Blackfox87 | 06.09.2012 15:17 | OTL.txtOTL Logfile: Code:
OTL logfile created on: 06.09.2012 16:02:55 - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Thomas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,91 Gb Total Physical Memory | 4,15 Gb Available Physical Memory | 70,13% Memory free
11,82 Gb Paging File | 9,96 Gb Available in Paging File | 84,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,18 Gb Total Space | 308,78 Gb Free Space | 69,52% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 118,57 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive G: | 7,28 Gb Total Space | 7,28 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
Computer Name: THOMAS-PC | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2012.09.06 15:44:33 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011.10.08 00:15:16 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.31 13:57:56 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2010.12.31 13:57:48 | 000,398,848 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2010.11.03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010.11.03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010.11.03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010.11.03 11:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2010.10.07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.10.07 09:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.08.17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.07.09 22:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.11 10:36:32 | 000,390,272 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe
PRC - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.18 14:16:25 | 000,088,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Shor#\02a0d29d7c1788bb2755c3bf352feb49\Vodafone.Model.Shortcut.ni.dll
MOD - [2012.06.18 14:16:24 | 000,851,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\e19f41ec06290e2e46f3fb6b70261f8b\Vodafone.View.Shared.ni.dll
MOD - [2012.06.18 14:16:24 | 000,026,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\72b35af757957af2e02b40de618faf46\Vodafone.View.ManagedToolTip.ni.dll
MOD - [2012.06.18 14:16:23 | 000,764,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\a84ec42f49f398962e56a71c54836418\Vodafone.ConnectionServices.ni.dll
MOD - [2012.06.18 14:16:23 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\c78281b480756d6240a788c0da76aa70\Vodafone.View.SecondaryWindows.ni.dll
MOD - [2012.06.18 14:16:22 | 000,390,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\79fae0cab083365a637eb69fd2393ce8\Vodafone.DeviceAccess.Internals.ni.dll
MOD - [2012.06.18 14:16:21 | 000,051,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\8c573bb8355402229befc531ab792c45\Vodafone.Contracts.Adapter.ni.dll
MOD - [2012.06.18 14:16:21 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\209b97d86efd4cff250541bac11ec6cf\Vodafone.DeviceAccess.Factory.ni.dll
MOD - [2012.06.18 14:16:20 | 001,304,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\bb16b29ed9205d8a67d57ce84d10aa5d\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll
MOD - [2012.06.18 14:16:19 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\68cee679a003250d6c843863cae50340\Infragistics2.Win.Misc.v9.2.ni.dll
MOD - [2012.06.18 14:16:17 | 011,053,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\9ad7438a14f374b583f9c0d1a2633900\Infragistics2.Win.v9.2.ni.dll
MOD - [2012.06.18 14:16:10 | 000,871,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\3207de57d414251fc3289c60bca0d046\Infragistics2.Shared.v9.2.ni.dll
MOD - [2012.06.18 14:16:09 | 007,137,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\776093657d4b430257f8e4ccc382dc44\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll
MOD - [2012.06.18 14:16:04 | 000,125,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\3cfdf6580262e4aa7167124d3749a07b\Vodafone.Contracts.Model.ni.dll
MOD - [2012.06.18 14:16:04 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\8a2bd69e8b4e88e55de5c609f0530562\Vodafone.Contracts.View.ni.dll
MOD - [2012.06.18 14:16:03 | 000,093,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\097908260ec87c24d142d7d50fbec842\Vodafone.Contracts.Common.ni.dll
MOD - [2012.06.18 14:16:03 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\03e265b26572d4762d391d260f672475\Vodafone.Contracts.Presenter.ni.dll
MOD - [2012.06.18 14:16:02 | 000,330,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\8959e87cfae088e90a22d5ddd003bc36\Vodafone.CommonDialogs.ni.dll
MOD - [2012.06.18 14:16:01 | 000,948,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\13e0b6bc0da4f4e28cda9f53b5463170\Vodafone.ApplicationHost.Impl.ni.dll
MOD - [2012.06.18 14:16:00 | 000,667,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\c4821cb5c6531a0da8e64f071b7d14f8\Vodafone.Data.ni.dll
MOD - [2012.06.18 14:16:00 | 000,325,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\5f14774910f4115b8598638e1917952f\Vodafone.DataAccessor.ni.dll
MOD - [2012.06.18 14:16:00 | 000,141,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\fd065d1ce54e5f823d0417d72d0e711c\Vodafone.Base.Contracts.ni.dll
MOD - [2012.06.18 14:15:59 | 001,243,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\42d579c0d67f732f85164b1e63f07618\Vodafone.Platform.ni.dll
MOD - [2012.06.18 14:15:58 | 000,272,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\abd3cf31b9c380722550eeefeee330c4\MobileBroadband.ni.exe
