Phils1984 | 06.02.2013 19:10 | HI MArkus, dass ist der LOG :)!
Habe den Backup Ordner gelöscht. Werde gleich nochmal C und E scanne mit Avira.
:rolleyes: Code:
OTL logfile created on: 06.02.2013 18:57:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Philipp\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 71,73% Memory free
15,99 Gb Paging File | 14,01 Gb Available in Paging File | 87,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102,54 Gb Total Space | 39,24 Gb Free Space | 38,26% Space Free | Partition Type: NTFS
Drive D: | 600,59 Gb Total Space | 397,31 Gb Free Space | 66,15% Space Free | Partition Type: NTFS
Drive E: | 228,29 Gb Total Space | 202,07 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1463,33 Gb Free Space | 78,55% Space Free | Partition Type: NTFS
Drive N: | 1397,26 Gb Total Space | 718,35 Gb Free Space | 51,41% Space Free | Partition Type: NTFS
Drive Y: | 1851,41 Gb Total Space | 1001,92 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Drive Z: | 1851,41 Gb Total Space | 1001,92 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.02.06 18:54:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Downloads\OTL.exe
PRC - [2013.02.05 22:29:27 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.05 22:29:06 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.05 22:29:06 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.08.29 14:00:12 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.07.21 14:11:42 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.07.21 14:11:31 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.12.23 10:41:36 | 003,304,768 | ---- | M] (devolo AG) -- E:\devolo\dlan\devolonetsvc.exe
PRC - [2010.10.05 14:28:12 | 001,060,352 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010.03.10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.03.30 15:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
========== Modules (No Company Name) ==========
MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.02.27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013.02.06 12:55:32 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.05 22:29:27 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.05 22:29:06 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.08.25 15:33:36 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.21 14:11:42 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.07.21 14:11:31 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.29 12:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- E:\TU2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.07.13 13:45:08 | 000,012,800 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- C:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe -- (MCSWASVR)
SRV - [2010.12.23 10:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto | Running] -- E:\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010.12.10 16:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.10.05 14:28:12 | 001,060,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.10.05 14:27:44 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.10.05 14:25:34 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.02.05 22:29:38 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.05 22:29:38 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.05 22:29:38 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.06 12:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.04.25 11:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.08.29 23:54:28 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.05.13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.05.13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.26 15:40:24 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.08.04 16:54:07 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2010.07.09 12:19:02 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010.05.15 14:55:14 | 000,318,152 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs3.sys -- (cbfs3)
DRV:64bit: - [2010.05.06 10:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2005.03.29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012.05.08 14:21:42 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- E:\TU2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV - [2010.06.10 11:32:14 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A 41 1F AB 2D DF CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8FD9288C-1710-455D-8B3A-BD4F77C8015F}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{9C46914A-9243-4EA2-B369-0086C19FB951}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:6765
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: %7BE4091D66-127C-11DB-903A-DE80D2EFDFE8%7D:1.6.5.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: E:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: E:\MEdia Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: E:\Firefox\components [2013.02.06 12:55:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: E:\Firefox\plugins [2012.05.16 12:51:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: E:\Thunderbird\components [2012.11.06 10:59:50 | 000,000,000 | ---D | M]
[2012.12.11 16:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2012.12.11 16:55:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com
[2013.02.06 18:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\l9a3tk22.default\extensions
[2012.10.16 17:49:22 | 000,000,000 | ---D | M] ("ImageHost Grabber") -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\l9a3tk22.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
