Einmal das Log vom AdwCleaner: Code:
# AdwCleaner v2.301 - Datei am 27/05/2013 um 08:49:20 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Birgit - MIRAYA
# Bootmodus : Normal
# Ausgeführt unter : E:\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Birgit\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Birgit\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Birgit\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\5b57df88b06aba14
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5b57df88b06aba14
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\ao9z1qa1.default\prefs.js
C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\ao9z1qa1.default\user.js ... Gelöscht !
Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=121562&babsrc=HP_ss&mntr[...]
Gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=121562&babsrc=NT_ss&mntrId=0A1A0[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.id", "0a1a4ffe0000000000000022436b6c97");
Gelöscht : user_pref("extensions.delta.instlDay", "15803");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.012:14:19");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
*************************
AdwCleaner[S1].txt - [3234 octets] - [27/05/2013 08:49:20]
########## EOF - C:\AdwCleaner[S1].txt - [3294 octets] ########## Und die beiden Logs von OTL. Ich hab's nochmal laufen lassen, da ich zuvor nicht die Minimal-Ausgabe aktiviert hatte. Code:
OTL logfile created on: 27.05.2013 13:17:27 - Run 2
OTL by OldTimer - Version 3.2.69.0**** Folder = E:\Eigene Dateien\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
*
4,00 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 63,28% Memory free
7,99 Gb Paging File | 6,43 Gb Available in Paging File | 80,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
*
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 5,64 Gb Free Space | 9,65% Space Free | Partition Type: NTFS
Drive D: | 19,98 Gb Total Space | 9,80 Gb Free Space | 49,02% Space Free | Partition Type: FAT32
Drive E: | 852,92 Gb Total Space | 516,13 Gb Free Space | 60,51% Space Free | Partition Type: NTFS
*
Computer Name: MIRAYA | User Name: Birgit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
* ========== Processes (SafeList) ==========
*
PRC - E:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - E:\Programme\Firefox\firefox.exe (Mozilla Corporation)
PRC - E:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - E:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - E:\Programme\Rainlendar2\Rainlendar2.exe ()
*
* ========== Modules (No Company Name) ==========
*
MOD - E:\Programme\Firefox\mozjs.dll ()
MOD - E:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - E:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - E:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - E:\Programme\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - E:\Programme\Rainlendar2\Rainlendar2.exe ()
MOD - E:\Programme\Rainlendar2\lfs.dll ()
MOD - E:\Programme\Rainlendar2\lua51.dll ()
*
* ========== Services (SafeList) ==========
*
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccessU) -- E:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
*
* ========== Driver Services (SafeList) ==========
*
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (USBET) -- C:\Windows\SysNative\drivers\ETdrv.sys (Etron)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (e1express) -- C:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
*
* ========== Standard Registry (SafeList) ==========
*
* ========== Internet Explorer ==========
*
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
*
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 A9 DF 15 48 B9 CA 01* [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
* ========== FireFox ==========
*
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - user.js - File not found
*
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:* File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
*
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\Programme\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\Programme\Firefox\plugins [2013.05.27 08:38:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: E:\Programme\Mozilla Thunderbird\components [2013.05.14 20:23:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: E:\Programme\Mozilla Thunderbird\plugins [2013.05.27 08:38:42 | 000,000,000 | ---D | M]
*
[2010.08.15 22:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Birgit\AppData\Roaming\mozilla\Extensions
[2010.08.15 22:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Birgit\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.05.25 20:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Birgit\AppData\Roaming\mozilla\Firefox\Profiles\ao9z1qa1.default\extensions
[2013.05.25 20:43:47 | 000,868,550 | ---- | M] () (No name found) -- C:\Users\Birgit\AppData\Roaming\mozilla\firefox\profiles\ao9z1qa1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013.05.08 20:59:27 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Birgit\AppData\Roaming\mozilla\firefox\profiles\ao9z1qa1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
*
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKCU..\Run: [ccleaner] E:\Programme\CCleaner\ccleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Rainlendar2] E:\Programme\Rainlendar2\Rainlendar2.exe ()
