| ladiesman75 | 21.01.2014 19:44 |
Nein, Problem ist weg, vielen Dank dafür!!!!!!!!!!! :dankeschoen:
Hier das ESET - File: Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=247d64765583864b90231a269edf34b4
# engine=16724
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 06:27:33
# local_time=2014-01-21 07:27:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2047 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 16291697 141916844 0 0
# scanned=199023
# found=0
# cleaned=0
# scan_time=35164
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=247d64765583864b90231a269edf34b4
# engine=16733
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 06:24:49
# local_time=2014-01-21 07:24:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2047 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 16334733 141959880 0 0
# scanned=295069
# found=0
# cleaned=0
# scan_time=13575
Das Securtity Check Programm hat leider nicht funktioniert.
Hier noch die OTL-Logs: Code:
OTL logfile created on: 21.01.2014 19:34:57 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daniel Balbach\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,06% Memory free
5,99 Gb Paging File | 3,28 Gb Available in Paging File | 54,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 66,68 Gb Free Space | 23,13% Space Free | Partition Type: NTFS
Drive D: | 7,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: DANIELBALBAC-PC | User Name: Daniel Balbach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Daniel Balbach\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\VideoLAN\VLC\vlc.exe (VideoLAN)
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe (Mobile Leader Co.,Ltd.)
PRC - C:\Programme\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Programme\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe (Acer Incorporated)
PRC - C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe (Acer Incorporated)
PRC - C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe (Acer Incorporated)
PRC - C:\Programme\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Programme\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Programme\Packard Bell\SetupMyPC\SmpSys.exe (Acer Incorporated)
PRC - C:\Programme\Video Web Camera\CEC_MAIN.exe (Chicony)
PRC - C:\Programme\Video Web Camera\traybar.exe (Chicony)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Programme\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libg711_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libavi_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libes_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\demux\libasf_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll ()
MOD - C:\Programme\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll ()
MOD - C:\Windows\System32\CmdLineExt03.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Windows\System32\APOMngr.DLL ()
MOD - C:\Windows\System32\CmdRtr.DLL ()
MOD - C:\Programme\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
========== Services (SafeList) ==========
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Programme\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AdobeActiveFileMonitor10.0) -- C:\Programme\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe (Acer Incorporated)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (zjxiuiok) -- C:\Windows\system32\drivers\zjxiuiok.sys File not found
DRV - (zjkfxkdh) -- C:\Windows\system32\drivers\zjkfxkdh.sys File not found
DRV - (ymocfglr) -- C:\Windows\system32\drivers\ymocfglr.sys File not found
DRV - (ymcrljwx) -- C:\Windows\system32\drivers\ymcrljwx.sys File not found
DRV - (vveaijnq) -- C:\Windows\system32\drivers\vveaijnq.sys File not found
DRV - (tvxbvobe) -- C:\Windows\system32\drivers\tvxbvobe.sys File not found
DRV - (qimolbdy) -- C:\Windows\system32\drivers\qimolbdy.sys File not found
DRV - (pffouqjs) -- C:\Windows\system32\drivers\pffouqjs.sys File not found
DRV - (nehrlqrt) -- C:\Windows\system32\drivers\nehrlqrt.sys File not found
DRV - (lgbusenum) -- system32\DRIVERS\lgbtbus.sys File not found
DRV - (khzseshu) -- C:\Windows\system32\drivers\khzseshu.sys File not found
DRV - (jcyahqwu) -- C:\Windows\system32\drivers\jcyahqwu.sys File not found
DRV - (cogynwtv) -- C:\Windows\system32\drivers\cogynwtv.sys File not found
DRV - (catchme) -- C:\Users\DANIEL~1\AppData\Local\Temp\catchme.sys File not found
DRV - (ALSysIO) -- C:\Users\DANIEL~1\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (ajsrpqr1) -- File not found
DRV - (a65blkmu) -- File not found
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (Apowersoft_AudioDevice) -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (KMWDFilterV1) -- C:\Windows\System32\drivers\RPGMOUSEV1.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (Ctafiltv) -- C:\Windows\System32\drivers\Ctafiltv.sys (Creative Technology Ltd.)