MOD - [2012.06.15 09:55:54 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:55:31 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.15 09:34:32 | 002,104,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\c29430ab5e23e8bde41b3af242fe9f48\Spring.Core.ni.dll
MOD - [2012.06.15 09:34:09 | 000,080,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\3c3aadfadf77456b14462b549c087fd4\Vodafone.SmsProfileManager.ni.dll
MOD - [2012.06.15 09:34:08 | 001,809,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\cf58fe1fb5619875d1f6629ffbfc4d81\MobileBroadbandResources.ni.dll
MOD - [2012.06.15 08:30:53 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.06.15 08:30:25 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.15 08:30:05 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.05.13 15:15:03 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.13 15:14:12 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\efcb2f439e7891c336b4afff7cfb3efb\Vodafone.Model.Connection.ni.dll
MOD - [2012.05.13 15:14:10 | 000,754,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\bb38385e15ea1dd40a647eed02e428fa\Vodafone.BusinessLogic.ni.dll
MOD - [2012.05.13 15:14:09 | 000,119,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\d0d859ba1c00cd3e33f48ce162580c39\Interop.Shell32.ni.dll
MOD - [2012.05.13 15:14:09 | 000,108,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\666c929d428df3524e2223cfa2a8eb3b\Vodafone.LanWlanManager.ni.dll
MOD - [2012.05.13 15:14:09 | 000,071,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\36e2a37bc1f6e316d0d2a5c1619d9755\Vodafone.Vpn.ni.dll
MOD - [2012.05.13 15:14:09 | 000,022,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\8efe8949e51a0e00f188ad05e4fa503b\Vodafone.Core.Interfaces.ni.dll
MOD - [2012.05.13 15:14:09 | 000,022,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\2163701fe3a2841fef06f5907e787da9\Vodafone.Core.CoreInstanceProvider.ni.dll
MOD - [2012.05.13 15:14:08 | 000,731,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.WwanWrapper\8ef1aa8b8b9211fc3b0d0abfea8f844e\Vodafone.WwanWrapper.ni.dll
MOD - [2012.05.13 15:14:08 | 000,055,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.TrafficOpt#\6d4577da351f99fab6a6ecba86400e3a\Vodafone.TrafficOptimiser.ni.dll
MOD - [2012.05.13 15:14:07 | 000,411,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MbbManagem#\a095cb87e1ee7d216c9048f9e2634345\Vodafone.MbbManagement.ni.dll
MOD - [2012.05.13 15:14:07 | 000,081,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.MbnApi\637bbe09ea088a28f4efa2a7f4e6745c\Interop.MbnApi.ni.dll
MOD - [2012.05.13 15:14:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\8fe65642d17807c9120ac96061c9afdb\Vodafone.DeviceAccess.Interfaces.ni.dll
MOD - [2012.05.13 15:14:06 | 000,087,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\2b59776cfa9f830095f0137f0b5e7ac1\Vodafone.Core.Remoting.ni.dll
MOD - [2012.05.13 15:14:05 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\5944447482ae7e556f1e24825f3669af\Common.Logging.ni.dll
MOD - [2012.05.13 15:14:03 | 000,042,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\9b5060a34ba9ddeb5eefa18882b4ba8f\Vodafone.InstanceProvider.Impl.ni.dll
MOD - [2012.05.13 15:13:46 | 000,218,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\eb810acc4ca9d8ed57cb6bcf4eb55fd6\Interop.FNCClient11Lib.ni.dll
MOD - [2012.05.13 15:13:46 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\d4f91f168c12e6b78f9e0ec55a1a1733\Vodafone.Core.Contracts.ni.dll
MOD - [2012.05.13 15:13:46 | 000,035,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\502ba8512f1146d224f9192ba6e1bde2\Vodafone.UpdateManager.ni.dll
MOD - [2012.05.13 15:13:46 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\f5705b8882023ef6a28a65b7aa7b147b\Vodafone.DeviceAccess.Contracts.ni.dll
MOD - [2012.05.13 15:13:45 | 000,154,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Connection#\426e7eb09f7b5c7d2150f485546f4c42\Vodafone.ConnectionManagement.ni.dll
MOD - [2012.05.13 15:13:45 | 000,089,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\a79447c0feafa801faddc92321dd52a1\Vodafone.Base.Internals.ni.dll
MOD - [2012.05.13 15:13:45 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\27f531e2b4643aa7cfbf2cce051f6964\Vodafone.Base.Factory.ni.dll
MOD - [2012.05.13 15:13:44 | 000,350,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\ef03f7951c4c6f5694ca7a91154727fe\Vodafone.ReportingManager.ni.dll
MOD - [2012.05.13 15:13:42 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\ba8f9d1e7ab7b1301da5ebd93e112541\Vodafone.SmsContactManager.ni.dll
MOD - [2012.05.13 15:13:42 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\03352d10e68c40d7cf7bf913fb43ea46\Vodafone.OutlookConnector.ni.dll
MOD - [2012.05.13 15:13:40 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\c0611b75430737d5d07595d14f6c0558\Vodafone.SettingsManager.ni.dll
MOD - [2012.05.13 15:13:39 | 000,321,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\d65012eb3d957aeb06493dec3c77c15d\Vodafone.Base.Win32.ni.dll
MOD - [2012.05.13 15:13:39 | 000,074,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.NtServiceM#\a571974d811989ff6738d56641323c84\Vodafone.NtServiceMessaging.ni.dll
MOD - [2012.05.13 15:13:38 | 000,181,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\7b04425b23ae40025768b9b82c5de44f\Vodafone.Common.ni.dll