O4 - Startup: C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Birgit\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Birgit\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9F9EBF5-B6B2-4D2E-943F-17DC6DDD1F49}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.05.07 16:17:42 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{78ba70a5-8dbb-11e0-a962-00242106c2fc}\Shell - "" = AutoRun
O33 - MountPoints2\{78ba70a5-8dbb-11e0-a962-00242106c2fc}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{834b9df0-4322-11df-9acd-00242106c2fc}\Shell - "" = AutoRun
O33 - MountPoints2\{834b9df0-4322-11df-9acd-00242106c2fc}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
* ========== Files/Folders - Created Within 30 Days ==========
*
[2013.05.26 23:31:22 | 000,000,000 | ---D | C] -- C:\Users\Birgit\Desktop\Castle.2009.S05.HDTV.x264-LOL
[2013.05.15 22:59:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.15 22:59:59 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.15 22:59:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 22:59:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.15 22:59:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.15 22:59:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 22:59:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.15 22:59:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.15 22:59:57 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 22:59:57 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.15 22:59:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.15 22:59:57 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 22:59:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 22:59:56 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 22:59:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.15 21:30:21 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 21:30:21 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 21:30:10 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 21:30:09 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 21:30:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 21:30:09 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 21:29:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.07 19:59:58 | 000,000,000 | ---D | C] -- C:\Transfer
[2013.05.07 19:51:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.05.07 16:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.05.07 16:16:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
* ========== Files - Modified Within 30 Days ==========
*
[2013.05.27 13:14:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.27 13:14:50 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.27 12:48:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.27 08:58:18 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.27 08:58:18 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.27 08:55:05 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.27 08:55:05 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.27 08:55:05 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.27 08:55:05 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.27 08:55:05 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.25 20:17:14 | 000,039,424 | ---- | M] () -- C:\Users\Birgit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.16 16:05:11 | 000,292,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.14 22:48:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.14 22:48:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.14 10:45:07 | 000,012,957 | ---- | M] () -- C:\Users\Birgit\Desktop\Stromverbrauch.ods
[2013.05.07 16:17:42 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
* ========== Files Created - No Company Name ==========
*
[2013.05.14 11:42:38 | 000,044,289 | ---- | C] () -- C:\Users\Birgit\Doctor Who - 07x06 - The Bells of Saint John.TLA.English.C.orig.Addic7ed.com.srt
[2013.05.14 11:42:38 | 000,044,289 | ---- | C] () -- C:\Users\Birgit\Doctor Who - 07x06 - The Bells of Saint John.FoV.English.C.orig.Addic7ed.com.srt
[2013.05.07 16:17:42 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2012.07.28 12:10:18 | 000,003,054 | ---- | C] () -- C:\Users\Birgit\.heldEinstellungen4_1.xml
[2012.07.28 12:10:17 | 000,000,266 | ---- | C] () -- C:\Users\Birgit\.dsa4.properties
[2011.11.02 17:33:14 | 000,000,038 | ---- | C] () -- C:\Windows\osAviSplitter.INI
[2010.10.09 14:59:10 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.04.10 17:09:39 | 000,039,424 | ---- | C] () -- C:\Users\Birgit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
* ========== ZeroAccess Check ==========
*
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
*
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
*
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
*
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
*
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
*
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
*
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
*
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
*
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
*
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
*
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > Code:
OTL Extras logfile created on: 27.05.2013 13:17:27 - Run 2
OTL by OldTimer - Version 3.2.69.0**** Folder = E:\Eigene Dateien\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
*