[2013.02.01 00:26:11 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\l9a3tk22.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O1 HOSTS File: ([2011.10.13 16:34:47 | 000,000,795 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KeePass 2 PreLoad] E:\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Mit Mipony herunterladen - file://E:\MiPony\Browser\IEContext.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Mit Mipony herunterladen - file://E:\MiPony\Browser\IEContext.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C056057-74C7-463B-AF92-D9F62DCE7CD6}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O27:64bit: - HKLM IFEO\crysis.exe: Debugger - E:\TU2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\crysis2.exe: Debugger - E:\TU2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\crysis.exe: Debugger - E:\TU2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\crysis2.exe: Debugger - E:\TU2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.02 02:11:35 | 000,000,000 | RH-D | M] - N:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.17 03:56:50 | 000,000,036 | RH-- | M] () - N:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{343edf80-5f0b-11e1-85ad-485b39caa770}\Shell - "" = AutoRun
O33 - MountPoints2\{343edf80-5f0b-11e1-85ad-485b39caa770}\Shell\AutoRun\command - "" = H:\CMADownloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013.02.06 18:34:14 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013.02.05 22:48:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2013.02.05 22:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.05 22:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.05 22:48:27 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.05 22:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.05 22:48:20 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Programs
[2013.02.05 22:36:43 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira
[2013.02.05 22:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.02.05 22:34:54 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.02.05 22:34:54 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.02.05 22:34:54 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.02.05 22:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.01.25 18:07:17 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\SimCity
[2013.01.25 18:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ Closed Beta
[2013.01.25 18:05:27 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013.01.22 21:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nike+ Connect
[2013.01.21 20:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Nike
[2013.01.21 20:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nike
[2013.01.19 18:31:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\roomeon
[2013.01.19 18:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.01.19 18:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.01.19 18:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.01.19 18:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2010.11.26 15:40:24 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Philipp\AppData\Roaming\pcouffin.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.06 18:21:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.06 18:14:13 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 18:14:13 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 18:06:42 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.06 18:06:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.06 13:21:03 | 000,001,205 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2013.02.05 22:48:28 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.05 22:35:07 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.02.05 22:29:38 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.02.05 22:29:38 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.02.05 22:29:38 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.01.31 23:28:19 | 001,785,024 | ---- | M] () -- C:\Users\Philipp\Documents\IMG_2662.JPG
[2013.01.31 23:28:06 | 001,560,879 | ---- | M] () -- C:\Users\Philipp\Documents\IMG_2661.JPG
[2013.01.31 23:27:26 | 001,797,314 | ---- | M] () -- C:\Users\Philipp\Documents\IMG_2660.JPG
[2013.01.30 20:29:29 | 000,071,313 | ---- | M] () -- C:\Users\Philipp\Documents\Detailansicht - Fddb.pdf
[2013.01.30 20:27:19 | 000,097,221 | ---- | M] () -- C:\Users\Philipp\Documents\Ernährungstagebuch - Fddb.pdf
[2013.01.25 18:05:28 | 000,001,362 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™ Closed Beta.lnk
[2013.01.23 21:17:30 | 002,951,647 | -H-- | M] () -- C:\Users\Philipp\Documents\PP11Thumbs.ptn
[2013.01.23 21:17:30 | 000,001,523 | -H-- | M] () -- C:\Users\Philipp\Documents\PP11Thumbs.ptn2
[2013.01.23 21:17:29 | 000,002,641 | -H-- | M] () -- C:\Users\Philipp\Documents\maxdesk.ini2
[2013.01.23 21:10:09 | 000,379,490 | ---- | M] () -- C:\Users\Philipp\Documents\Front.pdf
[2013.01.23 21:08:57 | 000,401,138 | ---- | M] () -- C:\Users\Philipp\Documents\Von Oben.pdf
[2013.01.19 18:28:15 | 000,195,033 | ---- | M] () -- C:\Users\Philipp\Desktop\D 6-8 II.OG Links Grundriss.pdf
[2013.01.17 16:57:27 | 000,885,188 | ---- | M] () -- C:\Users\Philipp\Documents\Apologies Example 2.pdf
[2013.01.17 16:55:15 | 000,811,906 | ---- | M] () -- C:\Users\Philipp\Documents\Apologie Example.pdf
[2013.01.15 22:00:28 | 003,291,487 | ---- | M] () -- C:\Users\Philipp\Documents\Ausweise.pdf
[2013.01.15 21:57:33 | 000,403,778 | ---- | M] () -- C:\Users\Philipp\Documents\Bafög 3von3.pdf
[2013.01.15 21:56:52 | 000,261,902 | ---- | M] () -- C:\Users\Philipp\Documents\Bafög 2von3.pdf
[2013.01.15 21:56:28 | 000,530,984 | ---- | M] () -- C:\Users\Philipp\Documents\Bafög 1von3.pdf
[2013.01.15 21:55:06 | 002,640,769 | ---- | M] () -- C:\Users\Philipp\Documents\Mieterselbstauskunft.pdf
[2013.01.15 20:04:34 | 004,339,662 | ---- | M] () -- C:\Users\Philipp\Documents\Vodafone 3.pdf
[2013.01.15 20:03:30 | 002,144,201 | ---- | M] () -- C:\Users\Philipp\Documents\Vodafone 2.pdf
