Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.09.08.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Magoley :: MAGOLEY-PC [Administrator]
Schutz: Aktiviert
08.09.2012 06:14:02
mbam-log-2012-09-08 (06-40-13).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 224870
Laufzeit: 2 Minute(n), 28 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 1
C:\Users\Magoley\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
Infizierte Registrierungsschlüssel: 16
HKCR\CLSID\{597A9974-8CB0-4f41-B61F-ED065738A397} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\CLSID\{25514C64-8321-494e-BD3E-3DBAB3F8CEBA} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\RewardsArcade.FBApi.1 (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\RewardsArcade.FBApi (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\RewardsArcade.BHO.1 (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
HKCR\CLSID\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Trojan.Agent) -> Daten: C:\Users\Magoley\AppData\Roaming\appconf32.exe -> Keine Aktion durchgeführt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 15
C:\Program Files (x86)\RewardsArcade (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498 (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Chrome (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\defaults (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\locale (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
Infizierte Dateien: 58
C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\fb.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\appAPIinternalWrapper.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\jquery.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\json.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\RewardsArcade.exe (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\Uninstall.exe (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RewardsArcade\UserConfirmation.exe (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\uninstall.ico (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\install.rdf (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\background.html (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\browser.xul (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\manage-apps-style.css (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\manage-apps.html (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\options.xul (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\push.html (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\search_dialog.xul (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\update.html (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.css (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\b.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\bl.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\br.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\closelabel.gif (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\loading.gif (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tl.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\chrome\content\lib\facebox\Images\tr.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\locale\en-US\translations.dtd (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\button1.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\button2.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\button3.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\button4.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\button5.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\crossrider_statusbar.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\icon16.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\icon24.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\icon48.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\panelarrow-up.png (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\popup.css (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\popup.html (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\popup_binding.xml (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\skin.css (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox\skin\update.css (PUP.RewardsArcade) -> Keine Aktion durchgeführt.
(Ende)
ah hat funktioniert
OTL Logfile: Code:
OTL logfile created on: 08.09.2012 20:19:57 - Run 2
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\Magoley\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,21 Gb Available Physical Memory | 77,59% Memory free
16,00 Gb Paging File | 14,18 Gb Available in Paging File | 88,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,47 Gb Total Space | 45,56 Gb Free Space | 16,30% Space Free | Partition Type: NTFS
Drive D: | 7,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1397,27 Gb Total Space | 659,04 Gb Free Space | 47,17% Space Free | Partition Type: NTFS
Computer Name: MAGOLEY-PC | User Name: Magoley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.08 06:46:31 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Magoley\Desktop\OTL.exe
PRC - [2012.08.31 20:39:06 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.08.08 19:36:06 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.09 15:13:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.09 15:13:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.29 22:19:09 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.04.07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.04.07 13:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.07 19:17:00 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.25 15:49:36 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.09 15:13:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.09 15:13:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.29 22:19:09 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.10 16:01:06 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 16:01:04 | 000,626,208 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.09 15:13:28 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.09 15:13:28 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.11.11 15:47:18 | 000,348,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.28 19:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/10/17 22:16:22] [Kernel | Auto | Running] -- C:\Player\CyberLink\PowerDVD9\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 2A 93 75 7B C1 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {72D60C34-AE83-4B61-86C4-AF3A8D37DAE6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109868&tt=060612_5_&babsrc=SP_ss&mntrId=f45ff98a000000000000001fc63e3732
IE - HKCU\..\SearchScopes\{72D60C34-AE83-4B61-86C4-AF3A8D37DAE6}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp&p={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb110/?search={searchTerms}&loc=IB_DS&a=6OynCaYt74&i=26
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Magoley\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Magoley\AppData\Local\RewardsArcade\498\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.26 20:31:19 | 000,000,000 | ---D | M]
[2011.12.24 00:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
O1 HOSTS File: ([2011.03.27 15:13:37 | 000,431,482 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14850 more lines...