DRV - (sfvfs02) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (sfsync02) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (tandpl) -- C:\Windows\System32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\Windows\System32\drivers\enodpl.sys ()
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{40BB83E3-2B62-4719-9413-FCC3E5D4C493}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{B4BBA9D9-BA27-4C0A-94DF-D35D358F31AB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: groovesharkUnlocker%40overlord1337:1.3.2
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: SciLorsGrooveUnlocker%40scilor.com:0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.0.0
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Daniel Balbach\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.12.11 14:39:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.01.17 15:50:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.12.11 14:39:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.01.17 15:50:00 | 000,000,000 | ---D | M]
[2010.09.23 14:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\Extensions
[2010.09.23 14:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2013.09.26 21:15:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\Firefox\Profiles\lq0jq0xh.default\extensions
[2012.09.25 16:03:48 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\Firefox\Profiles\lq0jq0xh.default\extensions\ich@maltegoetz.de
[2013.03.22 17:25:03 | 000,029,064 | ---- | M] () (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\firefox\profiles\lq0jq0xh.default\extensions\groovesharkUnlocker@overlord1337.xpi
[2012.02.07 23:52:55 | 000,130,321 | ---- | M] () (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\firefox\profiles\lq0jq0xh.default\extensions\SciLorsGrooveUnlocker@scilor.com.xpi
[2013.03.06 21:57:16 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\firefox\profiles\lq0jq0xh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.09.03 12:41:27 | 000,002,057 | ---- | M] () -- C:\Users\Daniel Balbach\AppData\Roaming\mozilla\firefox\profiles\lq0jq0xh.default\searchplugins\youtube-videosuche.xml
[2014.01.17 19:51:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.12.11 14:39:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.12.11 14:39:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.12.11 14:40:27 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
O1 HOSTS File: ([2014.01.19 10:32:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Programme\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Video Web Camera\traybar.exe (Chicony)
O4 - HKLM..\Run: [CtaMon] C:\Windows\System32\CtaMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Creative Software Update] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [LG LinkAir] C:\Programme\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe (Mobile Leader Co.,Ltd.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\Daniel Balbach\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [SmpcSys] C:\Programme\Packard Bell\SetupMyPC\SmpSys.exe (Acer Incorporated)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Pro] 0 File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Daniel Balbach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Programme\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.)
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.)
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.)
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.)
O8 - Extra context menu item: LG Air Sync Option - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll (Mobile Leader Co.,Ltd.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AB9877B-C372-4FA0-943F-BAFB6FEBACC9}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DF1A4EF-C884-44C3-BA8A-1FDC0FE1B3ED}: NameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.10 19:12:19 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000.04.07 19:35:14 | 000,000,094 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.01.19 13:59:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.01.19 13:48:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Balbach\Desktop\logs
[2014.01.19 13:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.19 13:27:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014.01.19 10:36:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.01.19 10:36:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.01.19 10:36:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Balbach\AppData\Local\temp
[2014.01.19 10:19:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.01.19 10:19:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.01.19 10:19:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.01.19 10:19:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.19 10:18:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.01.18 15:52:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel Balbach\Desktop\OTL(1).exe
