E-46AB-991D-BAB48485DF65}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dc universe online\launchpad.exe |
"{FD4861C3-0EFF-4725-A2B1-74CA562694C4}" = protocol=17 | dir=in | app=c:\program files\giraffic\veoh_giraffic.exe |
"{FDC1B88A-EFFE-433F-8F03-D09530D5AC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FEB4390E-3AF6-4CC4-A513-52BC638B681A}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{FFDAE163-03D5-4641-B1D9-25B96D96C1D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0D1AA4CC-3729-4D0D-B602-D6EEA0C1E0E1}C:\users\tini\downloads\gamin16\gamin16\gameunp.exe" = protocol=6 | dir=in | app=c:\users\tini\downloads\gamin16\gamin16\gameunp.exe |
"TCP Query User{1815542A-BED2-4945-A027-C723B41077ED}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 11-20\gameunp.exe" = protocol=6 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 11-20\gameunp.exe |
"TCP Query User{214CB451-1630-4914-856F-C6826B87EBD5}C:\program files\steam\steamapps\common\age of empires online\spartan.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\spartan.exe |
"TCP Query User{4D1D3C59-59A4-434C-B0DF-7F22896006A0}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{5FDA9D05-E793-48DB-B4E2-DF22374C02CE}C:\program files\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{62D2B7C4-64A0-44EF-8FC9-C154309339F0}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 21-22\gameunp.exe" = protocol=6 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 21-22\gameunp.exe |
"TCP Query User{72F5A3E0-0AA6-4C2E-949E-8EB0BEA28C8C}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{7EB60670-F12E-447B-82C2-1812728F135D}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 1-10\gameunp.exe" = protocol=6 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 1-10\gameunp.exe |
"TCP Query User{8CAC37AE-A09C-420B-9816-E4EDC49060CF}C:\program files\gamespy arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"TCP Query User{AA73F872-EF98-4840-AA6E-BB046F4E0518}C:\users\tini\desktop\dasdasds\gamin16\gameunp.exe" = protocol=6 | dir=in | app=c:\users\tini\desktop\dasdasds\gamin16\gameunp.exe |
"TCP Query User{C966D39A-A67C-4933-8C37-02364F3EE75E}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{E7BD5CAB-A26A-4B48-9A68-EC7DE1A50A4B}C:\users\tini\desktop\fas\mohaa.exe" = protocol=6 | dir=in | app=c:\users\tini\desktop\fas\mohaa.exe |
"TCP Query User{EDFB6F9D-2324-4EDB-A16C-652DA6426A64}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{05556BDC-A88D-4E88-B639-6AD9F1A25F41}C:\program files\gamespy arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"UDP Query User{07DAD139-B668-402D-B088-86CBAF148B60}C:\users\tini\desktop\fas\mohaa.exe" = protocol=17 | dir=in | app=c:\users\tini\desktop\fas\mohaa.exe |
"UDP Query User{095CFD2C-5329-4399-BB73-899A1DF61680}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{16B12535-07B0-46F5-8AC6-AD0B08599A23}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 21-22\gameunp.exe" = protocol=17 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 21-22\gameunp.exe |
"UDP Query User{1CE27168-27A8-450D-848F-D4C37E73BB56}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 1-10\gameunp.exe" = protocol=17 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 1-10\gameunp.exe |
"UDP Query User{4F2B2E39-5DE2-4EB4-B73D-8203E65AB06C}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{5B6899ED-5FDC-4547-BE1F-A5C85BB751C7}C:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 11-20\gameunp.exe" = protocol=17 | dir=in | app=c:\users\tini\desktop\gaminator\gaminatordeluxe\gaminatordeluxe spiele 11-20\gameunp.exe |
"UDP Query User{70F9394A-9005-4A43-8DEC-A25856D8F75C}C:\users\tini\desktop\dasdasds\gamin16\gameunp.exe" = protocol=17 | dir=in | app=c:\users\tini\desktop\dasdasds\gamin16\gameunp.exe |
"UDP Query User{78552178-392E-4286-A43F-43286E63EE10}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{992FCF26-16D8-4A52-8D09-84C30B8B0389}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{9DBB179E-2844-4BE8-AFD9-852ED8708A0E}C:\program files\steam\steamapps\common\age of empires online\spartan.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age of empires online\spartan.exe |
