| |
| |||||||
Log-Analyse und Auswertung: Spiel Minimiert sich ständigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.03.2013, 21:40
| #1 |
| |  Spiel Minimiert sich ständig Hallo, seit einigen Tagen minimieren sich meine Spiele ständig. Ich habe schon nach einer Lösung gesucht im Internet und Anti Malware programme runtergeladen (keine malware/viren gefunden) aber nichts hat sich verändert. OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 29/03/2013 21:24:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16521) Locale: 00000410 | Country: Italien | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 30,78% Memory free 7,87 Gb Paging File | 4,78 Gb Available in Paging File | 60,75% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 337,00 Gb Total Space | 56,18 Gb Free Space | 16,67% Space Free | Partition Type: NTFS Drive D: | 337,54 Gb Total Space | 320,91 Gb Free Space | 95,07% Space Free | Partition Type: NTFS Computer Name: *** | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\PnkBstrB.exe () PRC - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Adobe\CS6\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\EgisService.exe (Egis Technology Inc. ) PRC - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Users\Patrick\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () PRC - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Origin\tufao.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll () MOD - C:\Users\***\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll () MOD - C:\Program Files (x86)\Battlelog Web Plugins\launcher-108.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\wincfi39.dll () MOD - C:\Windows\PLFSetI.exe () MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation) SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International) SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe (Symantec Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd) SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (CLKMSVC10_039CBDDF) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\NavFilter\kmsvc.exe (CyberLink) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations) SRV - (EgisTec Service) -- C:\Program Files (x86)\Acer Bio Protection\EgisService.exe (Egis Technology Inc. ) SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symnets.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symefa64.sys (Symantec Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symds64.sys (Symantec Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ironx64.sys (Symantec Corporation) DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ccsetx64.sys (Symantec Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare) DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis) DRV:64bit: - (tdrpman258) -- C:\Windows\SysNative\drivers\tdrpm258.sys (Acronis) DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (FPSensor) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec) DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (O2MDGRDR) -- C:\Windows\SysNative\drivers\o2mdgx64.sys (O2Micro ) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (O2SDGRDR) -- C:\Windows\SysNative\drivers\o2sdgx64.sys (O2Micro ) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys () DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (hidshim) -- C:\Windows\SysNative\drivers\hidshim.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (nuvotonhidcir) -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys (Nuvoton Technology Corporation) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130322.001\BHDrvx64.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130329.004\ex64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130329.004\eng64.sys (Symantec Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130328.001\IDSviA64.sys (Symantec Corporation) DRV - ({6E090BD5-4EF5-4bf0-A968-74049E88E935}) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl (CyberLink Corp.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/ IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - No CLSID value found IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_itIT514 IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\CS6\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Steam\SteamApps\common\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}: C:\Program Files (x86)\Acer Bio Protection\FFExt [2012/08/08 16:43:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn\ [2012/09/11 15:38:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn\ [2013/03/29 20:04:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/11/13 18:14:28 | 000,000,000 | ---D | M] [2013/02/14 22:59:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions [2012/10/20 14:01:59 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012/10/17 18:03:41 | 000,214,909 | ---- | M] () (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\firefox\profiles\0\extensions\onlinehdtv@onlinehd.tv.xpi ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1341740585&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1031&id=64855&mkt=de-DE&cbcxt=mai&snsc=1 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\25.0.1364.172\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Turn Off the Lights = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.32_0\ CHR - Extension: James White = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\ CHR - Extension: YouTube = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Facebook for Chrome = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.2.2_0\ CHR - Extension: Norton Identity Protection = C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\ O1 HOSTS File: ([2013/02/21 20:58:22 | 000,001,506 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS O1 - Hosts: For Windows 7 O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 127.0.0.1 na2m-pr.licenses.adobe.com O1 - Hosts: 127.0.0.1 adobe.tt.omtrdc.net O1 - Hosts: 127.0.0.1 products.adobe.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\x64\EgisPBIE.dll (Egis Technology Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (EgisPBIE Class) - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Acer Bio Protection\EgisPBIE.dll (Egis Technology Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\CS6\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000..\Run: [Facebook Update] C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000..\RunOnce: [Uninstall C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-1458767557-203290091-1572289996-1000\..Trusted Domains: sony.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{557D93F6-5523-4F02-A6AF-146FAF96A8D6}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{934E4645-000F-48CB-9B2B-F93D04F74F47}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\cnslmain.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\desura.