MOD - [2012.05.13 15:13:38 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\ca16e503d7f3d77fdb565e0cb8b9da87\Vodafone.MobileBroadband.CallbackHandler.ni.dll
MOD - [2012.05.13 15:13:36 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012.05.13 15:13:33 | 000,095,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\a085214d19b6ea6773862b0f2a37541c\Vodafone.LogEngine.ni.dll
MOD - [2012.05.11 21:18:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 21:18:30 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.05.11 21:18:30 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012.05.11 21:18:02 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012.05.11 21:17:53 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.11 21:17:50 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012.05.11 21:17:47 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 21:17:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 21:17:42 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 21:17:30 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.24 16:35:52 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.12.31 13:57:40 | 000,311,808 | ---- | M] () -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
MOD - [2010.11.21 05:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.23 22:13:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:59:00 | 004,687,672 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.03.19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.10.08 00:15:16 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.31 13:57:56 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010.11.03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010.11.03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010.11.03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.11.02 13:49:46 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010.11.02 13:39:08 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.11.02 13:34:14 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010.04.16 16:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.15 12:48:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.11.24 19:02:53 | 000,117,888 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV:64bit: - [2011.11.24 18:44:17 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
DRV:64bit: - [2011.11.24 18:44:17 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
DRV:64bit: - [2011.07.23 03:26:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.04.08 15:46:08 | 000,177,152 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2011.04.08 15:46:08 | 000,056,320 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.31 12:48:22 | 000,419,840 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.12.30 13:19:44 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.12.30 13:19:38 | 000,219,008 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.12.30 13:19:32 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.09 03:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 00:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.14 10:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.09.08 19:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.09.01 15:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV:64bit: - [2010.08.24 17:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.05.03 11:46:04 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010.04.16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.25 14:34:54 | 000,151,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029unic.sys -- (s1029unic)
DRV:64bit: - [2009.05.25 14:34:54 | 000,139,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV:64bit: - [2009.05.25 14:34:54 | 000,135,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029obex.sys -- (s1029obex)
DRV:64bit: - [2009.05.25 14:34:52 | 000,158,760 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mdm.sys -- (s1029mdm)
DRV:64bit: - [2009.05.25 14:34:52 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029nd5.sys -- (s1029nd5)
DRV:64bit: - [2009.05.25 14:34:50 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV:64bit: - [2009.05.25 14:34:48 | 000,116,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1029bus.sys -- (s1029bus)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.07.26 13:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 68 18 33 34 7B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2011.11.24 18:43:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.23 22:13:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.07.29 18:50:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions
[2012.05.02 14:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\29i82u8q.default\extensions
[2011.07.30 02:35:40 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\29i82u8q.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.01 01:50:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\29i82u8q.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.03.24 20:32:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.13 22:42:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.23 22:13:51 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.23 22:13:43 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.23 22:13:43 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.23 22:13:43 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.23 22:13:43 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.23 22:13:43 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.23 22:13:43 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S4C62.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk = File not found