"UDP Query User{CB94C7FB-B7D5-47BC-869E-33583BE9741E}C:\program files\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe |
"UDP Query User{F587A60A-9FCF-4CA8-8227-0753D8A39A83}C:\users\tini\downloads\gamin16\gamin16\gameunp.exe" = protocol=17 | dir=in | app=c:\users\tini\downloads\gamin16\gamin16\gameunp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1B2B9AA2-1139-4B44-8539-39A0C4EDF608}" = NextWindow Drivers
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{70CC0095-AA68-45BE-AE98-D8170182E9EB}" = PowerCinema Movie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D7507C3-DF2B-4740-8700-8227C2C7AE81}" = HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}" = HP Deskjet 3070 B611 series Hilfe
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.3 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BrothersInArms" = Brothers In Arms
"DivX Setup" = DivX-Setup
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.31.916
"Giraffic" = Veoh Giraffic Video Accelerator
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Medion Touch Center
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5176C4D8-E6C1-422A-8D6F-E13EB996DCEA}" = CyberLink YouMemo
"InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}" = CyberLink YouPaint
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PartyPoker" = PartyPoker
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"X10Hardware" = X10 Hardware(TM)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Power Loader" = Power Challenge Game Plugin
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/5/2012 6:10:37 PM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 12/5/2012 6:10:37 PM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7753
Error - 12/5/2012 6:10:37 PM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7753
Error - 12/6/2012 3:04:49 PM | Computer Name = Tini-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/6/2012 3:06:10 PM | Computer Name = Tini-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/6/2012 3:51:01 PM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(a8:fa:d8:db:e9:b8@fe80::aafa:d8ff:fedb:e9b8._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 12/6/2012 3:51:01 PM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(a8:fa:d8:db:e9:b8@fe80::aafa:d8ff:fedb:e9b8._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 12/7/2012 9:17:10 AM | Computer Name = Tini-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171_Vista\dpinst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/7/2012 9:17:59 AM | Computer Name = Tini-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\NextWindow\NW1950v2171\dpinst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/7/2012 11:30:14 AM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 12/7/2012 11:30:14 AM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8783
Error - 12/7/2012 11:30:14 AM | Computer Name = Tini-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8783
[ System Events ]
Error - 5/13/2012 12:01:51 PM | Computer Name = Tini-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 5/13/2012 12:01:51 PM | Computer Name = Tini-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 5/13/2012 3:18:19 PM | Computer Name = Tini-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?05.?2012 um 21:16:14 unerwartet heruntergefahren.
Error - 5/13/2012 3:18:36 PM | Computer Name = Tini-PC | Source = BugCheck | ID = 1001
Description =
Error - 5/13/2012 3:32:14 PM | Computer Name = Tini-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?13.?05.?2012 um 21:25:06 unerwartet heruntergefahren.
Error - 5/13/2012 3:32:18 PM | Computer Name = TINI-PC | Source = BugCheck | ID = 1001
Description =
Error - 5/14/2012 3:04:02 AM | Computer Name = Tini-PC | Source = DCOM | ID = 10000
Description =
Error - 5/14/2012 2:48:04 PM | Computer Name = Tini-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 5/15/2012 2:09:00 AM | Computer Name = Tini-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?05.?2012 um 23:04:34 unerwartet heruntergefahren.
Error - 5/15/2012 7:21:18 AM | Computer Name = Tini-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
< End of report >
schon erledigt :) |
Textbox. 