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\desura_uninstaller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\mediabuilder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\ob_client_standard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\trueimagelauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\trueimagetools.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\cnslmain.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\desura.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\desura_uninstaller.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\mediabuilder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\ob_client_standard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\trueimagelauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\trueimagetools.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{233834ac-f689-11e1-9686-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{233834ac-f689-11e1-9686-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{233834ee-f689-11e1-9686-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{233834ee-f689-11e1-9686-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{40f2e32a-f5ec-11e1-875d-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{40f2e32a-f5ec-11e1-875d-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{40f2e32e-f5ec-11e1-875d-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{40f2e32e-f5ec-11e1-875d-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{6fed5578-f51b-11e1-b7ee-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{6fed5578-f51b-11e1-b7ee-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{6fed557e-f51b-11e1-b7ee-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{6fed557e-f51b-11e1-b7ee-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7825a27e-500f-11e2-a6bf-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{7825a27e-500f-11e2-a6bf-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7825a288-500f-11e2-a6bf-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{7825a288-500f-11e2-a6bf-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7825a28b-500f-11e2-a6bf-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{7825a28b-500f-11e2-a6bf-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b95e7d2a-f5c6-11e1-af57-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{b95e7d2a-f5c6-11e1-af57-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b95e7d31-f5c6-11e1-af57-18f46a1b1e12}\Shell - "" = AutoRun O33 - MountPoints2\{b95e7d31-f5c6-11e1-af57-18f46a1b1e12}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/03/29 21:18:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013/03/29 19:49:41 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013/03/29 19:49:36 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013/03/29 19:49:34 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013/03/29 19:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013/03/29 19:48:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013/03/29 19:46:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013/03/28 21:58:33 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/03/28 21:58:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/03/28 21:58:32 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/03/28 21:58:32 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/03/28 21:58:32 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/03/28 21:58:32 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/03/28 21:58:32 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/03/28 21:58:32 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/03/28 21:58:32 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/03/28 21:58:32 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/03/28 21:58:32 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/03/28 21:58:32 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/03/28 21:58:32 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/03/28 21:58:32 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/03/28 21:58:32 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/03/28 21:58:32 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/03/28 21:58:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/03/28 21:58:32 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/03/28 21:58:32 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/03/28 21:58:32 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/03/28 21:58:32 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/03/28 21:58:32 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/03/28 21:58:32 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/03/28 21:58:32 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/03/28 21:58:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/03/28 21:58:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/03/28 21:58:32 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/03/28 21:58:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/03/28 21:58:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/03/28 21:58:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/03/28 21:58:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/03/28 21:58:32 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/03/28 21:58:32 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/03/28 21:58:32 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/03/28 21:58:32 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/03/28 21:58:32 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/03/28 21:58:32 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/03/28 21:58:32 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/03/28 21:58:32 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/03/28 21:58:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/03/28 21:58:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/03/28 21:58:32 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/03/28 21:58:32 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/03/28 21:58:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/03/28 21:58:32 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/03/28 21:58:32 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/03/28 21:58:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/03/28 21:58:32 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/03/28 21:58:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/03/28 21:58:32 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/03/28 21:58:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/03/28 21:58:32 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/03/28 21:58:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/03/28 21:58:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/03/28 21:58:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/03/28 21:58:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/03/28 21:58:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/03/28 21:58:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/03/28 21:58:32 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/03/28 