| jointie90 | 26.05.2013 23:03 |
Gibt es, da ich quasi auch betroffen bin und eine Analyse auf jeden abgestimmt sein sollte oder?
Hier die Ergebnisse der scans:
OTL Logfile: Code:
OTL logfile created on: 5/26/2013 11:23:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 2.71 Gb Available Physical Memory | 67.77% Memory free
8.00 Gb Paging File | 6.50 Gb Available in Paging File | 81.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 209.50 Gb Free Space | 44.99% Space Free | Partition Type: NTFS
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/26 23:22:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
PRC - [2013/05/06 13:43:05 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/04/09 16:44:05 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2013/03/28 10:43:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/03/28 10:42:53 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/02/29 13:09:28 | 000,105,472 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2012/02/22 20:55:48 | 000,885,760 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
PRC - [2011/10/19 16:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 13:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/09/16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2006/12/26 17:08:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\MMEDIA\TV Jukebox 3.5\tvjbMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/18 23:18:35 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013/05/18 23:18:23 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/18 23:18:17 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013/05/18 23:18:08 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/04/09 16:44:05 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2013/01/09 18:58:09 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 18:57:46 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 18:57:39 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 18:57:25 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/02/23 12:56:38 | 000,593,920 | ---- | M] () -- C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011/08/12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011/08/12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011/08/12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011/08/12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011/05/24 23:41:58 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/09/16 22:04:50 | 000,095,528 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/09/16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
MOD - [2006/12/26 17:08:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\MMEDIA\TV Jukebox 3.5\tvjbMonitor.exe
========== Services (SafeList) ==========
SRV:64bit: - [2011/04/20 04:04:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/28 10:43:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/28 10:42:53 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/10 18:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/05/29 14:26:08 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2012/05/23 13:03:07 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/05/23 13:02:40 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/02/29 13:09:28 | 000,105,472 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/10/19 16:30:50 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/28 10:43:03 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/03/28 10:43:03 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/03/28 10:43:03 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/29 13:15:40 | 000,023,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtHDb.sys -- (CTHDB)
DRV:64bit: - [2012/02/29 13:15:18 | 001,271,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cthda.sys -- (cthda)
DRV:64bit: - [2011/08/19 11:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/08/19 11:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/05/25 00:04:35 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/05/25 00:04:35 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/25 00:01:25 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2011/05/25 00:01:25 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2011/05/25 00:01:18 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2011/05/25 00:01:18 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2011/04/20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 03:22:32 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/21 21:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/03/07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/12/10 13:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 13:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/08 20:17:40 | 000,369,640 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010/12/08 20:17:38 | 000,122,856 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010/09/02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010/08/16 12:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/08 15:18:38 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/02/26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/09 11:14:52 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2010/02/04 03:54:00 | 000,054,272 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64)