[2013.01.15 20:01:29 | 002,497,212 | ---- | M] () -- C:\Users\Philipp\Documents\Vodafone 1.pdf
[2013.01.13 16:31:20 | 000,739,357 | ---- | M] () -- C:\Users\Philipp\Documents\Hirschamnn.pdf
[2013.01.10 22:58:04 | 001,629,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.10 22:58:04 | 000,700,858 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.10 22:58:04 | 000,662,740 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 22:58:04 | 000,147,544 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.10 22:58:04 | 000,123,934 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.10 09:33:47 | 005,010,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.05 22:48:28 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.05 22:35:07 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.02.01 00:24:47 | 001,797,314 | ---- | C] () -- C:\Users\Philipp\Documents\IMG_2660.JPG
[2013.02.01 00:24:47 | 001,785,024 | ---- | C] () -- C:\Users\Philipp\Documents\IMG_2662.JPG
[2013.02.01 00:24:47 | 001,560,879 | ---- | C] () -- C:\Users\Philipp\Documents\IMG_2661.JPG
[2013.01.30 20:29:29 | 000,071,313 | ---- | C] () -- C:\Users\Philipp\Documents\Detailansicht - Fddb.pdf
[2013.01.30 20:27:18 | 000,097,221 | ---- | C] () -- C:\Users\Philipp\Documents\Ernährungstagebuch - Fddb.pdf
[2013.01.25 18:05:28 | 000,001,362 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™ Closed Beta.lnk
[2013.01.23 21:09:21 | 000,379,490 | ---- | C] () -- C:\Users\Philipp\Documents\Front.pdf
[2013.01.23 21:08:07 | 000,401,138 | ---- | C] () -- C:\Users\Philipp\Documents\Von Oben.pdf
[2013.01.19 18:28:14 | 000,195,033 | ---- | C] () -- C:\Users\Philipp\Desktop\D 6-8 II.OG Links Grundriss.pdf
[2013.01.17 16:57:26 | 000,885,188 | ---- | C] () -- C:\Users\Philipp\Documents\Apologies Example 2.pdf
[2013.01.17 16:55:15 | 000,811,906 | ---- | C] () -- C:\Users\Philipp\Documents\Apologie Example.pdf
[2013.01.15 22:00:25 | 003,291,487 | ---- | C] () -- C:\Users\Philipp\Documents\Ausweise.pdf
[2013.01.15 21:57:33 | 000,403,778 | ---- | C] () -- C:\Users\Philipp\Documents\Bafög 3von3.pdf
[2013.01.15 21:56:51 | 000,261,902 | ---- | C] () -- C:\Users\Philipp\Documents\Bafög 2von3.pdf
[2013.01.15 21:56:28 | 000,530,984 | ---- | C] () -- C:\Users\Philipp\Documents\Bafög 1von3.pdf
[2013.01.15 21:54:58 | 002,640,769 | ---- | C] () -- C:\Users\Philipp\Documents\Mieterselbstauskunft.pdf
[2013.01.15 20:04:32 | 004,339,662 | ---- | C] () -- C:\Users\Philipp\Documents\Vodafone 3.pdf
[2013.01.15 20:03:29 | 002,144,201 | ---- | C] () -- C:\Users\Philipp\Documents\Vodafone 2.pdf
[2013.01.15 20:01:27 | 002,497,212 | ---- | C] () -- C:\Users\Philipp\Documents\Vodafone 1.pdf
[2013.01.13 16:31:18 | 000,739,357 | ---- | C] () -- C:\Users\Philipp\Documents\Hirschamnn.pdf
[2012.10.08 15:40:55 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2012.07.21 14:11:33 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.21 14:11:31 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.07.21 14:11:31 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.06.08 09:45:51 | 000,000,600 | ---- | C] () -- C:\Users\Philipp\AppData\Local\PUTTY.RND
[2012.06.06 18:40:33 | 000,000,352 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Network Meter_Settings.ini
[2012.05.09 13:03:01 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.03.21 13:06:54 | 000,003,584 | ---- | C] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.20 17:06:57 | 000,000,861 | ---- | C] () -- C:\Users\Philipp\.recently-used.xbel
[2011.12.03 13:26:25 | 000,000,032 | ---- | C] () -- C:\Users\Philipp\.simfy
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.10 23:53:59 | 000,000,021 | ---- | C] () -- C:\Users\Philipp\AppData\Local\mc.pixel.data
[2011.08.18 11:38:43 | 000,000,053 | ---- | C] () -- C:\Windows\DVDFab.INI
[2011.08.18 10:59:09 | 000,000,372 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.04.06 18:20:34 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.26 15:40:24 | 000,099,384 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\inst.exe
[2010.11.26 15:40:24 | 000,007,859 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\pcouffin.cat
[2010.11.26 15:40:24 | 000,001,167 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\pcouffin.inf
[2010.08.17 21:52:37 | 000,007,598 | ---- | C] () -- C:\Users\Philipp\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.04.15 20:10:57 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Amazon
[2010.11.06 14:02:40 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\AnvSoft
[2011.07.29 18:45:02 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Ashampoo
[2011.05.11 10:55:06 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\avidemux
[2010.12.17 22:00:00 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\calibre
[2012.09.04 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.05.14 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Day 1 Studios
[2012.07.31 18:09:52 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DiskAid
[2013.02.05 23:51:49 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Dropbox
[2012.06.08 14:03:53 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDFab
[2012.10.10 16:42:21 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDVideoSoft
[2012.07.21 11:50:29 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.11.13 14:41:12 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\e-academy Inc
[2012.11.28 18:42:27 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Electronic Arts
[2012.12.11 16:55:46 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Flickr
[2012.11.15 19:12:45 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\FreeFileSync
[2012.01.15 16:08:15 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Garmin