[2014.01.17 19:46:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.17 15:57:24 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.15 20:47:48 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.01.15 20:47:46 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014.01.15 20:43:22 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014.01.15 20:43:20 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.01.21 19:35:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.21 18:54:41 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.21 18:43:05 | 000,001,174 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670088758-1986555610-1753923070-1000UA.job
[2014.01.21 17:54:04 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.21 15:37:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.21 06:43:32 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-670088758-1986555610-1753923070-1000Core.job
[2014.01.20 07:02:16 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.20 07:02:16 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.19 13:56:16 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014.01.19 13:55:53 | 2411,929,600 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.19 13:28:14 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.19 10:48:47 | 000,659,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014.01.19 10:48:47 | 000,619,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.01.19 10:48:47 | 000,131,942 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014.01.19 10:48:47 | 000,108,062 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.01.19 10:40:44 | 000,010,066 | ---- | M] () -- C:\Users\Daniel Balbach\Desktop\log.zip
[2014.01.19 10:32:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.01.19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014.01.18 15:51:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Balbach\Desktop\OTL(1).exe
[2014.01.17 15:44:41 | 002,446,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.12.30 07:19:14 | 000,002,120 | ---- | M] () -- C:\Users\Daniel Balbach\AppData\Roaming\wklnhst.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.01.19 13:28:14 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.19 10:40:44 | 000,010,066 | ---- | C] () -- C:\Users\Daniel Balbach\Desktop\log.zip
[2014.01.19 10:19:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.01.19 10:19:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.01.19 10:19:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.01.19 10:19:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.01.19 10:19:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.11.30 14:55:07 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2013.11.29 14:49:30 | 000,006,835 | ---- | C] () -- C:\Windows\hpdj3500.ini
[2013.04.16 21:12:24 | 000,000,576 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013.04.13 19:43:54 | 000,007,168 | ---- | C] () -- C:\Windows\libDSPXUtils.dll
[2013.03.30 17:33:43 | 000,053,248 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.11.19 20:11:00 | 000,000,036 | ---- | C] () -- C:\Windows\mafosav.INI
[2012.11.16 20:36:33 | 000,000,015 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\X-Plane_drm.prf
[2012.11.16 20:30:42 | 000,000,080 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\X-Plane Installer.prf
[2012.09.28 21:08:51 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2012.09.28 21:08:50 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
[2012.08.11 21:02:46 | 000,000,000 | ---- | C] () -- C:\ProgramData\oflzemcx.exe
[2012.08.10 16:20:34 | 000,000,051 | ---- | C] () -- C:\ProgramData\wivcjewoonwgvvg
[2012.07.30 17:54:43 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2012.04.12 10:37:52 | 000,000,632 | ---- | C] () -- C:\Windows\Sof2.INI
[2012.03.04 11:31:48 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Balbach\cd
[2012.02.27 19:30:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2012.02.27 19:30:08 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.07.17 20:51:11 | 000,004,096 | -H-- | C] () -- C:\Users\Daniel Balbach\AppData\Local\keyfile3.drm
[2011.02.06 19:11:32 | 000,135,814 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\debuggee.mdmp
[2010.07.29 09:09:26 | 000,001,479 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\RecConfig.xml
[2010.03.25 17:55:51 | 000,138,056 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Roaming\PnkBstrK.sys
[2010.01.29 20:33:20 | 000,043,231 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\Perfmon.PerfmonCfg
[2010.01.28 20:38:43 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.01.27 21:44:20 | 000,018,432 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.25 22:16:52 | 000,023,782 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Roaming\UserTile.png