DRV:64bit: - [2010/02/04 03:54:00 | 000,054,272 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2009/11/16 07:45:26 | 000,042,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd262x64.sys -- (ioatdma2)
DRV:64bit: - [2009/11/16 07:45:22 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd162x64.sys -- (ioatdma1)
DRV:64bit: - [2009/11/06 14:42:06 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/09/02 03:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 18:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 18:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/03 14:57:04 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/06/03 00:58:24 | 000,507,392 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2009/05/07 08:29:16 | 000,049,696 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2009/05/07 08:20:08 | 000,063,264 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 DE 7B 45 8E 55 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Johannes\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Sound Blaster Recon3D PCIe Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [tvjbmonitor] C:\Program Files (x86)\MMEDIA\TV Jukebox 3.5\tvjbMonitor.exe ()
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Johannes\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B18ABAB4-76D1-40F6-96A7-814658E55D03}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{635ef25a-b915-11e1-a5f0-001999a8c6ef}\Shell - "" = AutoRun
O33 - MountPoints2\{635ef25a-b915-11e1-a5f0-001999a8c6ef}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/26 23:22:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013/05/20 21:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/20 21:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/05/20 21:28:19 | 030,670,440 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Johannes\Desktop\SkypeSetupFull107.exe
[2013/05/19 10:44:00 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\Verschiedenes
[2013/05/15 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\paar filme
[2013/05/15 11:07:39 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\ipad pics
[2013/05/15 11:00:16 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Apple Computer
[2013/05/15 11:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/15 10:59:52 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE
[2013/05/15 10:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/05/15 10:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/05/15 10:59:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/05/15 10:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/05/15 10:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/05/15 10:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/05/15 10:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/05/06 13:43:47 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avnetflt.sys
[2013/04/29 17:43:05 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Documents\TV Jukebox
[2013/04/29 17:42:13 | 000,028,672 | ---- | C] (afa) -- C:\windows\SysNative\AF15BDAEX.dll
[2013/04/29 17:42:08 | 000,151,552 | ---- | C] (Meta Media Inc.) -- C:\windows\SysWow64\MPEG2VideoDMO.dll
[2013/04/29 17:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TV Jukebox 3.5
[2013/04/29 17:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MMEDIA
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/26 23:22:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013/05/26 23:21:41 | 000,000,000 | ---- | M] () -- C:\Users\Johannes\defogger_reenable
[2013/05/26 23:21:15 | 000,050,477 | ---- | M] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013/05/26 22:32:58 | 000,016,768 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 22:32:58 | 000,016,768 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/26 22:30:28 | 001,507,500 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/05/26 22:30:28 | 000,659,582 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013/05/26 22:30:28 | 000,619,532 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/05/26 22:30:28 | 000,131,732 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013/05/26 22:30:28 | 000,107,852 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/05/26 22:25:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/05/26 22:25:40 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\lvuvc.hs
[2013/05/26 22:25:30 | 3219,984,384 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/24 12:40:01 | 000,000,940 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-166632366-344039373-2301395732-1000UA.job
[2013/05/23 18:40:00 | 000,000,918 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-166632366-344039373-2301395732-1000Core.job
[2013/05/20 21:29:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/05/20 21:28:39 | 030,670,440 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Johannes\Desktop\SkypeSetupFull107.exe
[2013/05/19 10:07:57 | 000,441,368 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/05/14 17:20:44 | 000,004,015 | ---- | M] () -- C:\Users\Johannes\.recently-used.xbel