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{321766D0-7A88-481E-A8E3-6AD4BA3FA3DE}: DhcpNameServer = 78.42.43.62 82.212.62.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8488E049-110E-49C8-A299-A84DA29DBDB4}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{961F4A02-0AAF-46DD-B6D7-4C73742B8C09}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C38C5BD9-084C-452C-AFEE-AF05974283BD}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C857A791-BF3A-481E-A0CE-E226270C4F5A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Thomas\AppData\Roaming\1.exe) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: AlternateShell - C:\Users\Thomas\AppData\Roaming\1.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3ca68023-b6d6-11e0-8815-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{3ca68023-b6d6-11e0-8815-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3ca682c2-b6d6-11e0-8815-001e101f2c0e}\Shell - "" = AutoRun
O33 - MountPoints2\{3ca682c2-b6d6-11e0-8815-001e101f2c0e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{47df520c-b4cd-11e0-b6cb-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{47df520c-b4cd-11e0-b6cb-bcaec5d58f8e}\Shell\AutoRun\command - "" = F:\OblivionLauncher.exe
O33 - MountPoints2\{56d0b074-16cf-11e1-a462-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{56d0b074-16cf-11e1-a462-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9c37b276-16bc-11e1-a4e3-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{9c37b276-16bc-11e1-a4e3-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9c37b288-16bc-11e1-a4e3-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{9c37b288-16bc-11e1-a4e3-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{a3746176-c5aa-11e0-9b2e-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{a3746176-c5aa-11e0-9b2e-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{d3573299-16bb-11e1-a389-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{d3573299-16bb-11e1-a389-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e153e3a2-ba11-11e0-86e5-bcaec5d58f8e}\Shell - "" = AutoRun
O33 - MountPoints2\{e153e3a2-ba11-11e0-86e5-bcaec5d58f8e}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpFolder: C:^Users^Thomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - - File not found
MsConfig:64bit - StartUpReg: 4StoryPrePatch - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.09.06 15:44:32 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
[2012.09.05 22:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 22:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.09.05 09:37:05 | 000,000,000 | ---D | C] -- C:\FRST
[2012.08.23 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\iPhone Wallpaper
[2012.08.21 13:36:10 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\DIE WELT roh
[2012.08.15 13:25:37 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Karte alt
[2012.08.09 19:34:30 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\MCEdit
[2012.08.08 19:58:01 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\dvdcss
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.06 15:49:14 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.06 15:49:14 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.06 15:44:33 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe
[2012.09.06 15:41:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.06 15:40:56 | 466,653,183 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.05 22:33:20 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.05 21:08:02 | 001,533,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.05 21:08:02 | 000,671,140 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.05 21:08:02 | 000,622,652 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.05 21:08:02 | 000,135,824 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.05 21:08:02 | 000,111,740 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.03 19:37:53 | 000,000,705 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012.09.03 18:42:01 | 000,002,497 | ---- | M] () -- C:\Users\Thomas\Documents\mcedit.ini
[2012.08.19 21:10:58 | 000,405,152 | ---- | M] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.08.17 16:56:22 | 000,299,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 21:32:04 | 000,012,345 | ---- | M] () -- C:\Users\Thomas\Desktop\Müller.odt
[2012.08.15 21:16:14 | 000,003,357 | ---- | M] () -- C:\Users\Thomas\.recently-used.xbel
[2012.08.15 18:28:57 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.03 19:37:53 | 000,000,705 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2012.08.15 21:32:02 | 000,012,345 | ---- | C] () -- C:\Users\Thomas\Desktop\Müller.odt
[2012.08.15 21:16:14 | 000,003,357 | ---- | C] () -- C:\Users\Thomas\.recently-used.xbel
[2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.02.14 19:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.14 19:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.01.27 15:11:27 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.11.07 20:20:27 | 000,007,597 | ---- | C] () -- C:\Users\Thomas\AppData\Local\Resmon.ResmonCfg