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Magoley\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Magoley\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Programme\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{708F16CA-5E4A-4923-BE57-EAC755B4F79E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0578536a-e081-11e1-933f-001fc63e3732}\Shell - "" = AutoRun
O33 - MountPoints2\{0578536a-e081-11e1-933f-001fc63e3732}\Shell\AutoRun\command - "" = H:\Startme.exe
O33 - MountPoints2\{781117c0-2da7-11e1-9fc6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{781117c0-2da7-11e1-9fc6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{a5dd5b2e-00a8-11e0-86cd-001fc63e3732}\Shell - "" = AutoRun
O33 - MountPoints2\{a5dd5b2e-00a8-11e0-86cd-001fc63e3732}\Shell\AutoRun\command - "" = E:\AVP_SETUP_LAUNCHER.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.08 20:04:04 | 000,080,456 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Magoley\Desktop\mbam-clean-1.60.2.0003.exe
[2012.09.08 06:46:31 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Magoley\Desktop\OTL.exe
[2012.09.08 06:10:50 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Magoley\Desktop\mbam-setup-1.62.0.1300.exe
[2012.09.08 00:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.09.08 00:26:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.09.08 00:22:32 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Users\Magoley\Desktop\TuneUpUtilities2012_de-DE.exe
[2012.08.30 22:49:37 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Neuer Ordner (8)
[2012.08.30 22:49:34 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Neuer Ordner (7)
[2012.08.30 22:49:19 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Neuer Ordner (6)
[2012.08.30 22:49:16 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Neuer Ordner (5)
[2012.08.30 22:49:12 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Neuer Ordner (4)
[2012.08.28 21:04:24 | 000,999,840 | ---- | C] (Solid State Networks) -- C:\Users\Magoley\Desktop\install_flashplayer11x32_chra_au_aih.exe
[2012.08.26 20:31:13 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Roaming\DivX
[2012.08.26 20:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.08.26 20:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.08.26 20:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.08.26 20:30:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.08.26 20:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.08.26 20:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.08.26 20:25:42 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Roaming\OpenCandy
[2012.08.26 20:25:33 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Documents\My Downloads
[2012.08.26 20:24:12 | 001,288,352 | ---- | C] (Ellora Assets Corporation ) -- C:\Users\Magoley\Desktop\FreemakeVideoConverterSetup.exe
[2012.08.26 20:09:29 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Roaming\AVS4YOU
[2012.08.26 20:09:09 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2012.08.26 20:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2012.08.26 20:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2012.08.26 20:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2012.08.26 20:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2012.08.26 18:56:06 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\@WingsRussia
[2012.08.26 18:47:53 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\@RKSL
[2012.08.25 17:08:53 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Arma 2 BW
[2012.08.25 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Local\ArmA 2 OA
[2012.08.25 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Documents\ArmA 2
[2012.08.19 20:29:38 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Originals
[2012.08.18 10:14:42 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Local\ApplicationHistory
[2012.08.17 22:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2012.08.17 22:40:30 | 000,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2012.08.15 10:58:44 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Bilder neu
[2012.08.15 10:43:40 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Schatzi Bilder
[2012.08.13 20:10:16 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Documents\Aspyr
[2012.08.12 23:31:00 | 000,000,000 | ---D | C] -- C:\Users\Magoley\AppData\Local\Aspyr
[2012.08.12 10:40:59 | 000,000,000 | ---D | C] -- C:\Users\Magoley\Desktop\Stick
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Magoley\AppData\Roaming\*.tmp files -> C:\Users\Magoley\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.08 20:18:31 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.08 20:18:31 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.08 20:15:44 | 001,528,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.08 20:15:44 | 000,664,764 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.08 20:15:44 | 000,624,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.08 20:15:44 | 000,134,932 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.08 20:15:44 | 000,110,584 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.08 20:11:17 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.08 20:11:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.08 20:11:11 | 2146,332,671 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.08 20:09:48 | 000,000,020 | ---- | M] () -- C:\Users\Magoley\defogger_reenable