21:58:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/03/28 21:58:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/03/28 21:58:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/03/28 21:58:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/03/28 21:58:32 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/03/28 21:58:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/03/28 21:58:32 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/03/28 21:58:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/03/28 21:58:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/03/28 21:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center [2013/03/28 21:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center [2013/03/28 13:29:51 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\unfairmario [2013/03/28 08:49:58 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Anti-Malware [2013/03/27 19:05:31 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Malwarebytes [2013/03/27 19:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/03/27 19:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/03/27 19:05:18 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/03/27 19:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/03/27 17:30:31 | 069,796,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2013/03/25 18:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013/03/25 18:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013/03/22 17:10:00 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [2013/03/22 17:01:35 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Assassin's Creed Revelations [2013/03/20 21:18:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013/03/13 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/03/13 22:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013/03/13 22:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013/03/10 16:21:05 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/03/10 16:20:31 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/03/10 16:20:31 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/03/10 16:20:31 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/03/05 16:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2013/02/27 22:04:43 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/02/27 22:04:42 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/02/27 22:04:42 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/02/27 22:04:42 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/02/27 22:04:35 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/02/27 22:04:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/02/27 22:04:33 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/02/27 22:04:33 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/02/27 22:04:33 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/02/27 22:04:33 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 22:04:33 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/02/27 22:04:33 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 22:04:33 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/02/27 22:04:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 22:04:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/02/27 22:04:33 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 22:04:33 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/02/27 22:04:32 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/02/27 22:04:32 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/02/27 22:04:32 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/02/27 22:04:32 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/02/27 22:04:32 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/02/27 22:04:32 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/02/27 22:04:32 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/02/27 22:04:32 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/02/27 22:04:32 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/02/27 22:04:32 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/02/27 22:04:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 22:04:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/02/27 22:04:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 22:04:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/02/27 22:04:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 22:04:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/02/27 22:04:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 22:04:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/02/27 22:04:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 22:04:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/02/27 22:04:31 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/02/27 22:04:31 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/02/27 22:04:31 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/02/27 22:04:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [1 C:\Users\Patrick\Desktop\*.tmp files -> C:\Users\Patrick\Desktop\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/03/29 21:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/03/29 21:20:39 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/03/29 21:20:39 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/03/29 21:19:30 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1458767557-203290091-1572289996-1000UA.job [2013/03/29 21:19:29 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1458767557-203290091-1572289996-1000Core.job [2013/03/29 21:18:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013/03/29 21:17:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1458767557-203290091-1572289996-1000UA.job [2013/03/29 20:22:02 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013/03/29 20:22:02 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013/03/29 20:20:29 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013/03/29 20:09:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/03/29 20:09:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/03/29 20:02:25 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2013/03/29 20:01:33 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2013/03/29 20:01:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/03/29 20:00:52 | 3168,137,216 | -HS- | M] () -- C:\hiberfil.sys [2013/03/29 19:49:31 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013/03/29 19:49:31 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013/03/29 15:17:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1458767557-203290091-1572289996-1000Core.job [2013/03/29 14:48:27 | 002,273,214 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\Cat.DB [2013/03/28 21:58:33 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/03/28 21:58:32 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/03/28 21:58:32 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/03/28 21:58:32 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/03/28 21:58:32 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/03/28 