[2011.10.08 00:15:17 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.08 00:15:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.19 18:48:17 | 000,000,279 | ---- | C] () -- C:\Windows\game.ini
[2011.07.29 18:50:07 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.07.24 14:50:53 | 001,556,172 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.23 01:34:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.03.26 01:16:12 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2010.12.31 13:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
========== LOP Check ==========
[2012.08.20 19:53:16 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\.minecraft
[2011.07.24 15:36:04 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DAEMON Tools Lite
[2012.09.06 15:43:50 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Dropbox
[2012.08.21 19:43:09 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
[2012.08.21 17:29:37 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.19 19:17:57 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\FOG Downloader
[2012.08.15 21:16:14 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\gtk-2.0
[2012.07.01 00:58:18 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\IrfanView
[2011.07.24 16:36:09 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\OpenOffice.org
[2011.07.23 00:59:44 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Opera
[2011.11.14 20:50:02 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Origin
[2011.11.28 19:55:19 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\pymclevel
[2011.08.28 15:12:27 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Samsung
[2011.08.15 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Sony
[2011.08.15 21:24:46 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Sony Setup
[2011.09.26 22:16:04 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Tropico 3
[2011.08.27 23:39:50 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\TS3Client
[2011.07.24 16:30:37 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Vodafone
[2011.07.26 21:15:14 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Vodafone Mobile Broadband
[2012.02.06 17:32:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.07.23 00:30:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.08.21 15:49:58 | 000,000,000 | ---D | M] -- C:\Avir
[2012.09.05 22:33:22 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.07.23 00:30:08 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.09.05 09:37:10 | 000,000,000 | ---D | M] -- C:\FRST
[2011.07.23 00:48:18 | 000,000,000 | ---D | M] -- C:\Intel
[2011.07.23 00:32:47 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.08.03 14:37:04 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.08.03 14:37:03 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.08.04 17:39:28 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.07.23 00:30:08 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.07.23 00:30:09 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.09.06 16:04:47 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.28 15:55:28 | 000,000,000 | ---D | M] -- C:\Temp
[2012.02.26 14:00:33 | 000,000,000 | R--D | M] -- C:\Users
[2012.09.03 19:42:44 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %windir%\installer\*. /5 >
[2012.09.05 22:33:20 | 000,000,000 | ---D | M] -- C:\Windows\installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
< %localappdata%\*. /5 >
[2012.09.06 16:00:44 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Local\Temp
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: USER32.DLL >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< End of report > --- --- --- Extras.txtOTL Logfile: Code:
OTL Extras logfile created on: 06.09.2012 16:02:55 - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\Thomas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,91 Gb Total Physical Memory | 4,15 Gb Available Physical Memory | 70,13% Memory free
11,82 Gb Paging File | 9,96 Gb Available in Paging File | 84,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,18 Gb Total Space | 308,78 Gb Free Space | 69,52% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 118,57 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive G: | 7,28 Gb Total Space | 7,28 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
Computer Name: THOMAS-PC | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01571197-365F-4B27-91E3-82C32663EBC4}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A73010A-D912-47A3-BFC1-0D4A4E651F97}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CFCD4E9-4259-40E6-A49F-B3D13BCAA135}" = lport=138 | protocol=17 | dir=in | app=system |
"{1E105010-93FF-42E3-B7C0-0FE2367479A0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{256789F5-3D75-4B2B-96E5-6B0FDC8AA5AA}" = rport=445 | protocol=6 | dir=out | app=system |
"{25AAEE0D-FD7F-4CA9-8FB3-618C07E83758}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2DD7ED15-2749-44E3-B349-E97E053BD86D}" = rport=138 | protocol=17 | dir=out | app=system |
"{4438F73B-EF61-48B4-98CD-E944AE2138AF}" = lport=137 | protocol=17 | dir=in | app=system |