4,00 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 63,28% Memory free
7,99 Gb Paging File | 6,43 Gb Available in Paging File | 80,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
*
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 5,64 Gb Free Space | 9,65% Space Free | Partition Type: NTFS
Drive D: | 19,98 Gb Total Space | 9,80 Gb Free Space | 49,02% Space Free | Partition Type: FAT32
Drive E: | 852,92 Gb Total Space | 516,13 Gb Free Space | 60,51% Space Free | Partition Type: NTFS
*
Computer Name: MIRAYA | User Name: Birgit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
* ========== Extra Registry (SafeList) ==========
*
* ========== File Associations ==========
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
*
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Programme\Firefox\firefox.exe (Mozilla Corporation)
* ========== Shell Spawning ==========
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Programme\VLCPlayer\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files (x86)\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Directory [PlayWithVLC] -- "E:\Programme\VLCPlayer\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
*
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Programme\VLCPlayer\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files (x86)\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Directory [PlayWithVLC] -- "E:\Programme\VLCPlayer\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
* ========== Security Center Settings ==========
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01* [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
* 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
* ========== Firewall Settings ==========
*
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
*
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
*
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
* ========== Authorized Applications List ==========
*
* ========== Vista Active Open Ports Exception List ==========
*
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EDDFDE-638D-47AD-AEEB-F28221D853FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A97BF46-C864-49B3-AEA9-BEC6469229F3}" = lport=445 | protocol=6 | dir=in | app=system |
"{1375EB13-CD55-4067-9B85-FB6860573105}" = lport=138 | protocol=17 | dir=in | app=system |
"{1602BBF3-BA6C-42A1-9F4D-EEAF3EB4F81D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F70316A-BD4E-4ECA-9338-A41156DE5443}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D39FAEA-9BBB-495B-92FB-50DFAE67AA2C}" = rport=445 | protocol=6 | dir=out | app=system |
"{430D82D9-36C0-44C1-BBDD-25B1D85D4F2C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43F0B528-A48C-4F89-90D6-20F6BEFCBA94}" = rport=10243 | protocol=6 | dir=out | app=system |
"{515669E8-D525-4C48-BE16-986031759837}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{58344064-556C-4B90-8ACE-09F21E6A0D1A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5962D8A9-93E5-4403-A25F-1E5D666C7982}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6BE95BCE-0371-487B-A4E5-59850FF4641A}" = rport=139 | protocol=6 | dir=out | app=system |
"{79D741C4-B9B9-4948-B2B0-029B791FCB6C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7B018136-540E-49D1-836F-B74CDDDE5C4C}" = rport=137 | protocol=17 | dir=out | app=system |
"{84DA4555-4CDC-425B-970B-2BE1BCA0D4AC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8A04DCB8-38D5-4130-A10C-9EE368285604}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3A44042-4C7C-4A64-AA98-5B4F37319457}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CB3A2AC4-3506-4248-A1CB-0D1372EEDCBA}" = lport=139 | protocol=6 | dir=in | app=system |
"{CFD347F5-13C0-4D12-9BB3-5D546AE28BB6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D2AA0276-F9D3-4C8A-A8D8-8E49FCAF5419}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D8289A38-0D31-4E37-A123-E12B97501C95}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D905AE21-A732-42DE-9DCE-00A071E66636}" = lport=137 | protocol=17 | dir=in | app=system |
"{D9E8203E-5F0F-4605-B287-E68A1F2C32A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E5AD32C7-5970-44B3-A94A-19065BA37CC1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
* ========== Vista Active Application Exception List ==========
*
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038AD83F-7DC3-461A-A0DE-25FE22F0604E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{06D6D56C-4C70-4B6D-B3A7-22CAF5D2818D}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{0D8189E1-D1D6-4C9B-9E80-DDCA1ACA096E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1CDE9536-67C9-4AA6-993B-A73240BE5F4B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1CE8CDFE-84F7-4946-9228-D388BFE7FC81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21A1EA0B-24BF-4788-8962-B2FD7E28557D}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\monkey2\monkey2.exe |
"{2EB8725A-9D68-4142-979F-37D75BCF819A}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\blizzard downloader.exe |
"{333F47BE-5F86-4ABA-8E1D-F7F1A47D5894}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\backgrounddownloader.exe |
"{3492D12F-BE91-4F8D-8664-74D6CC7AB48D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{37035965-691E-48BC-8813-DB8E8F48DC5D}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\wow-3.2.0-dede-downloader.exe |