21:58:32 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/03/28 21:58:32 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/03/28 21:58:32 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/03/28 21:58:32 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/03/28 21:58:32 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/03/28 21:58:32 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/03/28 21:58:32 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/03/28 21:58:32 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/03/28 21:58:32 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/03/28 21:58:32 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/03/28 21:58:32 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/03/28 21:58:32 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/03/28 21:58:32 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/03/28 21:58:32 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/03/28 21:58:32 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/03/28 21:58:32 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/03/28 21:58:32 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/03/28 21:58:32 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/03/28 21:58:32 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/03/28 21:58:32 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/03/28 21:58:32 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/03/28 21:58:32 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/03/28 21:58:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/03/28 21:58:32 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/03/28 21:58:32 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/03/28 21:58:32 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/03/28 21:58:32 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/03/28 21:58:32 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/03/28 21:58:32 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/03/28 21:58:32 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/03/28 21:58:32 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/03/28 21:58:32 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/03/28 21:58:32 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/03/28 21:58:32 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/03/28 21:58:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/03/28 21:58:32 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/03/28 21:58:32 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/03/28 21:58:32 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/03/28 21:58:32 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/03/28 21:58:32 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/03/28 21:58:32 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/03/28 21:58:32 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/03/28 21:58:32 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/03/28 21:58:32 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/03/28 21:58:32 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/03/28 21:58:32 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/03/28 21:58:32 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/03/28 21:58:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/03/28 21:58:32 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/03/28 21:58:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/03/28 21:58:32 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/03/28 21:58:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/03/28 21:58:32 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/03/28 21:58:32 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/03/28 21:58:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/03/28 21:58:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/03/28 21:58:32 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/03/28 21:58:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/03/28 21:58:32 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/03/28 21:58:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/03/28 21:58:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/03/28 21:58:32 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/03/28 21:58:32 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/03/28 21:58:32 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/03/28 21:58:32 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/03/28 04:29:03 | 000,002,608 | ---- | M] () -- C:\{DA6D88CB-C0F3-4009-A208-38E519239B70} [2013/03/28 04:26:00 | 000,002,608 | ---- | M] () -- C:\{B6189FE9-D261-4B3F-B39A-BB96316122AD} [2013/03/28 04:23:19 | 000,002,608 | ---- | M] () -- C:\{ACDCADF7-CAD2-4DB0-A694-DF4FB8DC8B3A} [2013/03/28 04:21:36 | 000,002,608 | ---- | M] () -- C:\{7DE36EF7-D79D-4B3E-9603-B2F2EE0EA21B} [2013/03/28 04:19:57 | 000,004,064 | ---- | M] () -- C:\{5C9F3801-F7C1-461B-AF5A-7025AEBD0081} [2013/03/28 04:18:20 | 000,003,608 | ---- | M] () -- C:\{27EA2799-FCA8-4879-B17D-03E287FAC3D4} [2013/03/27 19:05:20 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/03/22 19:25:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013/03/21 21:53:30 | 003,123,272 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2013/03/15 16:19:59 | 000,002,380 | ---- | M] () -- C:\Users\Patrick\Desktop\Google Chrome.lnk [2013/03/13 19:49:05 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/03/13 19:49:05 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/03/10 16:20:23 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/03/10 16:20:14 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013/03/10 16:20:14 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013/03/10 16:20:14 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/03/10 16:20:14 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/03/10 16:20:14 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/03/06 14:39:41 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\VT20130115.021 [2013/03/05 18:57:07 | 000,002,408 | ---- | M] () -- C:\{EDE73E6C-B1DF-4820-BF68-2272AB983E5F} [2013/03/05 16:57:57 | 000,000,566 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2013/03/04 14:15:42 | 069,796,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [1 C:\Users\Patrick\Desktop\*.tmp files -> C:\Users\Patrick\Desktop\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/03/29 19:49:31 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013/03/29 19:49:31 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013/03/29 19:49:18 | 000,002,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013/03/28 21:58:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/03/28 21:58:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/03/28 04:29:01 | 000,002,608 | ---- | C] () -- C:\{DA6D88CB-C0F3-4009-A208-38E519239B70} [2013/03/28 04:25:58 | 000,002,608 | ---- | C] () -- C:\{B6189FE9-D261-4B3F-B39A-BB96316122AD} [2013/03/28 04:23:16 | 000,002,608 | ---- | C] () -- C:\{ACDCADF7-CAD2-4DB0-A694-DF4FB8DC8B3A} [2013/03/28 