[2012.09.08 20:04:04 | 000,080,456 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Magoley\Desktop\mbam-clean-1.60.2.0003.exe
[2012.09.08 19:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.08 19:24:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.08 12:53:12 | 3717,894,860 | ---- | M] () -- C:\Users\Magoley\Desktop\cwr2_demo4.rar
[2012.09.08 10:46:44 | 004,503,728 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.08 06:46:35 | 000,050,477 | ---- | M] () -- C:\Users\Magoley\Desktop\Defogger.exe
[2012.09.08 06:46:31 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Magoley\Desktop\OTL.exe
[2012.09.08 06:11:15 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Magoley\Desktop\mbam-setup-1.62.0.1300.exe
[2012.09.08 00:23:44 | 027,565,488 | ---- | M] (TuneUp Software) -- C:\Users\Magoley\Desktop\TuneUpUtilities2012_de-DE.exe
[2012.09.07 20:06:40 | 032,901,057 | ---- | M] () -- C:\Users\Magoley\Desktop\cwr2_NL_v100.zip
[2012.09.07 20:03:14 | 000,431,279 | ---- | M] () -- C:\Users\Magoley\Desktop\cwr2_UK_v100.zip
[2012.09.07 20:01:13 | 000,269,817 | ---- | M] () -- C:\Users\Magoley\Desktop\norrn_rflocc_v091.7z
[2012.09.02 17:33:16 | 000,262,465 | ---- | M] () -- C:\Users\Magoley\Desktop\norrn_rflocc_v08.7z
[2012.08.28 21:04:24 | 000,999,840 | ---- | M] (Solid State Networks) -- C:\Users\Magoley\Desktop\install_flashplayer11x32_chra_au_aih.exe
[2012.08.26 22:06:03 | 000,416,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.26 20:59:11 | 007,271,063 | ---- | M] () -- C:\Users\Magoley\Desktop\Lykke Li - I follow rivers (Lyrics)[1].mp3
[2012.08.26 20:37:46 | 000,000,809 | ---- | M] () -- C:\Users\Magoley\Desktop\AVS Video Editor.lnk
[2012.08.26 20:31:20 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.08.26 20:31:20 | 000,001,613 | ---- | M] () -- C:\Users\Magoley\Desktop\DivX Movies.lnk
[2012.08.26 20:31:11 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.08.26 20:24:12 | 001,288,352 | ---- | M] (Ellora Assets Corporation ) -- C:\Users\Magoley\Desktop\FreemakeVideoConverterSetup.exe
[2012.08.26 20:09:10 | 000,001,293 | ---- | M] () -- C:\Users\Magoley\Desktop\AVS4YOU Software Navigator.lnk
[2012.08.26 20:08:54 | 000,000,845 | ---- | M] () -- C:\Users\Magoley\Desktop\AVS Video Converter.lnk
[2012.08.26 19:49:09 | 006,980,067 | ---- | M] () -- C:\Users\Magoley\Desktop\Lykke Li - I follow rivers (Lyrics)[1].flv
[2012.08.26 18:40:03 | 025,191,410 | ---- | M] () -- C:\Users\Magoley\Desktop\vilas_gwp.7z
[2012.08.25 21:50:54 | 405,233,020 | ---- | M] () -- C:\Users\Magoley\Desktop\rhs_afrf_0.1.0.1355.7z
[2012.08.21 18:38:40 | 000,242,611 | ---- | M] () -- C:\Users\Magoley\Desktop\dk_star-trek_starship-uss-enterprise.jpeg
[2012.08.18 10:14:42 | 000,000,095 | ---- | M] () -- C:\Users\Magoley\AppData\Local\fusioncache.dat
[2012.08.17 22:40:58 | 001,554,702 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.17 22:33:32 | 000,724,992 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Magoley\AppData\Roaming\*.tmp files -> C:\Users\Magoley\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.08 20:09:47 | 000,000,020 | ---- | C] () -- C:\Users\Magoley\defogger_reenable
[2012.09.08 06:46:35 | 000,050,477 | ---- | C] () -- C:\Users\Magoley\Desktop\Defogger.exe
[2012.09.07 21:44:54 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.07 20:03:07 | 000,431,279 | ---- | C] () -- C:\Users\Magoley\Desktop\cwr2_UK_v100.zip
[2012.09.07 20:02:52 | 032,901,057 | ---- | C] () -- C:\Users\Magoley\Desktop\cwr2_NL_v100.zip
[2012.09.07 20:02:07 | 3717,894,860 | ---- | C] () -- C:\Users\Magoley\Desktop\cwr2_demo4.rar
[2012.09.07 20:01:13 | 000,269,817 | ---- | C] () -- C:\Users\Magoley\Desktop\norrn_rflocc_v091.7z
[2012.09.05 22:27:27 | 007,698,464 | ---- | C] () -- C:\Users\Magoley\Desktop\Paul & Fritz Kalkbrenner - 'Sky And Sand' (Official Video).flv.MP3
[2012.09.02 17:33:16 | 000,262,465 | ---- | C] () -- C:\Users\Magoley\Desktop\norrn_rflocc_v08.7z
[2012.08.26 20:59:01 | 007,271,063 | ---- | C] () -- C:\Users\Magoley\Desktop\Lykke Li - I follow rivers (Lyrics)[1].mp3
[2012.08.26 20:37:46 | 000,000,809 | ---- | C] () -- C:\Users\Magoley\Desktop\AVS Video Editor.lnk
[2012.08.26 20:31:20 | 000,001,613 | ---- | C] () -- C:\Users\Magoley\Desktop\DivX Movies.lnk
[2012.08.26 20:31:11 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.08.26 20:31:03 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012.08.26 20:09:10 | 000,001,293 | ---- | C] () -- C:\Users\Magoley\Desktop\AVS4YOU Software Navigator.lnk
[2012.08.26 20:08:54 | 000,000,845 | ---- | C] () -- C:\Users\Magoley\Desktop\AVS Video Converter.lnk
[2012.08.26 19:46:36 | 006,980,067 | ---- | C] () -- C:\Users\Magoley\Desktop\Lykke Li - I follow rivers (Lyrics)[1].flv
[2012.08.26 18:38:37 | 025,191,410 | ---- | C] () -- C:\Users\Magoley\Desktop\vilas_gwp.7z
[2012.08.25 21:32:05 | 405,233,020 | ---- | C] () -- C:\Users\Magoley\Desktop\rhs_afrf_0.1.0.1355.7z
[2012.08.21 18:38:40 | 000,242,611 | ---- | C] () -- C:\Users\Magoley\Desktop\dk_star-trek_starship-uss-enterprise.jpeg
[2012.08.18 10:14:42 | 000,000,095 | ---- | C] () -- C:\Users\Magoley\AppData\Local\fusioncache.dat