"{38767441-D93D-45AD-900F-23C3103472EA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3C3D76EF-F711-424B-9070-9943CE5C5C3D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5130C183-74AC-474E-B9B4-A67B13CAEA86}" = protocol=17 | dir=in | app=c:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe |
"{573A1D3F-3DE3-4EA7-A2D3-D590B82E962C}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{5C5F5CD4-EE5F-4DC2-9567-4D7C00DF489B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60FD1186-C3C5-425D-A1EC-CA89A7B767C7}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{69BD16FD-CCC8-483F-B360-0571C30DAA8C}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\backgrounddownloader.exe |
"{85115084-76DD-47F8-8482-FF016873606B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{98E8E9A0-6BFD-4BD8-B70F-B1478A9FA4E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A569CD86-FB23-4CA6-BEEE-018AB0110B4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA0BE7AA-3FD4-457A-BC6E-1609449E64A9}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\launcher.patch.exe |
"{AA7E0F00-C0E2-4207-9E61-DC0E443EE5A3}" = protocol=6 | dir=out | app=system |
"{B24CEAE8-7547-42E0-9B99-58DCB98BD2B1}" = protocol=6 | dir=in | app=e:\spiele\steam\steam.exe |
"{B437F5AB-9D70-4BE8-A1B6-FBB3549EA4AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B4999FFC-0CE3-4C6C-8D67-EE9818C8042C}" = protocol=58 | dir=in | app=system |
"{B5EF0770-C877-4B46-8520-DF18C700444E}" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\blizzard downloader.exe |
"{B887639A-7671-4E0A-A6C5-E97B73E79356}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B9599FD9-2EF5-40EC-A545-6054780BD9D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BA12D421-505C-4749-BCBE-C82F1F180161}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BDACDDF6-EFCE-4892-B8E4-7CDCAA6A1B95}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{BF1BF323-2CA7-4104-A77B-82A4ED986772}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BFE4E420-D0EC-403F-9639-24C84D5FEA34}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\monkey2\monkey2.exe |
"{C1192889-16F7-468E-8621-8359A649A9D1}" = protocol=17 | dir=in | app=e:\spiele\steam\steam.exe |
"{C582DE95-9F71-4223-8EEA-97751FF03F2D}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C70BA8D1-E28B-44AE-9B6E-FB5022CBAFC4}" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\launcher.patch.exe |
"{CF1886EB-0A2F-4533-A073-25A06D587340}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{DA124633-5D1C-4F60-966B-F16ED9C9B514}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1B99D80-99A5-4BD4-9655-D95922851DC4}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{E2DB9F37-2967-4A54-88A0-8AA0E5FE4928}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E47E11B8-C125-4544-BF57-C542A3986741}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9CCF01B-5F61-447B-BE7F-1EEC57486746}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F037DA3C-AD19-45FC-8082-089F5849BB1F}" = protocol=6 | dir=in | app=c:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe |
"{F1E4D70A-A656-4827-9531-27F355729E84}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{F824AC7A-BB85-4F52-8366-610AF9C84AD3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA6895B8-AD0B-4AF7-A165-F726E268387C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{03D0CAB0-58E2-4EBA-A67D-22B0F765F6F2}E:\programme\miranda im\miranda32.exe" = protocol=6 | dir=in | app=e:\programme\miranda im\miranda32.exe |
"TCP Query User{227F1FC3-1FBF-4C0D-8E35-F10F7978595F}C:\users\birgit\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\birgit\appdata\local\temp\gw2.exe |
"TCP Query User{51FFB4B1-135B-4418-8D7E-9242A4AA43F2}E:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=e:\programme\winamp\winamp.exe |
"TCP Query User{52EB2BE0-D156-4CDB-AA54-1ABBC815C746}E:\spiele\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=e:\spiele\guild wars 2\gw2.exe |
"TCP Query User{648070BE-42E1-4B45-833B-3A3CEE196556}E:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=e:\programme\mozilla firefox\firefox.exe |
"TCP Query User{697DCD0D-9D95-4CA9-BA1D-C1451AF4A972}E:\programme\miranda im\miranda32.exe" = protocol=6 | dir=in | app=e:\programme\miranda im\miranda32.exe |
"TCP Query User{6F125C09-1E85-4FD3-9EDC-9E7BD1A6F198}E:\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"TCP Query User{FABEFC54-6581-4B97-B980-F8853A407E2F}C:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{0AEA4D8F-4156-417D-91D0-98E8794CE721}E:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=e:\programme\mozilla firefox\firefox.exe |
"UDP Query User{33E84621-D60C-4A97-A1D9-C94A2E43571E}E:\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=e:\spiele\world of warcraft\launcher.exe |
"UDP Query User{495DE37E-FF6F-4B97-8874-ACAEABDE00D7}E:\programme\miranda im\miranda32.exe" = protocol=17 | dir=in | app=e:\programme\miranda im\miranda32.exe |
"UDP Query User{6A7BC491-A637-45A8-986A-49BE4371C18E}C:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\birgit\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{7C47D33A-5CF4-4E15-8E75-CE495DAFFD4C}E:\spiele\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=e:\spiele\guild wars 2\gw2.exe |
"UDP Query User{80A5B389-9A04-4F02-AA0C-86D4DF79765F}E:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=e:\programme\winamp\winamp.exe |