04:21:34 | 000,002,608 | ---- | C] () -- C:\{7DE36EF7-D79D-4B3E-9603-B2F2EE0EA21B} [2013/03/28 04:19:55 | 000,004,064 | ---- | C] () -- C:\{5C9F3801-F7C1-461B-AF5A-7025AEBD0081} [2013/03/28 04:18:15 | 000,003,608 | ---- | C] () -- C:\{27EA2799-FCA8-4879-B17D-03E287FAC3D4} [2013/03/27 19:05:20 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/03/05 18:57:06 | 000,002,408 | ---- | C] () -- C:\{EDE73E6C-B1DF-4820-BF68-2272AB983E5F} [2013/03/05 16:57:57 | 000,000,566 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2013/02/18 18:04:47 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012/12/05 16:04:58 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll [2012/10/25 14:10:13 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2012/10/20 20:38:42 | 000,004,608 | ---- | C] () -- C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/09/13 20:43:43 | 004,446,016 | ---- | C] () -- C:\Users\Patrick\AppData\Local\Tempmusic.ogg [2012/09/12 16:40:31 | 000,000,661 | ---- | C] () -- C:\Windows\wininit.ini [2012/09/11 16:31:52 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI [2012/09/04 14:24:39 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/09/04 14:24:21 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/09/03 18:02:38 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2012/09/03 16:44:39 | 001,774,504 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/03 14:07:07 | 000,007,674 | ---- | C] () -- C:\Users\Patrick\AppData\Local\Resmon.ResmonCfg [2012/08/08 16:27:44 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2012/08/08 16:27:44 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe [2012/08/08 16:27:44 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2012/08/08 16:27:44 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2012/08/08 16:12:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/08/08 16:09:15 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012/07/28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/07/28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/06/01 06:14:01 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/07/14 11:02:04 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/12/25 17:04:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit [2012/12/25 17:04:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit [2013/03/25 17:24:38 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\.minecraft [2012/09/02 18:07:35 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Acronis [2012/12/05 16:04:58 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Apowersoft [2013/03/17 12:15:39 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Audacity [2013/02/09 17:05:36 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Beat Hazard [2012/11/30 16:21:41 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/10/21 19:36:14 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2013/03/25 18:27:11 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\DVDVideoSoft [2013/01/30 21:44:43 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\DVDVideoSoftIEHelpers [2012/09/10 18:30:57 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\fltk.org [2012/12/06 15:43:45 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\GlarySoft [2012/11/20 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Image-Line [2012/12/24 13:12:22 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\IObit [2012/09/11 16:28:30 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Leadertech [2012/10/16 19:44:22 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\LolClient [2012/10/28 11:23:39 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\MAGIX [2013/02/07 22:09:01 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\MediaMonkey [2012/12/09 16:47:28 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Origin [2012/11/11 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PACE Anti-Piracy [2012/12/24 23:13:36 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PowerCinema [2012/09/15 17:13:40 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Publish Providers [2013/02/12 13:05:14 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PunkBuster [2012/10/21 17:05:26 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Rovio [2012/09/11 16:31:29 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ScanSoft [2013/03/29 20:10:44 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Sony [2013/01/16 21:37:56 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/11/17 19:30:16 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\SumatraPDF [2012/09/02 19:55:18 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\T-Mobile [2012/09/02 20:32:13 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\T-Mobile Internet Manager [2013/01/23 19:43:24 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TeamViewer [2013/01/13 19:33:54 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client [2013/03/29 19:48:29 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TuneUp Software [2013/02/26 21:47:23 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Ubisoft [2012/11/11 20:32:58 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Unity [2013/03/10 22:19:12 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\uTorrent [2012/10/25 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\XMedia Recode ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57 @Alternate Data Stream - 1083 bytes -> C:\Users\Patrick\AppData\Local\Temp:sX5MlF2Cc86PpOKn232nVj3TIQ3 < End of report > Geändert von InsaneNapkin (29.03.2013 um 21:52 Uhr) |
|
29.03.2013, 21:53
| #2 |
| | Spiel Minimiert sich ständig EXTRAS:
__________________Code:
ATTFilter OTL Extras logfile created on: 29/03/2013 21:24:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000410 | Country: Italien | Language: ITA | Date Format: dd/MM/yyyy
3,93 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 30,78% Memory free
7,87 Gb Paging File | 4,78 Gb Available in Paging File | 60,75% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 337,00 Gb Total Space | 56,18 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Drive D: | 337,54 Gb Total Space | 320,91 Gb Free Space | 95,07% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A28BF7-2D23-4EC1-AD05-8EB86E85F9F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B5F71C1-2860-485F-9E14-7325E3D130E2}" = lport=33300 | protocol=6 | dir=in | name=printerprodesktop |
"{174E043D-474D-4821-8118-8A04B9A972A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{23EED334-30F8-4005-A35E-976DD246AC09}" = rport=138 | protocol=17 | dir=out | app=system |