[2012.08.17 22:40:57 | 001,554,702 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.22 00:49:51 | 000,000,034 | ---- | C] () -- C:\Users\Magoley\AppData\Roaming\blckdom.res
[2012.07.09 19:57:58 | 000,002,466 | ---- | C] () -- C:\Windows\RbSystem.ini
[2012.07.09 19:57:58 | 000,000,249 | ---- | C] () -- C:\Windows\rbsystem.ini_winnt
[2012.07.09 19:57:09 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xcd73532.dll
[2012.07.09 19:57:09 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\PWUtility.dll
[2012.07.09 19:57:09 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\dtctrace.dll
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.12.23 23:41:04 | 000,057,466 | ---- | C] () -- C:\Users\Magoley\AppData\Roaming\Magoley3SQLite3.dll
[2011.09.23 06:53:35 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2011.09.23 06:53:35 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011.09.17 21:09:18 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.06.28 22:37:56 | 004,310,083 | ---- | C] () -- C:\Windows\Star Trek Bridges SS.dat
[2011.06.28 22:37:56 | 000,180,224 | ---- | C] () -- C:\Windows\UninstallWSST.exe
[2010.11.22 11:41:07 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.10.24 19:44:22 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.24 19:44:20 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.24 19:44:20 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.23 21:15:35 | 000,028,123 | ---- | C] () -- C:\Users\Magoley\AppData\Roaming\OFMissionEditorConfig.xml
[2010.10.16 21:47:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
========== LOP Check ==========
[2011.09.18 10:36:27 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\.minecraft
[2012.06.23 11:03:34 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\Babylon
[2012.06.23 11:03:59 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\BabylonToolbar
[2011.09.06 10:38:50 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2012.03.05 21:45:38 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\Complitly
[2012.01.26 18:59:21 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\DAEMON Tools Lite
[2011.06.28 22:35:55 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\FileSubmit
[2010.12.12 01:21:59 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\GetRightToGo
[2012.07.22 00:49:34 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\kock
[2010.11.28 20:43:22 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\Leadertech
[2012.08.26 20:25:42 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\OpenCandy
[2009.01.02 07:42:04 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\Opera
[2012.02.13 21:46:07 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\PhotoScape
[2011.06.04 14:17:32 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\ProtectDisc
[2010.10.16 21:58:26 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\TuneUp Software
[2012.07.22 01:14:02 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\UAs
[2012.07.22 01:15:01 | 000,000,000 | ---D | M] -- C:\Users\Magoley\AppData\Roaming\xmldm
[2012.08.15 10:20:49 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
und OTL Logfile: Code:
OTL Extras logfile created on: 08.09.2012 10:47:42 - Run 1
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\Magoley\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 4,99 Gb Available Physical Memory | 62,32% Memory free
16,00 Gb Paging File | 9,96 Gb Available in Paging File | 62,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,47 Gb Total Space | 46,10 Gb Free Space | 16,50% Space Free | Partition Type: NTFS
Drive D: | 7,89 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 1397,27 Gb Total Space | 659,27 Gb Free Space | 47,18% Space Free | Partition Type: NTFS
Computer Name: MAGOLEY-PC | User Name: Magoley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Player\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Player\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Player\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Player\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{180A53EF-DFD1-424A-B27C-A0C5BF9D42A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18BC4E9F-8471-4ADD-82FE-88D5ADB51B5D}" = lport=139 | protocol=6 | dir=in | app=system |
"{2741F042-C561-4B5C-ACFF-2348E189CA18}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C7B3748-2D3C-411D-84AB-49221AB72196}" = lport=445 | protocol=6 | dir=in | app=system |
"{3EC602A9-44DB-4725-BEB0-5068FACD7347}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F248C59-2B9C-4345-83DA-A058A1F49D9A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46469D1F-17A6-4CB9-9325-70E1BF336438}" = rport=138 | protocol=17 | dir=out | app=system |
"{47A3B728-E80D-4430-AB4E-1C79CD1092F3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5106F080-77BA-4F57-82DC-6895B07ACDCE}" = rport=139 | protocol=6 | dir=out | app=system |
"{5A2EA3CA-D2B6-4452-9555-4D608DCEFA87}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5E82E7ED-615D-4717-A104-9F6584722DE7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6026E5A0-6690-4184-B8F2-73A0C3F7341A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{768307FA-FBE6-4FDF-B393-07A837E9C549}" = rport=137 | protocol=17 | dir=out | app=system |