[2013/05/06 13:43:18 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avnetflt.sys
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/26 23:21:41 | 000,000,000 | ---- | C] () -- C:\Users\Johannes\defogger_reenable
[2013/05/26 23:21:15 | 000,050,477 | ---- | C] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013/05/20 21:29:09 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/05/14 17:20:44 | 000,004,015 | ---- | C] () -- C:\Users\Johannes\.recently-used.xbel
[2013/04/29 17:42:13 | 000,000,140 | ---- | C] () -- C:\windows\SysNative\af15irtbl.bin
[2013/02/20 16:50:25 | 000,000,048 | ---- | C] () -- C:\Users\Johannes\.gtk-bookmarks
[2012/05/14 09:06:59 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\VmixP6.dll
[2012/05/14 09:06:49 | 000,000,881 | ---- | C] () -- C:\windows\Cmicnfg3.ini.cfl
[2012/05/14 09:06:05 | 000,002,123 | ---- | C] () -- C:\windows\Cmicnfg3.ini.cfg
[2012/05/14 09:06:05 | 000,001,583 | ---- | C] () -- C:\windows\Cmicnfg3.ini.imi
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2011/08/19 11:26:20 | 010,898,456 | ---- | C] () -- C:\windows\SysWow64\LogiDPP.dll
[2011/08/19 11:26:20 | 000,336,408 | ---- | C] () -- C:\windows\SysWow64\DevManagerCore.dll
[2011/08/19 11:26:20 | 000,104,472 | ---- | C] () -- C:\windows\SysWow64\LogiDPPApp.exe
[2011/07/27 00:26:17 | 000,000,286 | ---- | C] () -- C:\windows\game.ini
[2011/07/25 17:56:53 | 000,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini
[2011/07/20 23:17:22 | 000,017,408 | ---- | C] () -- C:\Users\Johannes\AppData\Local\WebpageIcons.db
[2011/07/06 16:33:20 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2011/07/06 16:28:46 | 001,530,720 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/06/28 20:44:26 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/10/06 00:13:27 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\DAEMON Tools Pro
[2013/05/22 18:49:30 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Dropbox
[2012/09/27 11:02:39 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\DVDVideoSoft
[2012/09/26 14:54:06 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/05/14 17:20:44 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\gtk-2.0
[2011/12/08 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\ICQ
[2011/07/12 14:17:38 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Leadertech
[2011/07/21 00:24:16 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\LolClient
[2012/09/26 14:47:32 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\OpenCandy
[2011/07/12 14:38:31 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Opera
[2012/07/16 18:54:35 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\thriXXX
[2012/12/12 21:24:25 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\TS3Client
[2012/09/26 14:48:34 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\TuneUp Software
[2012/05/22 12:28:13 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Ubisoft
[2013/04/09 01:44:53 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\www.rene-zeidler.de
========== Purity Check ==========
< End of report >
Extras Code:
OTL Extras logfile created on: 5/26/2013 11:23:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 2.71 Gb Available Physical Memory | 67.77% Memory free
8.00 Gb Paging File | 6.50 Gb Available in Paging File | 81.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 209.50 Gb Free Space | 44.99% Space Free | Partition Type: NTFS
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E9D20F2-89AF-458A-8BCB-15F6C7711649}" = lport=1688 | protocol=6 | dir=in | svc=sppsvc | app=%systemroot%\system32\sppsvc.exe |
"{146F4DD8-7559-4B68-9AE4-176BAFBD9EA9}" = lport=5357 | protocol=6 | dir=in | app=system |
"{151E08C2-CECF-4751-A5BC-3364FAEBEA10}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{18FF81FA-ED70-4800-AB57-E5D8485EC72D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{19B91ED3-69F9-46E7-907E-4D8D4EFE2CB1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1CA1C597-8797-45FD-9D9A-D56B18C09DA8}" = lport=56311 | protocol=17 | dir=in | name=pando media booster |
"{1D07F665-76EB-4A8F-A321-0B9AF9692BA9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1D9F1343-03DF-4F1F-8EA4-47B6EFD7F81A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{20843637-28E4-4E13-8E59-8B78D9330A59}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{277CA234-9800-4DF6-BE79-4953029D6CA6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{308C48C6-97A5-4A1E-89BC-5D629752E762}" = rport=137 | protocol=17 | dir=out | app=system |
"{3B2BC0DA-469E-4B27-89A4-BE45CEC2BAD6}" = lport=138 | protocol=17 | dir=in | app=system |
"{3E654F8F-148A-4821-97AC-B44F0D22A834}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{45DE20BB-0BCB-4601-8133-D9863FD9C2F0}" = lport=57694 | protocol=17 | dir=in | name=pando media booster |
"{46B56C2E-EF1E-4EA9-8D20-8B50D1AA5909}" = lport=5358 | protocol=6 | dir=in | app=system |
"{4AA8CCED-C48C-4362-9813-A54AE8BADEC8}" = lport=445 | protocol=6 | dir=in | app=system |
"{50BE8582-0C52-4729-9BE2-C8E6C327E5BB}" = lport=137 | protocol=17 | dir=in | app=system |