"{25DDF2C2-6183-4595-B2E0-D9F642D5F8A2}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{2FD096A8-4545-4D68-B348-627303101CD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{355EDE06-BF3E-41BE-A7E9-7FD50AF651C7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5267B48A-7032-412D-9254-4D34940FBA22}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7B47888A-FABC-4401-AD8A-47F1E5AFE5ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{8233CBCF-37E7-4390-A699-DF38B12469E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{848397C1-AFC1-4F97-9225-71DF61627277}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{871C5DA8-CB2B-47DA-A50B-540B09C6CB59}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93295995-FE7B-4DA2-8032-57A3EF84DAB5}" = rport=139 | protocol=6 | dir=out | app=system |
"{A3159991-EBE7-4126-A103-B2D0556491FC}" = rport=137 | protocol=17 | dir=out | app=system |
"{ABFDE448-DC67-48F9-9015-7E4ED69A7684}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B67C2B17-52E8-49FF-BC59-904791E2D082}" = lport=445 | protocol=6 | dir=in | app=system |
"{B762F1E9-B90B-4FF5-A5E1-8A3D5172773F}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{C11BBD39-4A2D-4024-AC46-D210995B7911}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE9CD609-AD05-42E5-8531-9DAAB2AFBD54}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DCA8F1AB-D36C-4406-985A-2084973A5405}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E0A2A2B7-F6EC-415D-924B-5DFB01528726}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F32C077D-EACC-4FD2-9E4A-74CE9D71C99D}" = lport=139 | protocol=6 | dir=in | app=system |
"{F3372C4B-E9DA-43F4-ABD6-E3AC4206EE00}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4AF3F0B-1F59-447B-92DA-7BD106FD4DE7}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EA5BE9-9EAB-40C0-95A9-4C50BC968FEE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{02EDBA1A-80AE-4C45-A25E-CEA5B9EADBF7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{079CC025-F1B2-4110-85F1-49A9D59FCF1C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A2D4EA3-AC6A-4438-A97D-7FB11796E59F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{0AE7EBEC-A436-4344-9060-3FD3EA12B3AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{0BCFE0FB-5D15-43D4-AD7C-3403CD188E5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{0C9B8D16-F0E9-4BFB-8265-006B9462DA2E}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\cs6\adobe flash builder 4.6\flashbuilder.exe |
"{1270BC1C-A90A-4FF5-8595-8F85439F8BDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14B96AA0-22D0-4232-9FFD-9D6D837F71D0}" = protocol=6 | dir=out | app=system |
"{15CC40A6-17CC-45CE-A2B3-C427BEDE8FCF}" = dir=in | app=c:\program files (x86)\apowersoft\screen recording suite\screenrecordingsuite.exe |
"{17E43695-5E98-4306-929B-BED49D22F17A}" = protocol=17 | dir=in | app=d:\ubisoft\assassins creed brotherhood\acbmp.exe |
"{18911DC3-0B27-4B0E-A7F3-E50A22FC060B}" = protocol=6 | dir=in | app=c:\program files (x86)\printer pro desktop\printerprodesktop.exe |
"{1FD06359-712D-4103-88AB-1A03C09596FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{242712AF-5C9B-410F-8998-230CC4852806}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{24C7A15D-863E-45EE-AAA1-AD5BD27DAE44}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{2571D6D8-5614-4825-82E7-3F0B764DB87B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrsp.exe |
"{264B3B70-D7A4-4B70-9BF1-5D8F2448AEBC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassin's creed revelations\acrsp.exe |
"{2A9A4CCD-B514-4270-A1AB-6EEA584696D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AE3BBFF-60CC-43A9-ADD2-EA29A2403DCE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3181952C-7DE2-4FBF-99EB-1342AFD4D8C2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{330CA428-9EAF-415D-9314-042D6B3F6F87}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36D5C992-6D73-4626-B1B9-4EAAFBC06018}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{38AAA397-3CC4-4F7F-94A8-F6683DC80D2A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3A32231F-0990-4C2B-A720-B38D2C2BD0F0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{3DF1CF85-CF3A-4652-BCCA-9F83DD5B0639}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{401BA3E4-3A21-4031-AB3E-536CAAE83975}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4130D875-634E-4F21-955F-392825A94B86}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{456AC086-76E8-49C3-9ABB-1FF5A9A590B2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{468D218F-B7E7-484D-B515-4EA420E4FECB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{48927FF1-31C4-4993-B778-795B0136823D}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{49818E70-70DC-46B8-99B2-BD2654B11D73}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4CC1D4FD-77C7-49EB-80F2-CEF1D0A09AEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{4E62964B-C8ED-44FF-BBB3-FA46E57FA5F3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{4F9FAA0B-DB2F-4025-9DE6-C78097CE67F7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{56DEC0F4-3607-4CA3-8776-277D07AE53F8}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5754FADC-DFE8-41A3-B4E9-511A20107FF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{57CBA543-C639-49C9-B28B-8C0809A5EB36}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{58B69BDB-E458-4FFC-A0DD-D86FEEE311A0}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{59340B26-E521-4BD4-8E47-F556EAF88D68}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{62286BD8-6DF7-4449-B2B1-9071CAD01590}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{625E6F99-03AD-4BA0-A9B1-551E9B70DFB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6ABF44F6-3F8A-4966-8A37-1F1BA9C8A243}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6D229343-D418-4363-98AC-DA59162B3A98}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{72EAAC12-F27D-4852-A95E-D935FB7CC784}" = dir=in | app=c:\users\patrick\appdata\local\microsoft\skydrive\skydrive.exe |
"{74198905-77EB-4A61-84A1-C40619365A1E}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{795C8031-7DF3-468D-9D02-4FA71AE13665}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{7C3AD2A7-634D-4F53-82C1-EAAD1B971037}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C92B97C-590F-4087-95CE-141AF8E286A5}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\cs6\adobe flash builder 4.6\flashbuilder.exe |
"{7CD467FA-E400-46C7-89FC-578A8B4AD8F9}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{7FA47468-5D2F-411F-BC59-578B9149E27A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\deathshadow95\half-life\hl.exe |
"{80A50E7E-3946-4194-96D3-2B8A2B6F5DCE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{824FEF7B-2DE7-44E9-9E33-E4456381F164}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{86CB45ED-B69C-4ECA-8DAE-AF82C8CE7808}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{882D0DA5-41C6-434D-B0BA-FBFDCDFF64BB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8856A466-61DF-4576-9187-1868F5B49F5E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{88796279-95A5-4D52-A20C-D718D28BCCF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{8AC4AA9C-7862-41CC-A9CF-73311B5CB9B9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8B264EFE-5711-4F6C-AB7E-91F138B2093D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\deathshadow95\half-life\hl.exe |