"{8932A3A4-5232-4B7E-B971-47CFEE4A4030}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{99F366FF-0702-4161-B668-95BD3F5C0AFD}" = rport=445 | protocol=6 | dir=out | app=system |
"{9E2852AC-3B35-4351-9476-AD91FBD819AC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A258A805-33C4-4FAE-BC21-A8D277AE8CEE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4817FC4-E982-4F6B-B338-D3C5F8BA650C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C9589318-3ED0-4AC3-B7A8-83CB8430FC99}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB07C768-14D1-4887-AB10-36625BBCB16F}" = lport=138 | protocol=17 | dir=in | app=system |
"{E667BBBB-EF2B-4354-B45D-F0D46FCDC959}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E6ED10B3-9D25-4939-B374-B44EACA3B7CD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E90637C6-7E93-4DB3-B909-9CF35473FD2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FACB0D1F-0542-48BE-A92E-7AF42BC2099F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038B7447-145A-4AFD-969D-A6B7D0005497}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp.exe |
"{05F841EC-684D-4828-B4C3-C850543F2BB9}" = protocol=6 | dir=in | app=c:\spiele\codemasters\of dragon rising\ofdr.exe |
"{07689540-08FC-4A8A-8818-79CC6173F00A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{07BE7B82-FFDD-4D0D-AC5E-544680342605}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{0846B1E8-608B-45EA-B1A8-1818E8A235BD}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{0905BDAB-E9C9-4621-AE33-0802BDB71789}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0C99D176-B434-4EF5-8D7F-84E29EDEA5C7}" = protocol=17 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe |
"{0F649741-EFD9-40FB-A5F7-46A90E64CD9A}" = protocol=17 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx.exe |
"{118CCAF7-59C4-4931-A597-A52379C68DB9}" = protocol=17 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{1500B73D-632D-4075-9E71-0F05E528E46E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{16B5B2BE-0CA6-4AE8-A0A0-0572CDD836CD}" = protocol=6 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"{17F7C310-7BD0-4E17-9E6E-002395EBFE6A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1B549C4E-DD60-4738-9D02-958ED5F59743}" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe |
"{1C1674BA-1528-43A7-82D3-E7B1A0C6821C}" = protocol=6 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{1CC596A6-E3E7-421C-BBFE-A661A7645FB4}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{1E4D1835-1A8D-4ABB-802D-349E38E27123}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2511070E-E6BE-4A49-AF7F-BFE8455586CF}" = protocol=6 | dir=in | app=g:\spiele\tom clancy's h.a.w.x. 2\hawx2_dx11.exe |
"{29B4CE9B-A96D-4A3D-AFA1-80848D87F66D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{33D16049-C593-40D1-9A72-4CF1694A1300}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AEC5716-C8E1-4877-A1FA-B88C737D0A0F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3C2CD3BA-B265-48AB-8193-D90933D00E32}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3ECB6BBC-81A1-4A2E-8767-25F61C80F2E2}" = protocol=17 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin64\crysis.exe |
"{4659C824-C4D7-4572-B16F-E2EBA308CD00}" = protocol=17 | dir=in | app=c:\spiele\bohemia interactive\arma 2\arma2oa.exe |
"{474AD46A-6859-41B1-81D1-7BB4F63078C7}" = protocol=6 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin32\crysis.exe |
"{4F9AFB94-847D-46AE-B13D-67D9BE39087A}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{55184A36-E694-49F6-BD3D-0ADF1245A2B4}" = protocol=6 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx.exe |
"{5CE175BD-1AA4-423B-B6F7-FB5377DF0283}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61DC631C-EBF8-4DD2-98AF-690041BC61D5}" = protocol=17 | dir=in | app=g:\spiele\tom clancy's h.a.w.x. 2\hawx2.exe |
"{6359DCEA-435A-40D1-BB43-61E071EB07D0}" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\starcraft ii.exe |
"{6663B86B-8E22-4847-A48A-2C85CF102128}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{68332BC1-7AB3-4CFF-B350-B4D3B36D6362}" = protocol=17 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"{69B2081B-95A2-4C9C-82B8-E9B698548254}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\jabia\jaggedalliancebia.exe |
"{69EAEDF2-77D1-4E2E-B3FE-97865F314A1F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{77853DA0-ED01-4A3B-BA86-2C5D4EDAE174}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7895960E-A809-4203-B92E-8D40EB2362AB}" = protocol=6 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe |
"{7A569F4D-1DC1-4A51-994D-047002530C1F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7DFC2302-93B6-4F68-93B8-ACB27B6674AE}" = protocol=6 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_launcher.exe |
"{80528CF2-3A28-498A-9F90-093FB4873054}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{822FD2C6-5448-48B9-8451-1E1C3DC17552}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{844ABEA0-B563-49EC-B497-5FC1512DB418}" = protocol=6 | dir=out | app=system |
"{85B775A4-4630-4FF0-83AE-BA865C6EFD28}" = protocol=6 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin64\crysis.exe |
"{8CDFE004-F6FE-4065-A6E1-E90612D5F567}" = protocol=17 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin32\crysis.exe |