"{59FD0450-80BF-46F1-9FF9-DF5DA12D54A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{640E0DE6-58D4-4F5D-B469-268787465A08}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{66E9869A-34A2-4F77-9CA5-24979AD0594A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A6E77E6-BE8B-4D81-B7B9-350F388EFBDB}" = lport=56311 | protocol=6 | dir=in | name=pando media booster |
"{6D1C3C0C-5A32-4810-9433-D7953E9DC378}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71F825CC-C783-4C78-9997-E3CA1A3B3E88}" = rport=139 | protocol=6 | dir=out | app=system |
"{77B9D42E-A016-4EB6-B086-912C9B6BD7ED}" = lport=56311 | protocol=17 | dir=in | name=pando media booster |
"{78651257-E0BD-4F0F-84EB-2E56F1B334F2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C283E2D-3FF2-48EF-8CC9-3836AB5C9230}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{862DF44B-DA98-4E14-AA84-B429468DC8E7}" = lport=57694 | protocol=6 | dir=in | name=pando media booster |
"{89E1403C-FFE9-438D-AA6C-F4B819FB98A5}" = rport=5357 | protocol=6 | dir=out | app=system |
"{8DE193E7-B9A2-47B5-92DE-DF127E5C8292}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8EFB3F2F-2BB9-46CA-8837-DC8523A9A9DE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{932BDF7B-07CF-4652-B870-2C9FD73D6A5F}" = rport=445 | protocol=6 | dir=out | app=system |
"{9C8DFA05-FE44-46CF-8029-D30445DB0A94}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{A0096BF9-0237-48D9-BD91-F52612A40E16}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A696FC67-D4F7-4AE2-B994-987BCD9160E4}" = lport=57694 | protocol=17 | dir=in | name=pando media booster |
"{AA3FF32B-6725-428F-B8DD-84EEB04A6A8E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B19C9166-DF67-4373-B903-1E939C5E5E7F}" = lport=57694 | protocol=6 | dir=in | name=pando media booster |
"{B1A5B835-58C7-4916-953E-E77733BD3C2F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBCF4EFE-3906-4C6A-8582-F6A8DDDAA569}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD39BFC4-8635-4AC5-8123-B4A4F7F2C4A5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA75EBF4-3847-41A8-90FB-19B227EAD0B2}" = lport=139 | protocol=6 | dir=in | app=system |
"{CBF1F1BB-E920-40D5-A6D3-909FF77224EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF2F6D1C-011F-4DC0-ABCA-C43541BC40A0}" = lport=56311 | protocol=6 | dir=in | name=pando media booster |
"{D13E0A25-FB7A-4215-BDC2-47F061F1EEA3}" = rport=5358 | protocol=6 | dir=out | app=system |
"{DBCB4F22-B81D-4E20-9072-32A4D2F24090}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DE040E89-3889-47E8-B5A2-BC4ECDDF64D2}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{FBA5485B-E8F0-40A9-943C-9D5C76A8B12D}" = rport=138 | protocol=17 | dir=out | app=system |
"{FE37B54C-587F-4F5E-BA0D-DF55C8B26307}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09430173-B16F-4BE8-BCB4-1B1AB661EBA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09976B02-B953-46FA-B349-9EEFD150B3FB}" = protocol=17 | dir=in | app=c:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe |
"{0B3817BF-12ED-4145-8A6B-8DFDA740F07E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{0EF99271-356A-4FFE-A9CD-7D0BC130CA98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\forsaken world\patcher.exe |
"{0F9A85D3-5078-49AC-8385-2AF85CBD87A6}" = protocol=6 | dir=in | app=d:\alicesetup.exe |
"{108F05E9-4490-400C-97AB-1675D1FC9B48}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{124038C7-F069-4558-A63D-A94B54D7D248}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of juarez - the cartel\coj_thecartel.exe |
"{1871AC01-E340-48FF-9CEB-AB54BD64394C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{1B6E8FBA-159B-406E-9985-61162229B858}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{1D433CFF-BC08-4B8E-8A01-2F0678D2C19F}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{2ADBFD26-38EA-4A4F-8BB8-A7AED00FCC34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2FE9F2E1-D950-47C9-8EBD-532CC5794FB4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{3366A890-5291-4139-A1F5-60E4BC234BC4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{33E90E1A-1998-4585-A10F-2E06A04793C2}" = protocol=6 | dir=out | app=system |
"{34F2A309-B891-446C-AC6A-067BB704D514}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\forsaken world\patcher.exe |
"{35C1FE3F-AB1D-4B8D-9BE6-74E465A80DA5}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{35D67C7F-8752-4B0C-8668-0FD2387A9C9E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3E18066A-A7B7-458B-98C9-E813195E613E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{3F71B6F2-84AF-40DC-874B-1EAFCB909129}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{4022F6CC-E3D8-4923-AB7C-E38BB6763B5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{406C0A10-4EF2-4194-B237-6DF1A7A08BB1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counter-strike source\hl2.exe |
"{4099E88D-81FB-40DA-9566-3F48D663C295}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\day of defeat source\hl2.exe |
"{41A9A0B0-9ED1-4EC0-88DB-9176402BC81C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{432653A8-3DFE-4A85-A5DD-38425D1C8270}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{440CF669-39CE-4FAC-BBDB-B2CCF4D5B8D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{45819E5E-E3A6-4979-B614-5869A1C94A73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of juarez - the cartel\coj_thecartel.exe |