"{8B95A213-DF72-4DD5-BB39-30906555FD15}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8E4614B2-FDE8-4C85-BF33-DAF7E9B02D43}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{8E553E74-9FEE-4F84-ABD7-6316C6554443}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{93EFFE2B-59A6-4E98-9ACB-9BE6498C37BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9593A17B-C0B9-4B24-AD8F-E1D30C5FFDE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{959FE13C-2D7A-4CA8-9ED5-B7E48E96FC51}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{9A5E4913-ED75-4597-8DB2-4B2BA4979A5F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9B467B49-18E4-4023-B3B0-9C7C2093D5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{9C085BC2-11C9-4DC1-ADA5-658F79031CE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{9C5FD7D5-E3A1-4524-ADEF-AC1834953BF4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{9EA71DF5-885A-4589-9185-5CA6510BDD29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{A1014B52-8557-4A84-8AAD-6973FC4D3345}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A16767E4-85B4-4921-AE62-5D864B4F8DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{A7684C31-4106-4526-A310-2373A408F1D4}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{ABB99275-9400-4A1E-8F19-D2373E71C18B}" = dir=in | app=c:\program files (x86)\apowersoft\screen recording suite\screen-recording-suite.exe |
"{ABEC81E1-820C-4E13-BFFD-FAE4329708DD}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{AC5DDED9-E39E-4464-AF92-8CC4B0A0B58A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AE6A42F2-6BCE-474B-8D46-BBC4878B808B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B2024F8A-7DE4-44F3-AB55-FF5D053922FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{B3058B22-C264-46E8-8B6C-9DA65204F6D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B320BC47-1365-4EAD-98F4-CA532FEAC18B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\dead space 3\deadspace3.exe |
"{B32BCFB7-DDD9-41E2-A906-E46FCAE109E6}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{B814FE39-B180-4EA9-B090-25A0B5FE1F16}" = dir=in | app=c:\users\patrick\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{B8773A27-646D-4F9D-9DFA-9B0A937C46FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BBEFEA38-5472-45F7-BB22-F773E8269F1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C093B4D0-58B1-4C22-9D9A-2C82586F9B67}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{C23F136F-F8CE-417D-9D4A-97BDD690EB08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C25141EB-B044-4ABE-A28D-FE9C2C8C6E7D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{C8012DF9-3AE2-4527-86D3-422538B17C1B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C8BB1D43-B17F-4625-B817-C8F10B52AD48}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{C90B0444-69B6-4348-97FB-E6A37F3C0D27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{C9BAC70B-C43B-4949-8F4F-44CD0CBA72B7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CB36CE5A-AED2-41D3-BF2F-C6664A1FEE4F}" = protocol=6 | dir=in | app=d:\ubisoft\assassins creed brotherhood\acbmp.exe |
"{CB66DFFA-175D-4629-84BF-394AF51C183A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB8BB2F9-FA2E-4A4D-88E4-3AE2CFE61A6B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CE53A987-27D0-4652-A657-F5026E081BDB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D30EF534-3050-4084-8CC4-6840AC526125}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D68BA0D1-FC2B-4A29-9D12-93495610F41B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D705DA70-206F-44F6-94A8-36F737E1453C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D73D9E6F-FE44-4104-B9CD-B04C29C07832}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{DC5E027B-2DA1-47FF-9A07-3F87414AA6D9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{DF7E0BF8-C3CA-4B3E-9B2F-456A3E317599}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\dead space 3\deadspace3.exe |
"{E1117CD5-2E5F-477E-BD6E-15C3C2EDBDBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{E175E16C-CF7C-41E8-A78C-46E58E8A590B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9BCE33D-FD80-4504-856B-DFDB4B95EBEE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EB34C94C-C538-4082-8AEC-32B1A949DB85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED59EFA6-85B8-4AE4-8AE3-491F1C4405C5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EE674F64-3F65-4295-A6E5-4B3AD6394DE7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EF0598D9-A162-47A9-A56B-F10533435980}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{EF4B61FE-E28F-4551-A804-6D20A49BB91B}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\cs6\adobe flash builder 4.6\flashbuilder.exe |
"{F04D06E5-E926-449F-B3AD-52BAD0573A88}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\cs6\adobe flash builder 4.6\flashbuilder.exe |
"{F24BCC33-B1E1-4A8E-B403-AE35174E00E1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FAFF1EE2-291E-4DD5-A944-1A7955EF8FA2}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{FB7A3869-9B10-403C-86D1-73C405E966E1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{FD526C3B-307F-49E8-8937-DE99F24D9F2C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{EA30F3B1-2FE0-4906-9991-8A8555007944}C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"UDP Query User{198BD73A-B5E9-40F4-8120-ED0944DAAABB}C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{12FE6AA6-65D2-40EE-B925-62193128A0E6}" = Microsoft SQL Server 2008 Native Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft-Maus- und Tastatur-Center
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5866DD36-8055-475B-A5C3-82C04091D14E}" = BF3 Settings Editor
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A000F75A-A246-44A7-8079-9E9E7F9054B2}" = BioExcess
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F55458B0-DCA9-38C9-6C8D-829F22463A55}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{032412BA-DE82-47C2-B414-A1C96822189B}" = Acer Arcade Instant On
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{257D8E32-4971-4199-BE23-093A00A6DE91}" = Acronis*True*Image*Home 2011
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A231800-A7CF-4223-B8A3-1FD9057BAE96}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4DE63AC8-5FF0-4D3C-B7F5-60AD9045E9E3}" = BF3 Colour Tweaker
"{51485B01-005D-40DA-A416-097995B61268}" = Nero 11 Collection 1
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{5C13C5F3-6E30-449F-8872-DF8AC35AE285}_is1" = CraftBukkit
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{706AE61D-40A4-4F50-8359-FE8F6F7FA461}" = Acronis Drive Monitor
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5509EE-5579-46C1-B566-5065545547F9}" = Media Add-ons für Acronis True Image Home 2011
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB17558-7189-1415-2370-D689FDD44B33}" = PX Profile Update
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = Catalyst Control Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BD21728C-22C5-2D69-2F52-C4437E8FF02E}" = Catalyst Control Center InstallProxy