[2012.10.19 00:29:09 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\GetRightToGo
[2012.03.07 17:42:07 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\GHISLER
[2011.12.20 17:06:57 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\gtk-2.0
[2012.03.08 15:17:12 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\HandBrake
[2013.02.05 22:51:12 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\KeePass
[2011.03.18 15:57:09 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\MAGIX
[2011.05.11 14:48:55 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\MioNetApplet
[2010.08.09 16:19:06 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Miranda
[2010.11.15 16:23:17 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Mp3tag
[2012.07.02 01:27:38 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\NeoDownloader
[2011.05.19 15:36:33 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Neoretix
[2010.08.04 20:26:35 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\OpenOffice.org
[2012.12.14 21:37:51 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Origin
[2011.05.10 15:06:38 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PMS
[2012.05.09 13:27:35 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Red Alert 3
[2010.11.04 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\ScanSoft
[2011.09.21 12:57:28 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Simfy
[2011.02.10 16:49:14 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Sony
[2013.02.05 14:46:10 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Spotify
[2012.09.04 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.09.05 15:24:39 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Thunderbird
[2012.07.19 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TuneUp Software
[2012.10.19 00:06:59 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Ubisoft
[2011.07.11 18:07:43 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Ulead Systems
[2010.11.26 15:57:59 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Vso
[2011.09.11 01:24:07 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\WDC
[2011.07.20 15:05:52 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Xilisoft
[2011.07.20 16:45:48 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\XMedia Recode
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.04.04 17:05:33 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.03.06 14:37:40 | 000,000,000 | ---D | M] -- C:\AMD
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.08.04 16:49:30 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.02 10:55:47 | 000,000,000 | ---D | M] -- C:\Downloads
[2012.01.15 16:05:30 | 000,000,000 | ---D | M] -- C:\Garmin
[2011.09.19 16:26:45 | 000,000,000 | -H-D | M] -- C:\jexepackres
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.12.12 10:51:43 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.06 08:41:00 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.02.05 22:48:28 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.08.04 16:49:30 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.08.04 16:49:30 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.02.06 18:58:20 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.18 11:00:27 | 000,000,000 | ---D | M] -- C:\Temp
[2011.04.08 16:41:25 | 000,000,000 | R--D | M] -- C:\Users
[2012.05.08 10:56:51 | 000,000,000 | ---D | M] -- C:\Westwood
[2013.02.06 18:34:14 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.01.20 17:22:13 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.20 17:22:14 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2011.12.20 17:06:57 | 000,000,861 | ---- | M] () -- C:\Users\Philipp\.recently-used.xbel
[2011.12.03 13:26:25 | 000,000,032 | ---- | M] () -- C:\Users\Philipp\.simfy
[2013.02.06 19:06:22 | 004,718,592 | ---- | M] () -- C:\Users\Philipp\NTUSER.DAT
[2013.02.06 19:06:22 | 000,262,144 | -HS- | M] () -- C:\Users\Philipp\ntuser.dat.LOG1
[2010.08.04 16:49:38 | 000,000,000 | -HS- | M] () -- C:\Users\Philipp\ntuser.dat.LOG2
[2011.11.12 15:32:04 | 000,000,000 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT_tureg_new.LOG1
[2011.11.12 15:32:04 | 000,000,000 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT_tureg_new.LOG2
[2011.11.12 15:29:39 | 003,670,016 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT_tureg_old
[2010.08.04 16:58:09 | 000,065,536 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.04 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.04 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.01.08 21:10:25 | 000,065,536 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{dd7c8962-0d3a-11e1-9330-806e6f6e6963}.TM.blf
[2013.01.08 21:10:25 | 000,524,288 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{dd7c8962-0d3a-11e1-9330-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2011.11.12 17:32:03 | 000,524,288 | -HS- | M] () -- C:\Users\Philipp\NTUSER.DAT{dd7c8962-0d3a-11e1-9330-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010.08.04 16:49:38 | 000,000,020 | -HS- | M] () -- C:\Users\Philipp\ntuser.ini
[2010.11.04 16:26:28 | 000,000,000 | ---- | M] () -- C:\Users\Philipp\Sti_Trace.log
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< End of report > Code:
OTL Extras logfile created on: 06.02.2013 18:57:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Philipp\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 71,73% Memory free
15,99 Gb Paging File | 14,01 Gb Available in Paging File | 87,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102,54 Gb Total Space | 39,24 Gb Free Space | 38,26% Space Free | Partition Type: NTFS
Drive D: | 600,59 Gb Total Space | 397,31 Gb Free Space | 66,15% Space Free | Partition Type: NTFS
Drive E: | 228,29 Gb Total Space | 202,07 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1463,33 Gb Free Space | 78,55% Space Free | Partition Type: NTFS