"{57C67A69-A102-4DC6-8E3F-162E1B997F31}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5BBA73AB-CE3F-4F30-B398-A44095C2A93C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5DECB209-E392-4FBD-A810-C0F57DF623C5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{76A075D9-F2EC-42C3-8827-6BE178F7C967}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7788F33F-516C-4B47-B8F9-80C908C8E380}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7BE4C14A-E762-43A4-A0EC-377A834F5B6C}" = lport=139 | protocol=6 | dir=in | app=system |
"{BBACFAFC-B7A4-4167-9093-5578CEB9650E}" = rport=139 | protocol=6 | dir=out | app=system |
"{C0639D2F-29E4-437E-B3BE-DAA79D474153}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4C0C222-CC01-48D2-B11E-ACB77DC3DC0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD360981-81F9-4BEC-8E15-DC4012D718E7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EAAE4B69-DCA9-4300-973C-7658DFBE2C29}" = rport=137 | protocol=17 | dir=out | app=system |
"{F5638884-65F3-47E1-8BE0-0988701C40E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F574C81F-D8B3-48C7-A537-5C22F7519D73}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F61A6308-FB3A-499A-BDC9-A52CC5B61155}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FAA2A359-C4B1-49E4-A42B-83D54FE8A0A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ED5E62-B182-4CC7-9A69-BB83BE7B4DB5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutconfigtool.exe |
"{05FF94E6-F444-4A2D-BA9A-3076ED8767F7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutlauncher.exe |
"{0A312F33-734E-43DA-98E7-3EFB1E64B343}" = protocol=17 | dir=in | app=d:\games\sevencore\sevencore.exe |
"{0BD0E80C-1D1E-4E7A-9D74-7604C4C60CD7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{11CA20A9-BE27-4FC3-97E2-71F544D56EE7}" = protocol=6 | dir=in | app=d:\games\starcraft ii\starcraft ii public test.exe |
"{14670552-8337-43B8-9655-FFAE81A9EDF3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1675C8A6-A7C0-40D9-8B89-EC18D0BBA5B4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutlauncher.exe |
"{16DF7A0B-B8E3-4C21-A04C-E6363BFAB43B}" = protocol=6 | dir=in | app=d:\games\princ of persia\prince of persia.exe |
"{1847415D-E500-477B-95E7-37BDBCC79993}" = protocol=17 | dir=in | app=d:\games\princ of persia\princeofpersia_launcher.exe |
"{184CDD4A-714E-4399-B1D2-3A27D8590865}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{187ABF18-9560-44B6-983B-5779D788499C}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\local\apps\2.0\cdgqrt4j.8z4\oh5dtgxx.61j\curs..tion_eee711038731a406_0004.0000_d322ecea565577c8\curseclient.exe |
"{1A56AA22-77B3-4C44-9E98-45078B0226B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A9EAE32-7442-4D3A-9736-201ADD60FD6D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1AF60CF9-95CD-4D1E-9BB3-CD80FE4160F5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{1B5BFEA2-0F76-40F7-A21E-0354D69A997D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1D431AF5-A70D-49F0-911A-417D10A7508D}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{1F71E104-8701-4BCD-9E09-8C34629055A0}" = protocol=17 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"{22DA889A-3E67-43DE-A992-D566CA804945}" = protocol=17 | dir=in | app=d:\games\starcraft ii\versions\base21029\sc2.exe |
"{26A815C7-2C9A-43F1-9B88-1182D3F899F5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutparadise.exe |
"{2CD0EFBC-B6E8-4EBA-9B82-08A4D45C6940}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\local\apps\2.0\cdgqrt4j.8z4\oh5dtgxx.61j\curs..tion_eee711038731a406_0004.0000_d322ecea565577c8\curseclient.exe |
"{2DE8A79C-C514-4B7F-819A-6F077684787A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3260971A-3F7A-45DA-A830-A36A814CB8C8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{34628721-9D08-437E-AF73-B28CB7D25B4A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{35E08AD6-B844-4277-8A73-0D81EF0A259F}" = protocol=17 | dir=in | app=d:\games\starcraft ii\starcraft ii public test.exe |
"{38F6B3E9-7076-459B-8EC4-59710FD83016}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{420D469F-B0F3-4AB0-A6E5-49D9F13B8BBF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{45072E05-B472-496A-AF29-98A3534A370B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A163403-F257-4DA0-8FEC-C4C68588439D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B14DD92-2FA0-425C-8C96-7953D0CC689B}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4DCC9AF7-92F6-4931-B9A1-649B41A6E6F4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E968C20-157A-49C0-B084-15C7B349B918}" = protocol=6 | dir=in | app=d:\games\sevencore\sevencore.exe |
"{4EE3D5EC-50BA-4F2C-A3AE-B76630FF4FC9}" = protocol=17 | dir=in | app=d:\games\dead rising 2\deadrising2.exe |
"{4F1192E2-D3A3-45E6-825F-5AEB29CD1ECB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutparadise.exe |
"{56846E9F-5EBE-4264-B7A9-428257EF2541}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{56D03761-D0DB-4968-832B-3C9316EFF8FB}" = protocol=6 | dir=in | app=d:\games\cod4\iw3mp.exe |
"{5A2F3534-FF52-4BA1-A5CF-FB12052BA9BA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{60AD32DD-2DF4-4686-B674-6633372BDDC5}" = protocol=6 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"{6278AEB8-8F3D-4354-80C9-E649A92B1FE8}" = protocol=6 | dir=in | app=d:\games\starcraft ii\versions\base21029\sc2.exe |
"{632371D9-A44C-4AD8-8BC4-09306F634287}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout paradise\burnoutconfigtool.exe |