[2010.01.25 22:07:56 | 000,002,120 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Roaming\wklnhst.dat
[2010.01.25 17:53:34 | 000,007,604 | ---- | C] () -- C:\Users\Daniel Balbach\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:25F31665
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:D525A14E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:81405BF2
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:4CF61E54
< End of report >
Code:
OTL Extras logfile created on: 21.01.2014 19:34:57 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daniel Balbach\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 33,06% Memory free
5,99 Gb Paging File | 3,28 Gb Available in Paging File | 54,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 66,68 Gb Free Space | 23,13% Space Free | Partition Type: NTFS
Drive D: | 7,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: DANIELBALBAC-PC | User Name: Daniel Balbach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0703B168-BF3A-4D12-812D-4BE1521280B8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0A7B6960-BE56-43AC-A50B-C464C5A1CA3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0AEF6235-FC97-4A99-B8F1-9D61D7B2E78E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D2853C8-021D-4495-AB80-2992DED7CC0C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1A856A02-19D7-4785-85B4-1B5B21B9E65A}" = rport=139 | protocol=6 | dir=out | app=system |
"{1DA91038-9796-43B9-A916-ACD09F5AE8C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{20BC7B04-F552-4C56-BEAD-E6AA1EA352B7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{25E8894D-3D48-4EE2-8FBF-8C05E0769187}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F2C6FF6-CECA-4C8D-BD1B-1B999BD5AAD3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{425AEDD3-DA17-458B-A926-7C46EE4F12EC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{46E7FC21-1253-47E9-86FC-85078C77D63A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4DCE8E1D-E084-4491-B46D-FC7D3C663E5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5C4F5939-6E1B-44C2-8C16-5C30A89F7260}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{62D66727-C78E-4C64-A663-3D82D2E9F667}" = lport=1935 | protocol=6 | dir=in | name=broadcam video streaming server flash video server |
"{62D7980B-7B41-4FE9-88FE-113E8495F1EA}" = rport=138 | protocol=17 | dir=out | app=system |
"{6399CF57-603D-4247-99B7-5343A76B58D0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79496551-A55A-46B3-9F3C-DFCB83601F1A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8C897D8C-473C-4232-9B56-7CD8A5FE1805}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9DDA736D-B965-4F26-AEBA-9E142772F13B}" = lport=139 | protocol=6 | dir=in | app=system |
"{9E0163EB-E33C-431C-A3C4-4498BFB5B247}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1C940B4-0771-45F1-BCD5-157C19BA5D0C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB8D9C66-C0BC-4DB1-A8B4-3E6BCC38D47C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE42115C-4BEE-4D46-851D-9DA29B760B7E}" = rport=445 | protocol=6 | dir=out | app=system |
"{B228A1A6-085D-4863-9D4F-5AAFBA700857}" = lport=445 | protocol=6 | dir=in | app=system |
"{BC2F5B5C-3F7D-4A2A-9DCF-DB28FAA380C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD66A650-A6C1-4A63-B70E-E05AF424D453}" = lport=138 | protocol=17 | dir=in | app=system |
"{BDEDD912-1D19-4CED-82A5-F5A3CE6E25E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{C275860F-192E-4B83-95EB-7358E63E6EF3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C6B9A410-0A26-4423-AE43-75C481B86A54}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA99FC88-58F4-488D-80C7-17AA624BBB15}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CB436959-C909-4716-A99B-DB6DFF524955}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD2EEBAB-E6B3-4701-B362-2DDB99CBCEBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D51DDEA7-E25C-4484-93CB-1DD7AC7A477C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DEAF835A-72FB-4CC5-BBF8-5D866FD3AD6B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E2B85328-ABC2-4C04-A85C-219F9B0B41E1}" = lport=86 | protocol=6 | dir=in | name=broadcam video streaming server web server |