Drive N: | 1397,26 Gb Total Space | 718,35 Gb Free Space | 51,41% Space Free | Partition Type: NTFS
Drive Y: | 1851,41 Gb Total Space | 1001,92 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Drive Z: | 1851,41 Gb Total Space | 1001,92 Gb Free Space | 54,12% Space Free | Partition Type: NTFS
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "E:\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "E:\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "E:\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "E:\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002CD28C-43CD-41C2-AC54-8FD00616560F}" = rport=445 | protocol=6 | dir=out | app=system |
"{005A7D2A-33B2-42B5-81E3-8EABD2246C93}" = lport=19376 | protocol=6 | dir=in | app=e:\devolo\dlan\devolonetsvc.exe |
"{019431D0-B83F-4350-B29D-7FD2E1D300B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03A0A7DE-00E4-4344-95E3-0419F8E0A67A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3515D9E8-AC8F-4C36-A627-461FA83B0546}" = lport=138 | protocol=17 | dir=in | app=system |
"{49963E26-F1EE-47A7-9FD7-B889186B23DC}" = rport=139 | protocol=6 | dir=out | app=system |
"{6CB90565-DE27-4145-AA3D-9796E0E44E15}" = rport=137 | protocol=17 | dir=out | app=system |
"{800A0227-DD2F-41D2-BFA4-82B3F8CF5C0B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{95C46DE1-1F3E-4771-8BAF-B6D2E1D7C5A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0E57F06-0177-4B0D-A47E-F310BC599EF5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CF42B5AF-90A5-454F-9D27-E3EC3E536FE3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DBF21710-3D95-4695-B363-5E65E56D4861}" = rport=138 | protocol=17 | dir=out | app=system |
"{E4B38869-85ED-440F-A231-C430E976FEEF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EB908E25-7EE6-40F4-B2F3-9E69332214D1}" = lport=137 | protocol=17 | dir=in | app=system |
"{EDD30D19-6981-4C9E-89A2-FD1C5E960AA2}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA335EA1-623F-4774-8EBB-F3C60857DC23}" = lport=19375 | protocol=17 | dir=in | app=e:\devolo\dlan\devolonetsvc.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022D7FC0-7388-4973-AEC4-12F2B3093552}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{02899F53-C6AD-4FA0-A7A1-0897872484B6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{041B91F3-191F-4532-8A44-E58750F08836}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{050A4E2C-6322-4C89-9D34-29D81E1CE02A}" = protocol=17 | dir=in | app=c:\users\philipp\appdata\roaming\spotify\spotify.exe |
"{077417DA-E5BE-4BBC-A3E0-BD2A29CE00A4}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{0DDD459E-0088-4B56-AA4F-11001E113E32}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15897151-B111-4245-9AAC-1926B9902D02}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{176A5FF9-140B-42D9-9686-2B20B0133937}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |
"{1A5E173C-03A9-4DCD-94EB-2222BCB5EE48}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{1D2FDB0F-FCF5-4345-BBF1-9A1C83633CA4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D311DEC-E0AC-4B02-A99A-8A9AA3441D9B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{22A746E6-7C9D-4479-AD14-F93C7E88A25B}" = protocol=17 | dir=in | app=d:\anno 2070\initengine.exe |
"{26DF899D-A859-4909-BBD6-78F4D9085338}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{33A9BA51-0670-41E1-B957-431B90C7166B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{33EDA1ED-ECE4-45B8-8EB6-B479678E974C}" = protocol=6 | dir=in | app=c:\users\philipp\appdata\roaming\spotify\spotify.exe |
"{36DCC582-2DD6-4C1E-B28F-66B02C505187}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{38ED96E3-2EF5-4BBD-9302-BC61E611FDBD}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{3E8D04BB-5675-4773-A640-4AEE3BE7A893}" = protocol=17 | dir=in | app=e:\airvideoserver\airvideoserver.exe |
"{3F77D79E-B4F3-4BC1-B84A-3E2C8781F88E}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{435D668D-A8F6-4081-9673-E7C387CBD673}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{46A9F612-E09D-4B2C-BEE7-195AF6AC8442}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4C72C985-A418-4DC1-9109-06948F710FFF}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"{4E882BDE-12EB-4243-8913-CA73AD883F17}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{4EA4F713-ABE5-41CF-849B-04BA6612C457}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{507DBCD6-5BAC-4045-996A-26D1A18DCDC5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{50CE345B-85DD-445B-80F9-21A4CC694B5F}" = protocol=6 | dir=in | app=e:\airvideoserver\airvideoserver.exe |
"{51B55FFB-EB37-4551-88E0-90C7B641EFD7}" = protocol=17 | dir=in | app=d:\anno 2070\autopatcher.exe |
"{556AA3C0-45A6-4DA5-81F6-5C11C8882D5D}" = protocol=6 | dir=in | app=d:\anno 2070\anno5.exe |
"{5C9A5261-FD7E-4C48-A418-36E609A7EBAD}" = protocol=17 | dir=in | app=d:\starcraft ii eng\starcraft ii public test.exe |
"{5DCD7043-0271-4DED-8AB3-7D27AAEFABA1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5DE5004B-6870-4E55-BA24-BA25DE0CD03E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{5F3A45E0-D88D-4CC8-BBFA-111322B55905}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{6284DB80-17B6-4F81-B982-F705627F2CC9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{695440B5-E944-4C64-90DF-C827A7D9B90C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe |
"{697F8B93-3E8C-4275-927E-55E91E477325}" = protocol=17 | dir=in | app=d:\anno 2070\anno5.exe |