"{63EF24C2-2DDF-488C-8BA1-656FA8126784}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{69BE1129-A047-427E-98C3-89A4887C9416}" = protocol=6 | dir=out | app=system |
"{6C111142-8FC2-4201-AFD6-8A8415129F39}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A830242-9888-4289-9557-99AFFF5CC8A4}" = protocol=17 | dir=in | app=d:\games\sevencore\launcher.exe |
"{821D43C7-03EA-4616-AA61-51A1830E3585}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{885ACA26-1449-4A11-B362-A6F5EC78246C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8C69CC45-33A8-4EB9-8A33-84E6390426A7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{920676C0-0A4C-4097-97CD-96A72C03CC40}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{94185ACA-4173-4B59-B40D-A351BB1C564E}" = protocol=17 | dir=in | app=d:\games\starcraft ii\versions\base19132\sc2.exe |
"{9851524A-2AD3-43E1-9B95-987ADA286D49}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{99EC60DD-147C-4104-8542-602A758748C4}" = protocol=6 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"{9A65E48C-19E2-4BCF-BBE9-A997502C8AA5}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\local\apps\2.0\cdgqrt4j.8z4\oh5dtgxx.61j\curs..tion_eee711038731a406_0004.0000_d322ecea565577c8\curseclient.exe |
"{9EAC2DAE-5A06-47EF-B720-D17C03411BD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6730450-6A67-4D2E-8B3F-325907A9F87F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C077CE03-2AC4-4393-86E2-7B832B231EFB}" = protocol=6 | dir=in | app=d:\games\starcraft ii\versions\base21029\sc2.exe |
"{C35C9304-6769-48DB-851C-908DC74AC038}" = protocol=6 | dir=in | app=d:\games\sevencore\launcher.exe |
"{C50E58D7-6BC1-47DB-B55E-3EA37BEDAC32}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C9F0CACF-FEC5-404E-BB09-F05D76E79956}" = protocol=6 | dir=in | app=d:\games\princ of persia\princeofpersia_launcher.exe |
"{CBA47F7C-0C35-4DA2-A605-8A2D59CDBF8E}" = protocol=17 | dir=in | app=d:\games\cod4\iw3mp.exe |
"{CBE22F95-0018-4C9A-95F4-C849DA0FD128}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{D2F9984B-0820-41D1-AF51-E1EAEA71124D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{D41DB46D-F4F5-4FA8-A40F-54D859B99A36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4E5C5EC-8DEC-4855-866D-962973BFA399}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{D549A991-CE3D-4EF8-B476-809ECC7FC4E0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D7C82951-AC0F-4DA0-8608-54234237BCF8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{D883C1A5-D915-49F3-90C3-A93AC542C88F}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{D89DA143-5690-41FB-B731-6C6EAABFF346}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC5337AE-E2A3-42FB-9331-2D73982E7913}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DD561865-832C-4CDA-9363-FFD8ED01EAA3}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\local\apps\2.0\cdgqrt4j.8z4\oh5dtgxx.61j\curs..tion_eee711038731a406_0004.0000_d322ecea565577c8\curseclient.exe |
"{DEC136DE-618C-49F7-ABF8-1D1A8D339352}" = protocol=6 | dir=in | app=d:\games\dead rising 2\deadrising2.exe |
"{DEE2F802-3607-4E41-BE71-5379CB01DAEB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E227F991-D092-4CF9-BE1D-E3B90E8E7385}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7674F9D-0DE2-42B6-A8FE-FE264F4A4806}" = protocol=17 | dir=in | app=d:\games\princ of persia\prince of persia.exe |
"{EA6CE060-3BB2-4E15-B998-14D4E4A8EB51}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{ED503F9D-37EB-4A50-B373-C524478C85C1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{EDABBC08-765A-45B1-8473-B4190A111270}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFD85C1C-B42F-4CC8-9B7D-7B2442B7D831}" = protocol=17 | dir=in | app=d:\games\starcraft ii\starcraft ii.exe |
"{F06D96D2-871B-4AD3-85A5-3A5E9D432072}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2B5A10C-BCD8-44A4-8DD3-A65FD483B517}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F71AD21F-A67A-452C-B9D5-E81C1B56A401}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{F95D5011-7C89-4E66-8135-AD350D160EF2}" = protocol=17 | dir=in | app=d:\games\starcraft ii\versions\base21029\sc2.exe |
"{FA972700-3E81-4F01-92A8-123CC09F5655}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"{FB5333EB-7EA9-43D8-9A61-25E4E0563779}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{FF9AA8C6-736A-45BE-98DB-11506F5F809E}" = protocol=6 | dir=in | app=d:\games\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{07015C53-EC03-4E58-85A2-93FD0974630C}D:\games\cod4\iw3mp.exe" = protocol=6 | dir=in | app=d:\games\cod4\iw3mp.exe |
"TCP Query User{0F2FCAC5-804A-432D-A492-6AD0DF748F45}D:\games\crysis2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\games\crysis2\bin32\crysis2.exe |
"TCP Query User{275C63DD-D965-44C5-80E6-D0B9C24961E8}C:\users\thomas\desktop\runes_of_magic_4_0_5_2467_eu_slim.exe" = protocol=6 | dir=in | app=c:\users\thomas\desktop\runes_of_magic_4_0_5_2467_eu_slim.exe |
"TCP Query User{44C4040F-7953-4066-9141-620B25F41BEB}I:\games\bfcracked\bf1942.exe" = protocol=6 | dir=in | app=i:\games\bfcracked\bf1942.exe |