"{8EF13CB6-60A5-499E-9296-34F34E162307}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F3802FE-3B18-48C8-83AE-8D2522D97B84}" = dir=in | app=c:\player\cyberlink\powerdvd9\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{8F7C4DFA-F7F7-4C62-845E-8C046AAF1A90}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{961FBFB6-21AD-414D-9788-FF69807BDF97}" = protocol=17 | dir=in | app=c:\spiele\arma 2\arma2rft.exe |
"{9C89128D-6E6E-493A-9283-D956A6554E18}" = protocol=17 | dir=in | app=c:\spiele\arma 2\arma2oa.exe |
"{9E27FD61-FA17-485F-9974-2A204E3BE6B5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{9F22F512-459E-4C72-A0B3-0F9A859D494B}" = protocol=6 | dir=in | app=c:\spiele\arma 2\arma2oa.exe |
"{A34B846B-ADAD-49D3-BEC1-5295F2564611}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9B2804F-5452-4F83-BFD8-B1E18E4A745E}" = protocol=17 | dir=in | app=c:\spiele\codemasters\of dragon rising\ofdr.exe |
"{BC9073CE-7CAB-4014-A291-FF27ADBE6499}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\supreme commander 2\bin\supremecommander2.exe |
"{BD7326AF-B9B2-4640-8EB4-B1B92C29D1B8}" = protocol=17 | dir=in | app=g:\spiele\tom clancy's h.a.w.x. 2\hawx2_dx11.exe |
"{BDC80BBF-CE11-4B2A-A4C4-381EFFCC4165}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BDF65C4F-E5EB-403D-9F1A-CC60464D6C91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BEA92E7B-C998-4AA1-820D-0FA9D2756D77}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C3E0B1D9-374D-47A6-9471-B8CD8C41BE4E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{C5078433-30C0-4033-99F9-B9EC2D278F9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C681B527-8E73-4A16-85C7-F2ABCDC8E31A}" = protocol=17 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_launcher.exe |
"{C6D91D85-151D-4FB9-A7A8-18D67E6ADEE8}" = protocol=6 | dir=in | app=c:\spiele\arma 2\arma2rft.exe |
"{CA0EF26C-8626-4588-A731-F006F564B7CB}" = protocol=6 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{CA177BBE-E187-428F-AABA-BC78778B12ED}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{CB52BF8B-6DFC-406C-BC0D-3AA66F599C38}" = protocol=6 | dir=in | app=c:\spiele\bohemia interactive\arma 2\arma2oa.exe |
"{CD3217D1-4F50-4CB2-B019-A9E8274F4A3E}" = protocol=17 | dir=in | app=c:\spiele\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{D3602D27-4BE6-4FB7-9E0B-A7D55D73C41D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4F5DB5D-B18B-468F-A141-FDA718C00CB7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5E52F01-B3D7-41E4-B7A4-C661ADF04966}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\jabia\jaggedalliancebia.exe |
"{DA4B4BDA-651D-4CDC-87ED-24922E3A57D7}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp.exe |
"{DC9E9D1A-04A5-4928-B881-97EA8FBD3D21}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{DD3C107A-5602-47DA-994D-2761D9A82695}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1A086DC-A1C7-450A-8E6D-BB405133502F}" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{E2991532-792B-4BFC-89DF-6AA67BB3B268}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4E30995-9217-4158-9B6E-C643278BB663}" = protocol=6 | dir=in | app=g:\spiele\tom clancy's h.a.w.x. 2\hawx2.exe |
"{E539A56C-4C9F-4CF7-A485-2CD4481975F1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E6E475E3-B9EA-44C0-A1F4-8CEDBE2182C4}" = protocol=17 | dir=in | app=c:\spiele\bohemia interactive\arma 2\arma2rft.exe |
"{EB49D946-E3B4-4AF9-8745-71017ACB64FA}" = dir=in | app=c:\player\cyberlink\powerdvd9\powerdvd9\powerdvd9.exe |
"{F26756BB-645E-41C2-AA8B-DCF3861FF27C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F29D1293-4450-47F6-B25B-282F4BB7C9D2}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{F691C11D-02BF-4A9F-9CFA-28E25B8A1B8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F9225F47-3FE7-4256-99C3-597800E83FE8}" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{FC82CE2E-76EB-4EEF-A23F-484068E1249A}" = protocol=6 | dir=in | app=c:\spiele\bohemia interactive\arma 2\arma2rft.exe |
"TCP Query User{333ECC90-28FB-47E4-A8FB-2C6F35EBF241}G:\spiele\cryptic studios\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=g:\spiele\cryptic studios\star trek online\live\gameclient.exe |
"TCP Query User{3CCBA36B-FE4E-4B10-8972-0188CA4BE1F7}C:\spiele\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{47C59666-7319-4B0B-A31A-6AA7C35A1CA3}G:\spiele\dead space\dead space.exe" = protocol=6 | dir=in | app=g:\spiele\dead space\dead space.exe |
"TCP Query User{64A9B93F-B59B-4152-BEB2-4D916244782A}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{653E0A37-BF9C-41B9-8E1B-57F87114DE2F}C:\spiele\ghost recon advanced warfighter\graw.exe" = protocol=6 | dir=in | app=c:\spiele\ghost recon advanced warfighter\graw.exe |
"TCP Query User{68A48966-63AF-4307-9270-683923474092}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{7395E390-7B96-4966-B4E2-48B4457696FA}C:\spiele\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{9422554D-8F45-485F-9C69-4DE9440233F3}C:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{C834CB28-24B1-496C-BA78-55DBD4EB8394}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E6A4B189-7D86-49B0-B021-0569A9FBDBC9}C:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe" = protocol=6 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe |
"TCP Query User{F5079BBF-1BCD-4779-951E-7A33AB853479}C:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=6 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"TCP Query User{F8BA298C-40A4-4E72-B069-E47D0E13CE3C}C:\spiele\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\spiele\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{FFD00BB4-8A63-4EDC-AFD8-9F1C3B79BF0B}C:\spiele\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\spiele\dawn of war - soulstorm\soulstorm.exe |
"UDP Query User{031AB579-07B0-4F87-9C18-6AE1E55DC5EA}C:\spiele\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{189922A7-1203-45B9-B090-D149FD2A5577}C:\spiele\ghost recon advanced warfighter\graw.exe" = protocol=17 | dir=in | app=c:\spiele\ghost recon advanced warfighter\graw.exe |
"UDP Query User{21B4B905-845E-40AC-9E2B-BCCE8375FB5E}C:\spiele\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{2308DF58-7E1E-4E8D-B8CC-B6E34DE7BF3A}G:\spiele\dead space\dead space.exe" = protocol=17 | dir=in | app=g:\spiele\dead space\dead space.exe |
"UDP Query User{47FC4694-45DA-49AF-B198-EACAF0C17126}C:\spiele\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{4CEA1FE4-F973-4397-9E60-7FE08D28254D}C:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe" = protocol=17 | dir=in | app=c:\spiele\tom clancy's rainbow six vegas\binaries\r6vegas_game.exe |
"UDP Query User{72806983-09EA-45C4-9D17-B981483715FE}G:\spiele\cryptic studios\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=g:\spiele\cryptic studios\star trek online\live\gameclient.exe |
"UDP Query User{A9C6A865-2015-4AFB-AA0B-B53AD7D35995}C:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\spiele\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{B307625B-9A3E-4356-B0E3-B48856F76976}C:\spiele\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\spiele\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{B9DBE8EA-8D67-40EC-B272-B85A9F8C03A8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{C74F2A2F-185F-4B6F-ABA2-43E3F236CE49}C:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe" = protocol=17 | dir=in | app=c:\spiele\tom clancy's h.a.w.x\hawx_dx10.exe |
"UDP Query User{E9265FB2-3482-438D-B369-351C31B35356}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{EF3EDF2C-3710-4606-BA9D-8792027208D9}C:\spiele\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\spiele\dawn of war - soulstorm\soulstorm.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.7
"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{287A4E96-AC57-4A19-9B51-C5EED2EAB382}" = Star Trek Legacy
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1" = Minecraft PC Gamer Demo version 1.5
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76A232AF-B7D6-41A4-B795-6B355E6D32B1}" = Tom Clancy's H.A.W.X. 2
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89E0B0D4-DFC3-49B9-8E88-F1B801325C8A}" = Emergency 3
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4C534E-431F-4A17-97D4-D1682B19A054}" = Emergency4
"{A0595C97-DB17-429D-AB24-8594019B9A6C}" = Star Trek Legacy Patch v1.2
"{A174402A-2EE6-4B86-A930-7BC85A9933BD}" = Tom Clancy's Splinter Cell
"{A2B3C27C-1F09-47C6-9A90-9683BEFD7963}" = Dawn of War - Soulstorm
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{BCB9DF93-537D-433D-AF3B-36025DEF5798}" = Joint Task Force
"{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC452A50-5C87-4A1F-B295-445C3C69BF7D}" = NVIDIA MediaShield
"{CF937220-C6A5-438F-AB5C-8C7CD5F6DEA3}" = Star Trek Legacy Patch v1.1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aliens Versus Predator" = Aliens versus Predator Gold Edition
"Arma 2 Army of The Czech Republic (LITE)" = Arma 2 Army of The Czech Republic (LITE) Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"ARMA 2 REINFORCEMENTS" = ARMA 2 REINFORCEMENTS Uninstall
"Arma 2 RFT" = Arma 2 RFT Uninstall
"ArmA2" = ArmA2 Uninstall
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"BabylonToolbar" = Babylon toolbar on IE
"BattlEye" = BattlEye Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BattlEye for RFT" = BattlEye for RFT Uninstall
"DAEMON Tools Lite" = DAEMON Tools Lite
"dcmsvc_is1" = dcmsvc 1.0
"DivX Setup" = DivX-Setup
"Emergency 2012" = Emergency 2012
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESI Prüfwerte" = ESI Prüfwerte
"ESI[tronic] DEMO_3" = ESI[tronic] DEMO_3
"FFUR '85 (2008 Edition)" = FFUR '85 (2008 Edition) 1.0
"FFUR European Crisis Pack" = FFUR European Crisis Pack
"FFUR-SLX 2007" = FFUR-SLX 2007 2.5 New Version
"FireWarriorA00" = FireWarrior
"FLV Player" = FLV Player 2.0 (build 25)
"HighwayNights" = Cobra 11 - Highway Nights (remove only)
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.02.1578" = Opera 12.02
"PhotoScape" = PhotoScape
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"Star Trek Online" = Star Trek Online
"Star Wars: The Force Unleashed_is1" = Star Wars: The Force Unleashed
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10680" = Aliens vs. Predator
"Steam App 22380" = Fallout: New Vegas
"Steam App 400" = Portal
"Steam App 40100" = Supreme Commander 2
"Steam App 57740" = Jagged Alliance - Back in Action
"Sven - Die ersten 10 Jahre" = Sven - Die ersten 10 Jahre
"System47" = System47 Screen Saver
"SystemRequirementsLab" = System Requirements Lab
"ULTIMATE UNIVERSE 1.0 FULL VERSION" = ULTIMATE UNIVERSE 1.0 FULL VERSION