"{4B60837B-FE3B-4189-B036-446AE3B018A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{4C80E694-3CE8-4E7A-8E27-5AA500F68C49}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{4D02A5FE-ECBB-4665-95DB-7E75B92E9479}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4D58FAEC-15AE-4ACC-ABDB-CADF160CB983}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4D864935-31D9-4E36-8AD5-1A6CF78F4D6B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{4E96F502-D2F3-4909-9DCD-40081A200D31}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{50DA729A-F15B-4965-B9F8-031A22D47A2C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{518FF1E8-F368-4FC1-90DC-BD799A3BB4A6}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{539A8129-649B-4D19-AA5D-A75178A55F2F}" = protocol=6 | dir=in | app=c:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe |
"{554921E5-27B4-4401-835F-D1CA7896F7FC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{576E92AC-F1AF-44EB-A7BC-A61DED12B165}" = protocol=17 | dir=in | app=d:\alicesetup.exe |
"{57C5B376-07BD-41F2-975A-27633CF773E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counter-strike source\hl2.exe |
"{585F5835-1210-4F92-936A-D42408662904}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{5A62A45E-CB63-4C68-B11C-BBBC7703B8C4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5EE215A3-9358-4940-B850-C5CEA9296B87}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\driver san francisco\driver.exe |
"{61F47F9F-7F08-4FD2-A3B1-8C98C18014DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{62FE1537-4753-4B97-9DD2-E91597F97BEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{645DF050-3BCA-4CB1-9024-F079AE353169}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{658454C6-98D7-4449-A928-5416DDD7298E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6B037C13-715C-4697-A8EC-1E7D34D3FABD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6C5DE45D-3F3F-449C-A24A-DDEC42413772}" = protocol=17 | dir=in | app=c:\users\johannes\desktop\games\prototype\prototypef.exe |
"{6DBCAEB3-050D-4CE5-8D59-CD95EFFB68A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{6EA4DD64-49EF-45CC-A3E7-20C455DBEF23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{710A0E9A-B0E2-43B4-8AE0-308BBBF0D39B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7435A8DC-D952-4B07-8D3D-33AFA995D86E}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{76168F80-C6D1-426D-A856-5D0DB012EF5D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{76CF508C-63CC-4185-8DCB-D7A134CB1D9F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counter-strike source\hl2.exe |
"{786055BA-20BF-4044-9D21-A822181C61A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C038F69-BF5C-40AB-9350-704E01C9D085}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7C76140E-59D9-4750-85A1-BB2AF07295FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7D5A6193-B90C-4C04-BCF0-CA6C9B379CE8}" = protocol=17 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{7E7E1AC2-BA86-49E8-BD72-C4AA81135EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8019F3AC-CF69-4B7B-AD64-668A395DAB22}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8028F177-7E49-4DD5-A561-2C22DCCEDE21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2 deathmatch\hl2.exe |
"{81742748-8D6A-4B12-A18D-B36A479023F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{821B7280-5269-4ED7-81B6-9095EC790726}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{82C752F7-3C96-41F6-A069-4B6C3C622735}" = protocol=17 | dir=in | app=c:\program files (x86)\avira\antivir desktop\avcenter.exe |
"{8305289F-8A1D-49D8-B7AE-AA38DF095460}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{840551C3-AE1D-45A7-994F-8AF6CF61A82C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8839CD24-F813-4803-A292-8FF6337403D1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9090935B-FC2F-4BD6-AED7-EDB85E8692D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counter-strike source\hl2.exe |
"{92D36936-1494-485D-BD6B-5D53F23D0A12}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{93E8FBB8-039C-4579-A50F-03D087964F04}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{945FF9DC-7845-4118-9046-D3EDCAE6B7C4}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{9A02FDD6-1E34-44D6-B3FC-461E7EB844B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{9DE9C871-2024-453E-B963-72F8BFD320E8}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A297E167-9993-4C5C-BFA0-CF3B4E6293F4}" = protocol=6 | dir=in | app=c:\program files (x86)\avira\antivir desktop\avcenter.exe |
"{A5A4B6D4-E010-44CA-9C18-8BA3A45C63CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{A8374ABD-ECE7-4575-B8CC-06D7DAE6A42F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\day of defeat source\hl2.exe |
"{A85D43B0-82D5-4BE3-A676-FBCC8F893DE9}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013game.exe |
"{A879837D-3190-4C89-95EA-7CE6CBBD52F1}" = protocol=6 | dir=in | app=c:\program files (x86)\landwirtschafts simulator 2013\farmingsimulator2013.exe |