"{7586661B-4A62-4F4C-A640-4F93B2066EFB}" = protocol=6 | dir=in | app=d:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{75DAC385-15B8-4472-92E4-8767FC29C42D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7F52A43A-2E4C-435A-9139-6FEBAFC36F39}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8695D240-F226-4ED0-B0B7-8F9E78B8C5CE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{89045D55-A593-4212-8039-CF6521A09AFD}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{8A1F6353-77BD-401A-A092-8D3F5D32B3C5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D75C52D-187A-44CE-B1C2-2DFEDAC68DC5}" = protocol=17 | dir=in | app=d:\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{90ABFCCE-4058-4248-81AA-D47D43FFF714}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{91FD4686-EA17-4207-A1A1-6B46B254DC39}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{92184F24-7842-4B25-A21F-B3F479CFE490}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysisdedicatedserver.exe |
"{92D9F48C-071A-4615-AAD9-12F9CBB57307}" = protocol=6 | dir=in | app=d:\crysis\bin32\crysisdedicatedserver.exe |
"{9793614B-8C29-4B4E-9BA4-5EF30D8FD70A}" = protocol=6 | dir=in | app=d:\max payne 3\playmaxpayne3.exe |
"{991FCB4A-7439-4E11-9D45-DEB0C7A1BB95}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta\simcity\simcity.exe |
"{9ADADB22-3611-4238-B452-DA0EE669ADB4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9CC4CF8B-A88E-481A-AA60-55612A0A3746}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{9E12EABC-ACE8-44DA-BBFF-CE7A4E55C54B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{A1DFC1DB-E3BF-41AF-B3F8-E988314D6E3A}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"{A2A5673C-58D9-4CBA-A6FF-C8C97CD90DAC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\metro 2033\metro2033.exe |
"{A2B0EB59-6165-4E18-8152-9DFE81AC407E}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"{A3864292-A35B-451F-B493-30DC52C2DB0A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A46BE017-1D23-4DFD-A24C-7F87E7BBBCAC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{A626D73B-7D41-43B5-A61D-E780C62D8CA1}" = protocol=17 | dir=in | app=d:\starcraft ii eng\starcraft ii.exe |
"{A8BDAFF2-28AF-437A-9F4D-313974D02609}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{AAAB00DF-6DCD-4990-9F74-3E0DD09A3E63}" = protocol=17 | dir=in | app=c:\users\philipp\appdata\roaming\spotify\spotify.exe |
"{B217E9EA-EFCF-428B-B883-3C3BBF938F76}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5CBD722-24D4-4B15-931F-56918DEC7576}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"{B8632BE2-2462-43DA-B3B8-946909AEBCF3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{B945A59B-8F28-4650-89AD-7A4E8D9CD27A}" = protocol=17 | dir=in | app=d:\max payne 3\playmaxpayne3.exe |
"{B961AAD8-CE38-4672-A191-58DA251BDCE5}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{BC1EA6C4-411A-49D2-BC24-71EB4F387D2D}" = protocol=6 | dir=in | app=e:\airvideoserver\airvideoserver.exe |
"{BD19A9E4-A4BC-48A8-8854-3DD54C9853A1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BDBA1D2B-25EF-427B-B6A3-D52679115B09}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |
"{C18D4926-FC75-4B80-B81C-24888385E389}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{C557C145-7679-4CE9-8A32-F147F64F8C6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5E03C42-FFBA-4E53-B0CB-9DA1707F31ED}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{C6FC9381-F2F0-4CEB-91D2-41E3A69B5B3B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{CA668F39-CD04-4A02-84AA-4C1C63EE19FE}" = protocol=6 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{CFB55F9F-E539-4902-A6E0-C2B132FC5A15}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{D00A18A8-AD91-4C5A-BE05-875B1817345D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{D31DC27B-99C1-4096-80ED-9CAAD612D61A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D37FD7FE-1AA4-4DAE-9BDB-BFFABDBD16CC}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta\simcity\simcity.exe |
"{D5E47AA1-9D43-45E0-9E04-31395C32BEFF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{D83889F3-9D93-4F11-A226-C24ADB683E1C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{D9FF7E49-77EF-4162-9247-BF26AAC46750}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB6250DE-9D7E-4966-8686-204C4C88CFBA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{DE518DB7-2BB3-41D0-A394-C2F866299054}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dxhrml\dxhrml.exe |
"{DFE961AE-DCB2-4F92-886A-D7FBA8EED83D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DFF176A3-0DD5-43FA-828C-E6B3C90DD15B}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{E0CC740D-30B8-4064-80E9-C7FA2637F1D3}" = protocol=17 | dir=in | app=d:\crysis\bin64\crysis.exe |
"{E17CA016-8B03-4E5F-B143-4B35481C3BC4}" = dir=in | app=e:\itunes\itunes.exe |
"{E2689659-9EAE-480A-838A-75C71989F496}" = protocol=17 | dir=in | app=d:\crysis\bin32\crysis.exe |
"{E3B5B22C-2EBA-4D48-857A-B88EFEAEACE0}" = protocol=6 | dir=in | app=c:\users\philipp\appdata\roaming\spotify\spotify.exe |
"{E47800D5-7896-4969-9174-1A0D2C34B3B6}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{EA65312A-44CB-4D1D-B3A8-8AB1D9DDFF1D}" = protocol=6 | dir=in | app=d:\starcraft ii eng\starcraft ii public test.exe |
"{EB15937F-33AF-423F-9266-57AC09A8531E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{EB6E6A33-025D-430A-AD05-A570FCE50D6A}" = protocol=6 | dir=in | app=d:\anno 2070\initengine.exe |
"{F11567F4-96C6-4471-9009-770301611E0B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F2F84F90-191A-4978-9C06-4F9D191A53F3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F5461C15-5D67-4DBD-8259-AEAF20AFBF84}" = protocol=6 | dir=in | app=d:\starcraft ii eng\starcraft ii.exe |
"{F59BA688-0D47-4055-81D3-3CF921523887}" = protocol=6 | dir=in | app=d:\anno 2070\autopatcher.exe |
"{F896D1C4-969C-4E57-B58C-DAA7030EF8B2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F960F8D4-D882-498F-AC11-D5EB121E5213}" = protocol=6 | dir=out | app=e:\airvideoserver\airvideoserver.exe |