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C314EA94-9FAF-969D-544F-816FE102EAFD}" = Catalyst Control Center InstallProxy
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{D79EB872-3E54-A9D4-F11E-F147BB7C31D9}" = Adobe® Content Viewer
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.5.0
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers
"{FD588AD4-9150-4A41-83E8-61596E0954E4}" = Fingerprint Solution
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"BattlEye for OA" = BattlEye for OA Uninstall
"Canon MP520 series Benutzerregistrierung" = Canon MP520 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Desura" = Desura
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.1.320
"Glary Utilities_is1" = Glary Utilities Pro 2.51.0.1666
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"InstallShield_{FD588AD4-9150-4A41-83E8-61596E0954E4}" = Acer Bio Protection
"IsoBuster_is1" = IsoBuster 3.1
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.7.5 (Basic)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"N360" = Norton 360
"Origin" = Origin
"PrinterProDesktop" = Printer Pro Desktop
"PunkBusterSvc" = PunkBuster Services
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"Steam App 201870" = Assassin's Creed Revelations
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 43110" = Metro 2033
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 70" = Half-Life
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamViewer 7" = TeamViewer 7
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Uplay" = Uplay
"uTorrent" = µTorrent
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1458767557-203290091-1572289996-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22/02/2013 14:13:45 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: igo32.dll, Version: 9.1.13.89, Zeitstempel:
0x5122b5b8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000062dc ID des fehlerhaften Prozesses:
0x1bf8 Startzeit der fehlerhaften Anwendung: 0x01ce11282b6eed84 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Origin\igo32.dll Berichtskennung: 98097697-7d1b-11e2-8800-60eb6956e687
Error - 22/02/2013 15:47:13 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00390b33 ID des fehlerhaften Prozesses:
0x264 Startzeit der fehlerhaften Anwendung: 0x01ce11355c4aa47c Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe
Berichtskennung:
a6decf74-7d28-11e2-8800-60eb6956e687
Error - 24/02/2013 12:06:39 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm ArmA2OA.exe, Version 1.62.95.248 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a70 Startzeit:
01ce12a8e3ad83ef Endzeit: 5 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Arma
2 Operation Arrowhead\ArmA2OA.exe Berichts-ID: 278bc021-7e9c-11e2-8810-60eb6956e687
Error - 24/02/2013 14:21:41 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm ArmA2OA.exe, Version 1.62.95.248 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 11d4 Startzeit:
01ce12bbbcd785fc Endzeit: 2 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Arma
2 Operation Arrowhead\ArmA2OA.exe Berichts-ID: 05847343-7eaf-11e2-8810-60eb6956e687
Error - 02/03/2013 16:43:59 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00390b33 ID des fehlerhaften Prozesses:
0x1ffc Startzeit der fehlerhaften Anwendung: 0x01ce17868147abc4 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe
Berichtskennung:
e840ee6d-8379-11e2-8834-60eb6956e687
Error - 02/03/2013 16:47:48 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00390b33 ID des fehlerhaften Prozesses:
0x1134 Startzeit der fehlerhaften Anwendung: 0x01ce1787073191cc Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe Pfad des
fehlerhaften Moduls: C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe
Berichtskennung:
7101a5c9-837a-11e2-8834-60eb6956e687
Error - 06/03/2013 14:04:10 | Computer Name = Patrick-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acronis\Media Add-ons\BartPE\Files\TrueImage.exe". Die abhängige Assemblierung
"Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15/03/2013 14:29:38 | Computer Name = ***-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Acronis\Media Add-ons\BartPE\Files\TrueImage.exe". Die abhängige Assemblierung
"Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18/03/2013 12:26:59 | Computer Name = ***-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 25.0.1364.172,
Zeitstempel: 0x513d06c4 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc000041d Fehleroffset: 0x74854f0d ID des fehlerhaften
Prozesses: 0x19a8 Startzeit der fehlerhaften Anwendung: 0x01ce23eab6ddd7ea Pfad der
fehlerhaften Anwendung: C:\Users\***\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: a7b5b053-8fe8-11e2-a6b0-18f46a1b1e12
Error - 21/03/2013 13:40:26 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm chrome.exe, Version 25.0.1364.172 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a98 Startzeit:
01ce265b0320e676 Endzeit: 17 Anwendungspfad: C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
Berichts-ID:
[ System Events ]
Error - 18/01/2013 13:16:34 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 25/01/2013 14:20:22 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 30/01/2013 14:22:31 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 30/01/2013 14:28:24 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 01/02/2013 11:32:13 | Computer Name = ***-PC | Source = volmgr | ID = 262190
Description = Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error - 01/02/2013 11:33:20 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem
Fehler beendet: %%5.
Error - 01/02/2013 11:33:35 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
Error - 01/02/2013 11:33:45 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147218173.
Error - 01/02/2013 11:33:50 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 04/02/2013 09:59:24 | Computer Name = ***-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
< End of report >
|
|
01.04.2013, 20:24
| #3 |
| /// Helfer-Team  | Spiel Minimiert sich ständig Bitte das Malwarebytes-Logfile posten, das du schon gemacht hast! (Reiter Logdateien) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers dann: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ |
|
03.04.2013, 17:42
| #4 |
| | Spiel Minimiert sich ständig Das Problem hat sich gelöst. Problem war ein Prozess: Online Update Clinet (ouc.exe *32) von T-Mobile Internet Manager  |
|
04.04.2013, 10:09
| #5 |
| /// Helfer-Team | Spiel Minimiert sich ständig Alles klar. Danke fuer die Rueckmeldung. |
|
| Themen zu Spiel Minimiert sich ständig |
| adblock, adobe, autorun, bho, bonjour, browser, c:\windows\system32\cmd.exe, canon, converter, dvdvideosoft ltd., explorer, firefox, flash player, format, google, home, homepage, internet, launch, limited.com/facebook, logfile, malware, mp3, origin, plug-in, pmmupdate.exe, realtek, registry, scan, server, siteadvisor, software, symantec, visual studio, windows |
Linear-Darstellung