"UDP Query User{9CFB14BC-3DFD-4E29-BBAA-C28B9C346F32}C:\users\birgit\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\birgit\appdata\local\temp\gw2.exe |
"UDP Query User{A8750FD3-9CD1-4CA7-9AD7-EF9229CCF8F8}E:\programme\miranda im\miranda32.exe" = protocol=17 | dir=in | app=e:\programme\miranda im\miranda32.exe |
* ========== HKEY_LOCAL_MACHINE Uninstall List ==========
*
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"WinRAR archiver" = WinRAR
*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.5
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50AC4BCB-F2C7-4BD6-B216-02FE16E7D03C}" = calibre
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65EB09A3-993B-401E-8936-C9708CBFAB26}" = FinePixViewer YTUPL
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ED1674F5-5165-49BF-B546-AE5343111540}" = SPEEDLINK SNAPPY Smart Webcam
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010* x86 Redistributable - 10.0.40219
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon Kindle" = Amazon Kindle
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DCoder Image Source" = DCoder Image Source (remove only)
"Deponia" = Deponia
"DirectVobSub" = DirectVobSub (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"Guild Wars 2" = Guild Wars 2
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.7
"Miranda IM" = Miranda IM 0.10.2
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Picasa 3" = Picasa 3
"Rainlendar2" = Rainlendar2 (remove only)
"RealMedia" = RealMedia (remove only)
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1
"S3" = Die Siedler III Gold Edition
"Schriftenbibliothek_is1" = Schriftenbibliothek
"Steam App 32360" = The Secret of Monkey Island: Special Edition
"Steam App 32460" = Monkey Island 2: Special Edition
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"Watermark Image_is1" = Watermark Image software version 2.1.4.2
"Winamp" = Winamp
"World of Warcraft" = World of Warcraft
"ZoomPlayer" = Zoom Player (remove only)
* ========== HKEY_CURRENT_USER Uninstall List ==========
*
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
* ========== Last 20 Event Log Errors ==========
*
[ Application Events ]
Error - 07.05.2013 09:37:18 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 09.05.2013 06:28:46 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 13.05.2013 09:28:06 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 13.05.2013 10:37:14 | Computer Name = Miraya | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
*Zeitstempel: 0x51650aee* Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
*Zeitstempel: 0x51650a09* Ausnahmecode: 0xc0000005* Fehleroffset: 0x000b10e8* ID des fehlerhaften
*Prozesses: 0xc0c* Startzeit der fehlerhaften Anwendung: 0x01ce4fd93b0d7de7* Pfad der
*fehlerhaften Anwendung: E:\Programme\Firefox\firefox.exe* Pfad des fehlerhaften Moduls:
*E:\Programme\Firefox\xul.dll* Berichtskennung: 99d1b778-bbda-11e2-9520-00242106c2fc
*
Error - 16.05.2013 11:25:53 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 18.05.2013 17:00:25 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 19.05.2013 09:15:57 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 24.05.2013 03:20:55 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 25.05.2013 05:19:47 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
Error - 27.05.2013 04:34:11 | Computer Name = Miraya | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
*(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
*oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
*in Zeile 2.* Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
*
[ System Events ]
Error - 27.05.2013 02:39:20 | Computer Name = Miraya | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
*mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:** %%1330*** Vergewissern
*Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
*Management Console (MMC).
*
Error - 27.05.2013 02:39:20 | Computer Name = Miraya | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
*Fehlers nicht gestartet:** %%1069
*
Error - 27.05.2013 02:50:37 | Computer Name = Miraya | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
*
Error - 27.05.2013 02:50:37 | Computer Name = Miraya | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
** %%1275
*
Error - 27.05.2013 02:53:14 | Computer Name = Miraya | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
*mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:** %%1330*** Vergewissern
*Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
*Management Console (MMC).
*
Error - 27.05.2013 02:53:14 | Computer Name = Miraya | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
*Fehlers nicht gestartet:** %%1069
*
Error - 27.05.2013 07:15:03 | Computer Name = Miraya | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
*
Error - 27.05.2013 07:15:03 | Computer Name = Miraya | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
** %%1275
*
Error - 27.05.2013 07:17:26 | Computer Name = Miraya | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
*mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:** %%1330*** Vergewissern
*Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
*Management Console (MMC).
*
Error - 27.05.2013 07:17:26 | Computer Name = Miraya | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
*Fehlers nicht gestartet:** %%1069
*
*
< End of report > Bisher ist das Problem nicht mehr aufgetaucht, wenn ich einen neuen Tab im Firefox geöffnet habe. |