"{FD323847-4181-47BF-BF0B-E90F573572F6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dxhrml\dxhrml.exe |
"{FDADF9D5-F0BA-4E37-81FF-AEF326FD74AB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{FDE73F33-E076-4CAC-BB11-1BFA641F6D69}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"TCP Query User{081CE67D-9BB5-4C81-BFBD-87EF15F38FE6}D:\alarmstufe rot 3\data\ra3_1.12.game" = protocol=6 | dir=in | app=d:\alarmstufe rot 3\data\ra3_1.12.game |
"TCP Query User{24A614B7-AA7C-4691-8790-4E39A2A73252}D:\rf g\rfg.exe" = protocol=6 | dir=in | app=d:\rf g\rfg.exe |
"TCP Query User{3600B407-E8C5-4E58-B389-C24BEF7A5D23}D:\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=d:\max payne 3\maxpayne3.exe |
"TCP Query User{52EE12D5-01E5-403B-A2E3-94EB70941966}D:\crysis2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\crysis2\bin32\crysis2.exe |
"TCP Query User{579D531D-8E00-4DC0-B42F-DE7BA759C4D3}D:\steam\steamapps\philipps1984\half-life deathmatch source\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\philipps1984\half-life deathmatch source\hl2.exe |
"TCP Query User{6EF19F8D-29D1-48BE-8F97-28A7B3DE88E6}E:\firefox\plugin-container.exe" = protocol=6 | dir=in | app=e:\firefox\plugin-container.exe |
"TCP Query User{703CF015-53A4-4BC6-924B-762574A39E62}E:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=e:\starcraft\starcraft.exe |
"TCP Query User{75E30CFA-37C9-4918-965E-653C64289E17}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{BD93CF11-CBCE-49FA-BA13-64C178571100}D:\c+c alarmstufe rot 2\gamemd.exe" = protocol=6 | dir=in | app=d:\c+c alarmstufe rot 2\gamemd.exe |
"TCP Query User{E173A2C7-14EA-42B3-9D31-63ECCBC083C1}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{E724069A-BBC2-4C2D-9270-37DDD4D047D4}E:\qloud server\qloudserver.exe" = protocol=6 | dir=in | app=e:\qloud server\qloudserver.exe |
"UDP Query User{1E1538D4-B001-45E3-9273-429CDC024CD6}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{1FE11083-DD6C-42F0-895C-7598FF755829}D:\rf g\rfg.exe" = protocol=17 | dir=in | app=d:\rf g\rfg.exe |
"UDP Query User{21561369-904A-43FE-B9C2-BE9EC1826425}E:\firefox\plugin-container.exe" = protocol=17 | dir=in | app=e:\firefox\plugin-container.exe |
"UDP Query User{22F5AAD4-DA70-46E3-8F52-D7079E02C4EB}E:\qloud server\qloudserver.exe" = protocol=17 | dir=in | app=e:\qloud server\qloudserver.exe |
"UDP Query User{32EB4BBB-6A60-466C-9B93-2A5195892CF9}D:\crysis2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\crysis2\bin32\crysis2.exe |
"UDP Query User{3BE7FF4C-A0C5-4EAA-8A52-2A58E980F98A}D:\c+c alarmstufe rot 2\gamemd.exe" = protocol=17 | dir=in | app=d:\c+c alarmstufe rot 2\gamemd.exe |
"UDP Query User{7BD176BC-8D9F-4226-BF5A-3550E8417FA0}E:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=e:\starcraft\starcraft.exe |
"UDP Query User{91E2AE58-2691-448C-82B0-8E5F34A31C7E}D:\steam\steamapps\philipps1984\half-life deathmatch source\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\philipps1984\half-life deathmatch source\hl2.exe |
"UDP Query User{A719E8FC-9B0E-4EB2-85A8-D49B7720FDFC}D:\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=d:\max payne 3\maxpayne3.exe |
"UDP Query User{E44555CE-FE09-4F58-93AE-036FF569A36E}D:\alarmstufe rot 3\data\ra3_1.12.game" = protocol=17 | dir=in | app=d:\alarmstufe rot 3\data\ra3_1.12.game |
"UDP Query User{FB650373-A88F-4F29-9549-BAC4B8A7A219}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}" = AMD Catalyst Install Manager
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{477D05CA-C151-9CF5-22A1-9DF6DF543CD4}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82EE86D9-60B9-1025-9960-97E9B7C7B4B4}" = AMD Drag and Drop Transcoding
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B165B42D-0291-D45A-ACE2-D0144CB9FD3E}" = AMD Fuel
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C1ACBDBF-6F86-185A-E158-AB07893968FC}" = AMD Accelerated Video Transcoding
"{D61EB116-6878-9676-F28F-54F6B647023C}" = ccc-utility64
"{D759947B-8C5A-4480-B0DB-FC391F061C85}" = Adobe Photoshop Lightroom 4.3 64-bit
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA72BBFB-C42C-44C1-8555-75B629252DD6}" = WD SmartWare
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"Mediencenter Software" = Mediencenter Assistent
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{009B1E9D-38AB-8B9E-DB07-8318DAAE1941}" = CCC Help Greek
"{022BC727-ACB7-4C1D-109C-177515714A32}" = AMD VISION Engine Control Center
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{07E46A4A-F2BA-FE48-9464-E11250502C6A}" = CCC Help Swedish
"{07E5C16F-9194-E31B-BB6C-C3E8FBD79C30}" = CCC Help English
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F2CF890-D101-6CFA-8D99-0CFBF7EF4AD0}" = CCC Help Chinese Standard
"{10CFB5DF-985A-8320-B4D8-461CC1F83CBF}" = CCC Help Japanese
"{127F47F3-55C3-425A-98D3-BC485989AB39}" = My Movies Collection Management
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7EEBFF-1D5A-456B-9963-B561ACEAF9F7}_is1" = Qloud Server version 1.6.0.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22D071EF-A06A-6341-DFDA-FE448659A63C}" = CCC Help Portuguese
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Alarmstufe Rot 3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MYMOVIES)
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30909F74-4B46-2842-DECF-1C66F355338C}" = CCC Help Turkish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34EF7358-ABC7-8469-5FB6-C5C0146F099E}" = Media Go Video Playback Engine 1.84.107.07010
"{365E16A2-FE3B-EA13-4EE0-88D570F82497}" = CCC Help Korean
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3D8AB6C1-3932-F551-2AF0-ED0612AD4B26}" = CCC Help Dutch
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40AD5E62-A31A-C414-01BA-310100577C7E}" = CCC Help Chinese Traditional