"TCP Query User{624D4013-0221-4DB8-A0C8-C1B67C49DB40}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{70891BCA-2B6A-4267-953A-FEAD735DA4E2}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{74904772-33B8-49E4-9A48-79322BC7CBD2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A2759A41-3A72-4029-A323-06EBDB0E41B2}D:\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{C35BAE7B-40D7-4DDA-8137-3F55B0FB96DB}D:\games\crysis2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\games\crysis2\bin32\crysis2.exe |
"TCP Query User{C945CB24-B2D8-4647-A951-11A0F543AF25}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{D6968D8D-BA5A-4626-8C25-BC523CF49699}D:\games\runes of magic\runes of magic\client.exe" = protocol=6 | dir=in | app=d:\games\runes of magic\runes of magic\client.exe |
"TCP Query User{E75C2D5D-7D83-4D67-BC04-657B654CC703}D:\games\eve\bin\exefile.exe" = protocol=6 | dir=in | app=d:\games\eve\bin\exefile.exe |
"TCP Query User{EB581D88-6446-48FE-B55C-FF80D9EDB921}D:\games\runes of magic\runes of magic\client.exe" = protocol=6 | dir=in | app=d:\games\runes of magic\runes of magic\client.exe |
"TCP Query User{F01076B9-D41F-49B3-BE94-393C34C15C4A}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{04DD2572-BED5-4AA5-BB89-CC721E6D183F}D:\games\runes of magic\runes of magic\client.exe" = protocol=17 | dir=in | app=d:\games\runes of magic\runes of magic\client.exe |
"UDP Query User{2011AB3D-D116-4B54-9BCC-7134E8C83834}D:\games\cod4\iw3mp.exe" = protocol=17 | dir=in | app=d:\games\cod4\iw3mp.exe |
"UDP Query User{2B5D6D78-8987-49D2-918B-97D439AB07BA}D:\games\runes of magic\runes of magic\client.exe" = protocol=17 | dir=in | app=d:\games\runes of magic\runes of magic\client.exe |
"UDP Query User{5F07884D-22F9-407D-9167-197D864B28FE}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{636DA35A-83D2-4699-AB94-2C021198AF97}D:\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{72833AAB-092B-40C9-9332-75A4184F4EEB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{963979D7-B602-4209-9A65-20D663129236}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{96919AD9-348D-4C9C-8719-623433BF78BB}D:\games\crysis2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\games\crysis2\bin32\crysis2.exe |
"UDP Query User{99BB8D49-18A6-4182-B981-7E199B00E046}C:\users\thomas\desktop\runes_of_magic_4_0_5_2467_eu_slim.exe" = protocol=17 | dir=in | app=c:\users\thomas\desktop\runes_of_magic_4_0_5_2467_eu_slim.exe |
"UDP Query User{B83C4FC5-8669-416E-B20F-00D8CC5E2F25}I:\games\bfcracked\bf1942.exe" = protocol=17 | dir=in | app=i:\games\bfcracked\bf1942.exe |
"UDP Query User{BF0DB0F3-B803-44B8-91A0-D2484D565C34}D:\games\eve\bin\exefile.exe" = protocol=17 | dir=in | app=d:\games\eve\bin\exefile.exe |
"UDP Query User{D2DC5F80-D025-4C85-8CAB-AA664AF3E482}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D551B169-9DFA-4F61-BF8B-AADEE722DAF1}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{F407B4DE-FF88-4DEE-8C6A-2601C810D9A7}D:\games\crysis2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\games\crysis2\bin32\crysis2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{AF162E20-417F-4946-A06D-65734984957F}" = Intel(R) PROSet/Wireless WiFi-Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BE8CF365-1CFE-49D7-A4C2-A943526274C4}" = Fresco Logic USB3.0 Host Controller
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Elantech" = ETDWare PS/2-x64 7.0.5.15_WHQL
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C11154F-3539-4CB5-979D-EF7913473E53}" = Prince of Persia
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DD2E59C-5C37-40C5-91BF-FCB97867E48E}" = SEVENCORE
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cisco Connect" = Cisco Connect
"ESN Sonar-0.70.0" = ESN Sonar
"Free AVI Video Converter_is1" = Free AVI Video Converter version 5.0.16.819
"Free MP4 Video Converter_is1" = Free MP4 Video Converter version 5.0.16.819
"Free Studio_is1" = Free Studio version 5.2.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.32.819
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Opera 12.01.1532" = Opera 12.01
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"SopCast" = SopCast 3.5.0
"StarCraft II" = StarCraft II
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2012 15:16:00 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.09.2012 16:05:37 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 02:32:32 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 09:59:08 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 10:01:50 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 10:13:24 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 10:15:39 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 14:54:25 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.09.2012 16:32:23 | Computer Name = Thomas-PC | Source = VmbService | ID = 0
Description = GetClient
Error - 06.09.2012 09:42:07 | Computer Name = Thomas-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 21.07.2012 07:40:45 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:45 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:40:48 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:42:02 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 21.07.2012 07:42:02 | Computer Name = Thomas-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report > --- --- ---
Übrigens funktioniert meine rechte Maustaste nicht mehr auf dem Desktop sondern nur noch im Browser und anderen Programmen. Ich vermute mal das sollte nicht so sein :-D . Was könnt ich da machen? |