"{AE6D895E-7D4C-4993-B292-83DE9C2CF9F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{B3541116-EBB5-4C64-8805-60E71A5AAB1D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B51CADD6-7DEB-42CB-A44A-D306ADE4975D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BCB8B59C-8806-4C15-818D-200A30657DFB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{BCC9F552-EC81-493B-8A2C-57D8141ECD7B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C4B89966-9435-4E47-A68A-C09020EBB059}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{C5FCEFF6-3F1E-4EEB-937D-DA6E575BF9AC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{C614E1A9-FDFC-4BE0-88CB-56A8475A9EB0}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{C8F58954-D5CA-4163-8559-297270FB53C7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CC767DAD-C536-4747-B30B-CD8A906F4D6C}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{CF9C1DEB-8D8D-4740-A227-C7287452B281}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D059CBDA-0353-4FFB-B55E-BDF0B8628A72}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4338F73-98EB-4858-A6B2-DE9FD6DB6767}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{D780F61B-04E0-46D9-8D9B-E32689CEEA98}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{D88E69EB-38BA-4B5F-87C5-2A7A2F596E71}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{D8A431B2-64D0-485D-B624-179C3B104C99}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{DACA393F-4893-4F83-BA93-1F1CFC5BF9A9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{DB58900C-8DB3-40D1-B908-E8150F42BA70}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{DE3851DB-A429-48C5-9E8D-383AABB25686}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{DECBB79A-2740-4F44-9F21-DAE6472096F8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E13B42D5-EBC3-4370-BA6D-1C961637E8D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\driver san francisco\driver.exe |
"{E22940D5-54E5-420F-BF81-FE7372DD82CB}" = protocol=6 | dir=in | app=c:\users\johannes\desktop\games\prototype\prototypef.exe |
"{E49CD3EB-790B-4306-8802-3E70BE8926B9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E529338D-580B-4169-AB77-3CB689EF4498}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2 deathmatch\hl2.exe |
"{E677AD28-4816-40AF-8042-A9ACD88148E4}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{E765C487-F13E-4CF7-B81B-33B8497710BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8ADD863-0EC3-471F-ACD4-4D6D09672309}" = protocol=58 | dir=in | app=system |
"{F1B3644D-678D-483F-9CB7-5D864CFF9C33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F212275F-5817-494E-B477-CBD05B5115CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F9FD3076-2F77-44AA-867A-E3CBA0DD26F2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{FBD11485-AB40-4CFC-B513-BCE58BA2B4EC}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{FE91BFF3-E853-4D44-AA91-8A040EB254D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{0B8F5B15-9F25-4524-93BA-5972DE2273B4}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe |
"TCP Query User{10652D54-16DC-440D-83ED-8049188FC3FF}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{1251C4E8-0E50-4641-B198-81C2900BEF1F}G:\mediathek\games\lan\medal of honour - allied assault\mohaa.exe" = protocol=6 | dir=in | app=g:\mediathek\games\lan\medal of honour - allied assault\mohaa.exe |
"TCP Query User{20E92810-E5B8-4B29-BF4D-9A1D9254ECE2}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{4CD7F97D-775E-4DE3-B0DE-7DE3B1D6E4E7}C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5385EF5B-4FC4-4838-B565-ECBDAD7D7AD8}G:\mediathek\games\lan\age of empires ii - cheater version\age2_x1.exe" = protocol=6 | dir=in | app=g:\mediathek\games\lan\age of empires ii - cheater version\age2_x1.exe |
"TCP Query User{6163E92F-38A0-47F4-BB23-94D4F6A3ABA2}C:\users\johannes\desktop\games\age of empires ii - cheater version\empires2.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\games\age of empires ii - cheater version\empires2.exe |
"TCP Query User{772625D3-D7F2-4B2C-967D-686AD40C627F}C:\users\johannes\desktop\games\age of empires ii - cheater version\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\games\age of empires ii - cheater version\age2_x1.exe |
"TCP Query User{77D7C890-26D4-472D-86DC-C99C9B3625ED}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{893B3C62-FCEC-4C3C-93D6-A0AC34423308}C:\program files (x86)\steam\steamapps\jointie90\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\team fortress 2\hl2.exe |
"TCP Query User{A6E4C3F8-A165-4045-99D0-E36FBE8346B4}C:\program files (x86)\steam\steamapps\jointie90\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\half-life 2 deathmatch\hl2.exe |
"TCP Query User{DDDA30B8-7C1F-4715-9F55-41F0F79745A8}C:\program files (x86)\steam\steamapps\jointie90\counterstrike source beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counterstrike source beta\hl2.exe |
"TCP Query User{F79857D4-5B3F-45B1-9469-48A0D718E760}C:\users\johannes\desktop\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\games\counter-strike source\hl2.exe |
"UDP Query User{0D7C4BE7-2E57-4EE1-AEDB-1ADDFE1669A9}C:\users\johannes\desktop\games\age of empires ii - cheater version\empires2.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\games\age of empires ii - cheater version\empires2.exe |