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000058201}" = BulletStorm
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F9E0D27-5525-E8C8-43D0-BA15C1A22E03}" = CCC Help Czech
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54510837-BD04-4C32-9676-DB1000038201}" = Red Faction: Guerrilla
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E0D2061-86AB-4B83-A671-A0BF3FF1537B}_is1" = Vokabel Trainer 5
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{647E62F0-F1BC-E0C3-EDF5-67716EE75014}" = CCC Help Hungarian
"{667DB2C0-AF52-021A-7CF6-DA8DD27AC215}" = CCC Help Italian
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A35E37C-BAB1-80E8-8EDE-4B8220381563}" = simfy
"{6A4C6C0F-8791-B753-742E-06C40A6E023C}" = CCC Help Polish
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79C61902-F44E-4190-A2B9-9B467B0380CE}" = CCC Help French
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8D797CA6-C708-4541-B731-779CC9863A07}" = FEAR_Installer_Fix
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{91A3CEFE-A2C1-3E83-3789-F2BF8EC82106}" = CCC Help Thai
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96CAEB1D-7BFB-2A98-EBB2-414C894F694F}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A664A708-E454-4416-7D19-D0F10879522C}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BE841724-78F0-44D6-B6C4-C3D53708293B}" = Inhaltsmanager-Assistent für PlayStation(R)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB6284F3-308A-4c0b-B2CF-401F78AA8881}" = SimCity™ Closed Beta
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life(R) 2
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D6F46E2D-4FE2-5FAB-5C30-230E99563DEE}" = Catalyst Control Center InstallProxy
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D9DA23F5-CE0B-EE04-B498-7EC8AFC9F232}" = CCC Help Finnish
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF5182CB-192B-A6C8-9707-D7214557691C}" = CCC Help Norwegian
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E6757654-CE6A-0D0B-BBE6-F6247F05B7CD}" = Catalyst Control Center Localization All
"{E8759AD8-3A58-77F1-D16D-F3C8F9E98722}" = Catalyst Control Center Graphics Previews Common
"{EA5F34F3-3911-B4DB-63CA-1E44B2AB13A1}" = Adobe Download Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFFE151C-F863-4B1E-9E22-3C1369B4C690}" = phase6_17
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1C39CBE-4521-BEC8-5238-4A8B55FEB6B7}" = CCC Help Russian
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{FBFA39D2-C55A-56DC-7EBB-767FC31B04A3}" = CCC Help Spanish
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Air Video Server" = Air Video Server 2.4.3
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.15
"AudibleDownloadManager" = Audible Download Manager
"Avidemux 2.5" = Avidemux 2.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Diablo III" = Diablo III
"dlancockpit" = devolo dLAN Cockpit
"dm-Fotowelt" = dm-Fotowelt
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.3 (11/02/2012) Qt
"FastStone Photo Resizer" = FastStone Photo Resizer 3.0
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"FreeFileSync" = FreeFileSync 5.9
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"HandBrake" = HandBrake 0.9.6
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.20.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.46a
"Nike+ Connect" = Nike+ Connect
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"PokerStars.net" = PokerStars.net
"PS3 Media Server" = PS3 Media Server
"PunkBusterSvc" = PunkBuster Services
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"Rockstar Games Social Club" = Rockstar Games Social Club
"Simfy" = simfy
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"Steam App 108710" = Alan Wake
"Steam App 19900" = Far Cry 2
"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link
"Steam App 21100" = F.E.A.R. 3
"Steam App 22380" = Fallout: New Vegas
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 360" = Half-Life Deathmatch: Source
"Steam App 380" = Half-Life 2: Episode One
"Steam App 43110" = Metro 2033
"Steam App 50130" = Mafia II
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"Steam App 8190" = Just Cause 2
"Steam App 91310" = Dead Island
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood
"Yuri's Revenge" = Command && Conquer Alarmstufe Rot 2 - Yuris Rache
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.02.2012 12:07:20 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2012 13:07:39 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2012 14:10:19 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2012 15:05:05 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2012 16:12:47 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2012 17:01:46 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2012 17:14:28 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2012 18:01:42 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2012 19:14:32 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2012 20:03:54 | Computer Name = Philipp-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 04.02.2013 05:27:32 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 04.02.2013 13:29:08 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 04.02.2013 13:29:42 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2013 09:05:20 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2013 09:06:14 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2013 17:33:19 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2013 17:33:58 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2013 18:40:59 | Computer Name = Philipp-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 06.02.2013 03:33:54 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 06.02.2013 13:06:42 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report > |