"{E857C692-7C54-4E97-8953-DC7A08BD875F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE804A6A-4B94-4896-85E7-A505EC3BB4EE}" = lport=4100 | protocol=17 | dir=in | name=upnp router steuerungs-anschluss |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00447B8E-C452-4E87-80E7-4904D2984FB2}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{01122830-294F-4289-B6AD-1320883E7DBF}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{05CBE23F-1407-4236-8C33-BFE7987747FD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1451C17F-9DA1-44B1-9735-5EA798AD2927}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{16FB31A6-61AD-4E91-9B62-0C5C67016AC7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1AB46C3A-1B35-4936-A68D-300266017720}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1E7E7708-36B2-47F5-8581-D229E97E18B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{268E505E-A10C-4566-A239-E23998EC4539}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{2E8F0A91-617E-47E3-B82B-52051B2752FF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2EF9394F-DDA1-44C9-9894-20A2B45527C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35BD0A38-4759-4CCA-97F1-1477D6A9839B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{520C5E15-3CCE-497E-8885-778FCF674E41}" = dir=in | app=c:\program files\apowersoft\video download capture\apowersoftsrv.dll |
"{52BEA069-95EE-4BC0-B5F4-E70D97876A8E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5327F2F0-E2AE-43AD-BE3E-C30E54221AA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5759BC6D-2779-4011-9417-CCA0B4D61C88}" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\call of duty\codmp.exe |
"{5A51E7DF-88FB-48CF-B8F7-AE477CD65CCF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5C5AF3A6-6280-4F70-87C1-1DAFDFE757FB}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{5F5C6370-3125-40EF-AF5F-672AD3FBE971}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65963AB1-265D-413A-A920-735E4B18F668}" = protocol=6 | dir=out | app=system |
"{6A60D6F1-0FFA-4587-B39F-BA393171D0FE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F64F86E-7A8A-4ECD-9308-EED9046E7282}" = dir=in | app=c:\program files\apowersoft\video download capture\video-download-capture.exe |
"{762E246A-2945-4FCA-B0B6-72DFA0B4E016}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7742CF3D-52E2-4866-B90A-C51670FCD664}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7CC885E5-05CF-4086-AA40-84CD3F99F717}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E98D74E-2508-4346-AB2A-8E9C0ED9BB21}" = dir=in | app=c:\program files\apowersoft\video download capture\videodownloadcapture.exe |
"{8A7B7522-D73F-47C9-8CEB-7557F23DB616}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8CDBCBFE-B0DA-4110-ACA7-25DF7EA38951}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{91D73EF7-C85B-4AFD-B325-6456D99AAB2C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{922E45C7-91ED-4CD0-A1DA-129B3B6D3D9A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{954F1335-4CDE-41E9-8B87-1445D6F36FC0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9656A844-F6B1-495E-9B68-3D21B79998BA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{983DE014-2CC4-45B1-A2C3-3529F4DAA70C}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{A5D69AF4-E490-4747-BE7C-1A37E90E0EE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A63F532F-B4AB-4091-BC74-BAF7FCF4C7DE}" = dir=in | app=c:\program files\apowersoft\video download capture\apowersoftdump.dll |
"{A858D4A6-6BDF-40BF-97E7-31D83ABC49FA}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{A9BE7403-0691-45F4-A7E4-72F3AF02CCEE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B2C55F64-15EB-40A7-A66B-32A7674DEC71}" = dir=in | app=c:\users\daniel balbach\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BBBC12B3-001E-4DFC-9693-1AF2C631C1E1}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{BBD203FB-4D3E-42E3-AB8E-08D8EEB0DF23}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C5F6CDB6-6F5A-4971-A5F3-AB84F4CEC50D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8B0DB02-8BAD-46F1-A3E3-84A0CDA6A8C7}" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\call of duty\codmp.exe |
"{E49AC24B-CC60-45D4-9105-28D50D533DDD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{ED261644-7C70-4D3B-AF9C-739BFDEFFF54}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{F742FF42-1CF9-4C25-9392-3941175B70DB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8BD0848-A15B-4763-B4A0-5DD6A23DC294}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FA06E582-30DD-4E20-A728-E1774D58701D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD095034-F21B-4869-845C-8F144244AB4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{10FEF7F6-A5BC-441F-B237-992EF2359302}G:\spiele\ea games\battlefield\bf 1942\bf1942.exe" = protocol=6 | dir=in | app=g:\spiele\ea games\battlefield\bf 1942\bf1942.exe |
"TCP Query User{150BB9C6-28E7-49A6-BD35-8E7D64E6F000}C:\users\daniel balbach\desktop\x-plane 10-demo\x-plane.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\x-plane 10-demo\x-plane.exe |
"TCP Query User{1C85B26B-B094-4B03-88DA-AE0A70782656}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{28B20A77-FF24-4B31-AB4D-7A5668961E37}D:\setup\data\etqw.exe" = protocol=6 | dir=in | app=d:\setup\data\etqw.exe |