"UDP Query User{1138805B-F661-4A6F-8E67-012C8EDC9A15}C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{3ABD0685-2CCA-4ADC-AD33-C1F075250AFA}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe |
"UDP Query User{3AC245D2-94C0-4173-96DE-286E4D2A1322}G:\mediathek\games\lan\age of empires ii - cheater version\age2_x1.exe" = protocol=17 | dir=in | app=g:\mediathek\games\lan\age of empires ii - cheater version\age2_x1.exe |
"UDP Query User{58716A88-29E5-4464-9520-9E5924FF27A3}C:\users\johannes\desktop\games\age of empires ii - cheater version\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\games\age of empires ii - cheater version\age2_x1.exe |
"UDP Query User{5A1535DB-BC92-4D88-9C47-5370F5675480}C:\program files (x86)\steam\steamapps\jointie90\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\half-life 2 deathmatch\hl2.exe |
"UDP Query User{5FE78FE0-BF31-411F-9CB6-34FCF151E255}C:\users\johannes\desktop\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\games\counter-strike source\hl2.exe |
"UDP Query User{74CC0E16-23C0-4240-9868-ADF99D35CF88}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{7D6CE1D5-F134-4BD3-990F-C4D0F03E69B6}C:\program files (x86)\steam\steamapps\jointie90\counterstrike source beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\counterstrike source beta\hl2.exe |
"UDP Query User{97C16D54-B8C1-4337-9FBB-30FE17953BFA}C:\program files (x86)\steam\steamapps\jointie90\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jointie90\team fortress 2\hl2.exe |
"UDP Query User{A234AFA2-9866-4027-8C92-3D748C5A942B}G:\mediathek\games\lan\medal of honour - allied assault\mohaa.exe" = protocol=17 | dir=in | app=g:\mediathek\games\lan\medal of honour - allied assault\mohaa.exe |
"UDP Query User{A88B40F4-5080-4E46-B0E0-093E4E2E70DA}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{B2A9A75C-792C-4462-B7C5-3E07491C00A5}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"C-Media PCI Audio Driver" = Trust 5.1 Soundcard 14319
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{204FCF73-1450-407D-BCF9-1233EC5F5787}" = Sound Blaster Recon3D PCIe Extras
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{936B67BE-1EB4-4D98-815A-EA1E75FFED2F}" = Counter-Strike Source Final 07102004
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}" = Nero Multimedia Suite 10 Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F380C602-98E8-49AB-8C3F-8A73BACA45DD}" = Sound Blaster Recon3D PCIe
"{F3F1D08D-ABEF-4528-8383-54C46369EBB6}" = TV Jukebox 3.5
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"FarmingSimulator2013DE_is1" = Landwirtschafts Simulator 2013
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Grand Theft Auto" = Grand Theft Auto
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Logitech Vid" = Logitech Vid HD
"LogMeIn Hamachi" = LogMeIn Hamachi
"Music Server" = Creative Music Server
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.15.1748" = Opera 12.15
"Picasa 3" = Picasa 3
"Steam App 105430" = Age of Empires Online
"Steam App 17410" = Mirror's Edge
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 32500" = Star Wars: The Force Unleashed II
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 33420" = Call of Juarez: The Cartel
"Steam App 33440" = Driver San Francisco
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 36620" = Forsaken World
"Steam App 40800" = Super Meat Boy
"Steam App 440" = Team Fortress 2
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"VLC media player" = VLC media player 1.1.11
"WaveStudio 7" = Creative WaveStudio 7
"WinGimp-2.0_is1" = GIMP 2.6.11
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/10/2012 6:45:33 PM | Computer Name = Johannes-PC | Source = Application Hang | ID = 1002
Description = Programm FacebookMessenger.exe, Version 2.1.4651.17928 kann nicht
mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1260 Startzeit: 01cdd6e526983b8a Endzeit: 40 Anwendungspfad:
C:\Users\Johannes\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
Berichts-ID:
Error - 12/21/2012 6:45:49 AM | Computer Name = Johannes-PC | Source = VSS | ID = 13
Description =
Error - 12/21/2012 6:45:49 AM | Computer Name = Johannes-PC | Source = VSS | ID = 8193
Description =
Error - 12/21/2012 6:45:49 AM | Computer Name = Johannes-PC | Source = VSS | ID = 13
Description =
Error - 12/21/2012 6:45:49 AM | Computer Name = Johannes-PC | Source = VSS | ID = 8193
Description =
Error - 1/8/2013 10:52:25 AM | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: steam.exe, Version: 1.0.1595.686,
Zeitstempel: 0x50b7ef0d Name des fehlerhaften Moduls: crashhandler.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x50d2249f Ausnahmecode: 0xc0000005 Fehleroffset:
0x71e720f4 ID des fehlerhaften Prozesses: 0x1284 Startzeit der fehlerhaften Anwendung:
0x01cdedafb1e244fd Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steam.exe
Pfad
des fehlerhaften Moduls: crashhandler.dll Berichtskennung: 03294fb0-59a3-11e2-afe5-001999a8c6ef
Error - 1/8/2013 10:52:51 AM | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: steam.exe, Version: 1.0.1595.686,