"VLC media player" = VLC media player 1.1.11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab Video Converter" = FoxTab Video Converter
"RewardsArcade" = RewardsArcade
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.09.2012 01:16:58 | Computer Name = Magoley-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514,
Zeitstempel: 0x4ce7a485 Name des fehlerhaften Moduls: nvd3dum.dll, Version: 8.17.13.142,
Zeitstempel: 0x4fb20472 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0084ba4f ID des fehlerhaften
Prozesses: 0x10a8 Startzeit der fehlerhaften Anwendung: 0x01cd8b1ed6d25434 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\nvd3dum.dll Berichtskennung: e9ee4f44-f718-11e1-86b3-001fc63e3732
Error - 05.09.2012 14:00:01 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10c8 Startzeit:
01cd8b8f9af5dde8 Endzeit: 420 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 14:46:21 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fe0 Startzeit:
01cd8b95c893cd90 Endzeit: 480 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 14:48:36 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1274 Startzeit:
01cd8b96f2d00618 Endzeit: 190 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 14:49:22 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d88 Startzeit:
01cd8b9715a24cc8 Endzeit: 150 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 14:57:05 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 8fc Startzeit:
01cd8b9768e2f3d8 Endzeit: 540 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 14:57:50 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1188 Startzeit:
01cd8b983fd64bd8 Endzeit: 190 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 05.09.2012 15:00:11 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e84 Startzeit:
01cd8b985a4c0228 Endzeit: 620 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 06.09.2012 00:04:33 | Computer Name = Magoley-PC | Source = Application Hang | ID = 1002
Description = Programm Fallout3ng.exe, Version 1.7.0.3 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ecc Startzeit:
01cd8be47b184970 Endzeit: 345 Anwendungspfad: C:\Spiele\Bethesda Softworks\Fallout
3\Fallout3ng.exe Berichts-ID:
Error - 08.09.2012 04:46:57 | Computer Name = Magoley-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xa9c Startzeit der fehlerhaften Anwendung: 0x01cd8d766e677640 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: bf148df8-f991-11e1-8d88-001fc63e3732
[ Media Center Events ]
Error - 04.03.2011 01:52:23 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:52:23 - Fehler beim Herstellen der Internetverbindung. 06:52:23
- Serververbindung konnte nicht hergestellt werden..
Error - 07.03.2011 12:43:29 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 17:43:29 - Fehler beim Herstellen der Internetverbindung. 17:43:29
- Serververbindung konnte nicht hergestellt werden..
Error - 07.03.2011 12:43:38 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 17:43:34 - Fehler beim Herstellen der Internetverbindung. 17:43:34
- Serververbindung konnte nicht hergestellt werden..
Error - 08.03.2011 01:21:43 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:21:43 - Fehler beim Herstellen der Internetverbindung. 06:21:43
- Serververbindung konnte nicht hergestellt werden..
Error - 08.03.2011 01:21:48 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:21:48 - Fehler beim Herstellen der Internetverbindung. 06:21:48
- Serververbindung konnte nicht hergestellt werden..
Error - 10.03.2011 01:10:01 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:10:01 - Fehler beim Herstellen der Internetverbindung. 06:10:01
- Serververbindung konnte nicht hergestellt werden..
Error - 10.03.2011 01:10:10 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:10:06 - Fehler beim Herstellen der Internetverbindung. 06:10:06
- Serververbindung konnte nicht hergestellt werden..
Error - 11.03.2011 01:44:24 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:44:24 - Fehler beim Herstellen der Internetverbindung. 06:44:24
- Serververbindung konnte nicht hergestellt werden..
Error - 11.03.2011 01:44:33 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 06:44:29 - Fehler beim Herstellen der Internetverbindung. 06:44:29
- Serververbindung konnte nicht hergestellt werden..
Error - 14.03.2011 13:20:11 | Computer Name = Magoley-PC | Source = MCUpdate | ID = 0
Description = 18:20:05 - Fehler beim Herstellen der Internetverbindung. 18:20:05
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 07.09.2012 15:50:50 | Computer Name = Magoley-PC | Source = DCOM | ID = 10005
Description =
Error - 07.09.2012 15:50:50 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 07.09.2012 15:51:36 | Computer Name = Magoley-PC | Source = DCOM | ID = 10010
Description =
Error - 07.09.2012 15:52:51 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 07.09.2012 16:03:26 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 07.09.2012 17:31:20 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 07.09.2012 17:51:47 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 07.09.2012 17:51:47 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 08.09.2012 00:02:02 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 08.09.2012 00:02:02 | Computer Name = Magoley-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
--- --- --- |