"TCP Query User{2DE073F6-8F5C-4288-8B74-DAB194936630}C:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{345FF75C-A3DA-45FF-BC55-40C7DE8AFC6C}C:\program files\ubisoft\xiii\system\xiii.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\xiii\system\xiii.exe |
"TCP Query User{392358CF-B54D-4FFD-8C06-6C5CAF777A2B}G:\spiele\q3 a\quake3.exe" = protocol=6 | dir=in | app=g:\spiele\q3 a\quake3.exe |
"TCP Query User{3EDC8F06-CDF0-40B0-B043-D268AFAC5A78}F:\empire earth\empire earth.exe" = protocol=6 | dir=in | app=f:\empire earth\empire earth.exe |
"TCP Query User{3EFBB0F6-C995-4A78-8A19-79075BB719CF}C:\users\daniel balbach\desktop\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\call of duty\codmp.exe |
"TCP Query User{4473305E-7A9E-4ED6-80CA-6F687B61553A}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"TCP Query User{48A7402A-01BB-4E8E-8E98-5DBFB93F1F39}C:\users\daniel balbach\desktop\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\cossacks - back to war\dmcr.exe |
"TCP Query User{4DB09715-C6CB-4EB2-B6B3-FB25F8BE0D37}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{50C94B03-6B87-43B7-A9F2-1D2E3A0D7A70}F:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=f:\spiele\cs\hl.exe |
"TCP Query User{52AAD00E-0C64-4685-940C-4173498119E3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{56E39535-F4C2-46B9-8012-9EECF64B9D2A}H:\call of duty\codmp.exe" = protocol=6 | dir=in | app=h:\call of duty\codmp.exe |
"TCP Query User{57845796-5218-4102-A611-86362B0B798B}C:\users\daniel balbach\desktop\csneu\hl.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\csneu\hl.exe |
"TCP Query User{5B006DEF-65E6-44F7-80C1-594CCA2DF73C}F:\spiele\call of duty\codmp.exe" = protocol=6 | dir=in | app=f:\spiele\call of duty\codmp.exe |
"TCP Query User{74954DD1-D212-4F93-B8B6-D8871311E0B7}F:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=f:\spiele\stronghold crusader\stronghold crusader.exe |
"TCP Query User{8081C72D-18F3-44B8-9526-4ECF8CB4D6FC}F:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=f:\spiele\stronghold crusader\stronghold crusader.exe |
"TCP Query User{81C852E8-31AE-44BD-AC97-1FE674A272A4}G:\spiele\cs\hltv.exe" = protocol=6 | dir=in | app=g:\spiele\cs\hltv.exe |
"TCP Query User{886E82FA-7980-4FB9-BD6A-B86FBD6F9066}G:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=g:\spiele\cs\hl.exe |
"TCP Query User{91F643E5-E913-40A0-BAB9-6B7532194F56}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{9878E3FF-1AB7-4072-9CE0-ABF3A84AD83A}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{A1F49FE1-FBBD-4F0F-842E-35A0E0D02B8C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A44ED2DC-B9F9-4341-B2D6-207D2D6FCC4E}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{A609640A-F95A-4543-92CA-3738B92D5BC4}H:\battlefield\bf 1942\bf1942.exe" = protocol=6 | dir=in | app=h:\battlefield\bf 1942\bf1942.exe |
"TCP Query User{A9C197F7-AD0A-4D29-9AF5-E3A7B0273EC2}E:\speicherablagerung\spiele\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=e:\speicherablagerung\spiele\battlefield vietnam\bfvietnam.exe |
"TCP Query User{AB264F77-9FE4-404C-B78B-F5BD0E90A7D8}G:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=g:\spiele\battlefield vietnam\bfvietnam.exe |
"TCP Query User{B3303813-385D-43B6-A097-0C4051C1A281}C:\program files\ubi soft\xiii\system\xiii.exe" = protocol=6 | dir=in | app=c:\program files\ubi soft\xiii\system\xiii.exe |
"TCP Query User{BC350423-8DFD-47D9-921E-C041F947AB4D}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{C1472F9D-C86C-4C52-81E7-56D9BB1456E9}C:\users\daniel balbach\desktop\spiele + filme\battlefield\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\spiele + filme\battlefield\battlefield vietnam\bfvietnam.exe |
"TCP Query User{C3A9D852-8B15-40DC-8214-B2AFC459EBFB}C:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe |
"TCP Query User{D93E1AE7-E4DA-4D63-A589-D3C95CBD701D}C:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{D99E5A5D-9FF8-488D-B947-CA2BBEA68384}C:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe |
"TCP Query User{E3A9E278-C5F5-4B19-ABDA-C6FD5991F70D}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"TCP Query User{E8A00103-8C2D-432B-818C-9EECCD908504}C:\users\daniel balbach\desktop\spiele + filme\battlefield\bf 1942\bf1942.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\spiele + filme\battlefield\bf 1942\bf1942.exe |
"TCP Query User{E9B008A5-4CCD-44C9-BB63-C6C094716A93}G:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=g:\spiele\stronghold crusader\stronghold crusader.exe |
"TCP Query User{F66B9992-9074-4611-A46D-AABFCAE7CDE9}C:\users\daniel balbach\desktop\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\users\daniel balbach\desktop\age of empires ii\empires2.exe |
"TCP Query User{F78059DB-7580-4B47-AC7C-F85BD8898372}E:\keygen.avs.video.editor.v4.1.1.111.exe" = protocol=6 | dir=in | app=e:\keygen.avs.video.editor.v4.1.1.111.exe |