Zeitstempel: 0x50b7ef0d Name des fehlerhaften Moduls: crashhandler.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x50d2249f Ausnahmecode: 0xc0000005 Fehleroffset:
0x71e41167 ID des fehlerhaften Prozesses: 0x1284 Startzeit der fehlerhaften Anwendung:
0x01cdedafb1e244fd Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steam.exe
Pfad
des fehlerhaften Moduls: crashhandler.dll Berichtskennung: 12fbaeef-59a3-11e2-afe5-001999a8c6ef
Error - 1/8/2013 10:54:33 AM | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: dtpd.exe, Version: 0.0.0.0, Zeitstempel:
0x4c7f525b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften
Prozesses: 0x6a0 Startzeit der fehlerhaften Anwendung: 0x01cdedad66b4866a Pfad der
fehlerhaften Anwendung: C:\Program Files\ShrewSoft\VPN Client\dtpd.exe Pfad des
fehlerhaften Moduls: C:\windows\SYSTEM32\ntdll.dll Berichtskennung: 4f79023e-59a3-11e2-afe5-001999a8c6ef
Error - 1/8/2013 10:54:34 AM | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iked.exe, Version: 0.0.0.0, Zeitstempel:
0x4c9fc835 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2 ID des fehlerhaften
Prozesses: 0x6f0 Startzeit der fehlerhaften Anwendung: 0x01cdedad66bc75bd Pfad der
fehlerhaften Anwendung: C:\Program Files\ShrewSoft\VPN Client\iked.exe Pfad des
fehlerhaften Moduls: C:\windows\SYSTEM32\ntdll.dll Berichtskennung: 50213cd7-59a3-11e2-afe5-001999a8c6ef
Error - 3/25/2013 6:33:33 AM | Computer Name = Johannes-PC | Source = BugSplat | ID = 1
Description =
[ Cisco AnyConnect VPN Client Events ]
Error - 1/7/2013 3:56:50 PM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 4:13:02 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 4:13:07 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 4:14:13 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 4:14:18 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 10:35:27 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 10:35:32 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 10:44:16 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 10:44:21 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
190 Invoked Function: CNetEnvironment::testNetwork Return Code: -28901365 (0xFE47000B)
Description:
NETENVIRONMENT_ERROR_NO_DNS_SERVER:A domain name server could not be detected
Error - 1/8/2013 10:51:04 AM | Computer Name = Johannes-PC | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.
[ System Events ]
Error - 5/22/2013 12:52:42 AM | Computer Name = Johannes-PC | Source = DCOM | ID = 10010
Description =
Error - 5/22/2013 4:44:11 AM | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
vflt
Error - 5/22/2013 12:21:47 PM | Computer Name = Johannes-PC | Source = BROWSER | ID = 8032
Description =
Error - 5/22/2013 12:45:42 PM | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description =
Error - 5/24/2013 5:30:54 AM | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst UMVPFSrv erreicht.
Error - 5/24/2013 9:53:52 AM | Computer Name = Johannes-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.113 registriert werden. Der Computer mit IP-Adresse 192.168.2.138
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 5/24/2013 12:51:47 PM | Computer Name = Johannes-PC | Source = DCOM | ID = 10010
Description =
Error - 5/25/2013 1:44:22 PM | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
vflt
Error - 5/25/2013 2:11:55 PM | Computer Name = Johannes-PC | Source = DCOM | ID = 10010
Description =
Error - 5/26/2013 4:25:54 PM | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
vflt
< End of report >
Gmer Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-26 23:55:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3500413AS rev.JC45 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Johannes\AppData\Local\Temp\axddrkow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff800031bf000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 626 fffff800031bf042 4 bytes [00, 00, 00, 00]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[824] C:\windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000762387b1 5 bytes [33, C0, C2, 04, 00]
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[824] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b01465 2 bytes [B0, 76]
.text C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe[824] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b014bb 2 bytes [B0, 76]
.text ... * 2
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[4780] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b01465 2 bytes [B0, 76]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[4780] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b014bb 2 bytes [B0, 76]
.text ... * 2
.text C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe[1596] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b01465 2 bytes [B0, 76]
.text C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe[1596] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b014bb 2 bytes [B0, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Johannes\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe 1
---- EOF - GMER 2.1 ----
--- --- --- |
Malwarebytes Anti-Malware 
SecurityCheck und:
Hinweis: Deaktivierte Benutzerkontensteuerung
Textbox. 