"TCP Query User{FCA6C0A6-8893-480C-A796-903E4FF087E5}F:\spiele\cs\hl.exe" = protocol=6 | dir=in | app=f:\spiele\cs\hl.exe |
"UDP Query User{0144F5DE-93B3-4921-918D-F444CF785EC2}F:\empire earth\empire earth.exe" = protocol=17 | dir=in | app=f:\empire earth\empire earth.exe |
"UDP Query User{0D0F1374-C9F0-4218-A063-B72A7C0BFC32}C:\users\daniel balbach\desktop\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\call of duty\codmp.exe |
"UDP Query User{10265705-0C64-446D-AC5D-A9C885A53B29}C:\users\daniel balbach\desktop\spiele + filme\battlefield\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\spiele + filme\battlefield\battlefield vietnam\bfvietnam.exe |
"UDP Query User{11C8D247-8C7F-4688-BF3A-6223CB49ACF7}F:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=f:\spiele\stronghold crusader\stronghold crusader.exe |
"UDP Query User{1CEF71BE-3F33-4D89-8129-8D314D5826BD}G:\spiele\q3 a\quake3.exe" = protocol=17 | dir=in | app=g:\spiele\q3 a\quake3.exe |
"UDP Query User{1D5EBA9C-E573-4160-B39E-EB83D4EEACC0}C:\users\daniel balbach\desktop\spiele + filme\battlefield\bf 1942\bf1942.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\spiele + filme\battlefield\bf 1942\bf1942.exe |
"UDP Query User{2B64E825-61E5-40F7-AF5E-78BCA2D921B5}E:\keygen.avs.video.editor.v4.1.1.111.exe" = protocol=17 | dir=in | app=e:\keygen.avs.video.editor.v4.1.1.111.exe |
"UDP Query User{2C903B4A-8180-4CD9-A0AB-92624D9B8FD7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{30FC0400-6FD2-43A6-80F6-82341D73D524}C:\users\daniel balbach\desktop\x-plane 10-demo\x-plane.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\x-plane 10-demo\x-plane.exe |
"UDP Query User{3379D6CF-90B7-4AA1-ADB2-BD55A9C545EC}H:\battlefield\bf 1942\bf1942.exe" = protocol=17 | dir=in | app=h:\battlefield\bf 1942\bf1942.exe |
"UDP Query User{463400A4-FF72-4B30-A66D-C27EE4920FBB}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{465E343A-46BA-4338-AE3C-D659B2C04BB7}C:\users\daniel balbach\desktop\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\cossacks - back to war\dmcr.exe |
"UDP Query User{5151888F-363C-440E-94A3-118A99021B58}C:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe |
"UDP Query User{565324AE-D862-4C8F-883E-620D53E61EB0}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{5BA79A17-06C9-4474-9E05-EF5D1A96CC88}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{66315B11-A698-4132-BDCC-5E5017EB45FA}G:\spiele\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=g:\spiele\battlefield vietnam\bfvietnam.exe |
"UDP Query User{674267E5-2168-4CFF-9B33-DFCE2B496322}C:\program files\ubisoft\xiii\system\xiii.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\xiii\system\xiii.exe |
"UDP Query User{70A2E806-5AD2-4C37-941E-C6B9FFBEF02E}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{82ECF472-1579-4F20-AF4A-88D1C41EA89E}G:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=g:\spiele\cs\hl.exe |
"UDP Query User{8BA1C927-46D5-4CFF-8541-E46A319800A2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9D13ED13-57A7-4F6A-AAEC-7E08E4BA4657}H:\call of duty\codmp.exe" = protocol=17 | dir=in | app=h:\call of duty\codmp.exe |
"UDP Query User{A0DFA7C4-0C85-4BFB-9732-2E29AAFA4DEF}C:\users\daniel balbach\desktop\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\age of empires ii\empires2.exe |
"UDP Query User{A334820B-FF06-4284-995D-F7BC348A1B73}G:\spiele\cs\hltv.exe" = protocol=17 | dir=in | app=g:\spiele\cs\hltv.exe |
"UDP Query User{A5BC8485-AF8F-44E3-B672-3DF5171FDD52}C:\program files\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"UDP Query User{A8E9CAED-20B6-4C1E-8C29-4267C7333538}C:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{BF3A394E-1AD9-4373-ABCA-EFBD6C17526F}C:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{C15D8F00-F22F-48A6-A5C3-3AADD674A29C}F:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=f:\spiele\stronghold crusader\stronghold crusader.exe |
"UDP Query User{C251837E-8E84-4200-BF44-A03BAB4360F1}D:\setup\data\etqw.exe" = protocol=17 | dir=in | app=d:\setup\data\etqw.exe |
"UDP Query User{C882D749-957F-4245-8D5E-FDC1740E4F29}F:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=f:\spiele\cs\hl.exe |
"UDP Query User{DB13B52C-E738-413F-AE9C-0C243E83C292}C:\program files\ubi soft\xiii\system\xiii.exe" = protocol=17 | dir=in | app=c:\program files\ubi soft\xiii\system\xiii.exe |
"UDP Query User{DC83C0D3-186F-4938-ACA6-2AE60A612CD9}F:\spiele\call of duty\codmp.exe" = protocol=17 | dir=in | app=f:\spiele\call of duty\codmp.exe |
"UDP Query User{DD86A020-F1B8-412A-8BDC-E48BE4ADD446}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{E0270F20-5282-4DBC-BE0A-770A9980C658}C:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\stronghold crusader\stronghold crusader.exe |
"UDP Query User{E4200D39-803F-43ED-AD69-0419F376F20A}E:\speicherablagerung\spiele\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=e:\speicherablagerung\spiele\battlefield vietnam\bfvietnam.exe |
"UDP Query User{E80E36EF-C4A7-492F-9936-F4398C6E7959}C:\users\daniel balbach\desktop\csneu\hl.exe" = protocol=17 | dir=in | app=c:\users\daniel balbach\desktop\csneu\hl.exe |
"UDP Query User{ECAB1615-EFF4-4868-AD84-07AD47DCCF44}G:\spiele\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=g:\spiele\stronghold crusader\stronghold crusader.exe |
"UDP Query User{ED6166F8-1D96-4254-8CD5-995C89748C21}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{EE136612-665E-4F6E-A2A4-F02362ADF48B}F:\spiele\cs\hl.exe" = protocol=17 | dir=in | app=f:\spiele\cs\hl.exe |
"UDP Query User{F351B9F4-3D13-4F6E-9124-C7869B78586B}C:\program files\ea games\battlefield 2\bf2_w32ded.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2_w32ded.exe |
"UDP Query User{F6564497-DEB8-4A25-9C44-EDB9162A9D7C}G:\spiele\ea games\battlefield\bf 1942\bf1942.exe" = protocol=17 | dir=in | app=g:\spiele\ea games\battlefield\bf 1942\bf1942.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2: Deluxe
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell PowerSave Solution
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9193306E-5935-47E0-B458-2548778C1614}_is1" = MediaGet2 version 2.1.577.0
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3DFF4C8-50BA-463D-8334-4BAFE7172EA6}" = SB Arena Headset
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4
"ALchemy" = Creative ALchemy
"Audio MP3 Editor_is1" = Audio MP3 Editor 6.30
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_AUDIO_HDA" = Conexant HD Audio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"Infocenter" = Infocenter
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{0C5D0DC4-F5D3-46F9-AE2E-E45C99B4A6B6}" = Enemy Territory - QUAKE Wars(TM) 1.1 Patch
"InstallShield_{2EC66D1C-4AF5-4811-BEDE-849D90461AF5}" = Enemy Territory - QUAKE Wars(TM) 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{BCA71D05-6BC9-4735-BA3F-7218EBE6A023}" = Enemy Territory - QUAKE Wars(TM) 1.4 Patch
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"LG On-Screen Phone" = LG On-Screen Phone
"LG PC Suite IV" = LG PC Suite IV
"LManager" = Launch Manager
"Macaw_is1" = Macaw 301
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Maschinenschreiben Deluxe_is1" = Maschinenschreiben Deluxe 1.2.30
"MatheGrafix 9_is1" = MatheGrafix 9 (Version 9.50)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Packard Bell Customer Registration" = Packard Bell Customer Registration
"PackardBell Screensaver" = PackardBell ScreenSaver
"SetupMyPC" = SetupMyPC
"SpeedFan" = SpeedFan (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative Systeminformationen
"SystemRequirementsLab" = System Requirements Lab
"TI-83 Plus Flash Debugger" = TI-83 Plus Flash Debugger
"Updator" = Updator
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.1.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"Xvid_is1" = Xvid 1.2.1 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9193306E-5935-47E0-B458-2548778C1614}_is1" = MediaGet2 version 2.1.904.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.01.2014 08:34:02 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4305
Error - 21.01.2014 08:34:03 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.01.2014 08:34:03 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5444
Error - 21.01.2014 08:34:03 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5444
Error - 21.01.2014 08:34:04 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.01.2014 08:34:04 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6489
Error - 21.01.2014 08:34:04 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6489
Error - 21.01.2014 08:34:05 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 21.01.2014 08:34:05 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7597
Error - 21.01.2014 08:34:05 | Computer Name = DanielBalbac-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7597
[ OSession Events ]
Error - 21.01.2011 18:27:41 | Computer Name = DanielBalbac-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 107012
seconds with 60 seconds of active time. This session ended with a crash.
Error - 18.03.2012 18:29:34 | Computer Name = DanielBalbac-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 49604 seconds with 4440 seconds of active time. This session ended with
a crash.
[ System Events ]
Error - 19.01.2014 13:20:05 | Computer Name = DanielBalbac-PC | Source = DCOM | ID = 10010
Description =
Error - 20.01.2014 16:34:12 | Computer Name = DanielBalbac-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Falls es von deiner Seite aus nichts mehr gibt, kann der Thread geschlossen /gelöscht werden.
mfg |
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Textbox. 