Ich bin gerade draufgekommen, dass ich noch eine TrueCrypt-Partition habe, soll ich diese auch scannen bzw. nur mit Malwarebytes oder auch mit OTL?
Hier einmal die Logs: Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.12.11.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
***** :: *****-HP [Administrator]
Schutz: Deaktiviert
11.12.2012 19:37:39
mbam-log-2012-12-11 (19-37-39).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 737515
Laufzeit: 3 Stunde(n), 27 Minute(n), 10 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
Code:
OTL logfile created on: 12.12.2012 00:11:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: ***** | Language: DE | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 3,56 Gb Available Physical Memory | 44,79% Memory free
15,90 Gb Paging File | 11,53 Gb Available in Paging File | 72,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,98 Gb Total Space | 384,42 Gb Free Space | 56,29% Space Free | Partition Type: NTFS
Drive D: | 15,36 Gb Total Space | 1,62 Gb Free Space | 10,54% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 177,68 Gb Free Space | 38,15% Space Free | Partition Type: NTFS
Computer Name: *****-HP | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LibreOffice 3.6\program\soffice.bin (The Document Foundation)
PRC - C:\Program Files (x86)\LibreOffice 3.6\program\soffice.exe (The Document Foundation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
PRC - C:\Windows\vVX3000.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\libxml2.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\URE\bin\msci_uno.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\pangolo.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\pangowin32lo.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\pangocairolo.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\libcroco-0.6-3.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\librsvg-2-2.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\intl.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\gsf-1.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\cairo.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\libxslt.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\pythonloader.uno.dll ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\python-core-2.6.1\lib\_socket.pyd ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\python-core-2.6.1\lib\_ssl.pyd ()
MOD - C:\Program Files (x86)\LibreOffice 3.6\program\pyuno.pyd ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\21303503faca86dc22acdb09dea9caa6\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\20e6ed751491ededa81930ae57e20a25\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll ()
MOD - C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll ()
MOD - C:\PROGRAM FILES (X86)\NORTON IDENTITY SAFE\ENGINE\2013.2.0.18\wincfi39.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_messengernotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_skypenotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_madtranscode.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_httpinput.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Program Files (x86)\Last.fm\breakpad.dll ()
MOD - C:\Program Files (x86)\Last.fm\Moose1.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmTools1.dll ()
MOD - C:\Program Files (x86)\Last.fm\libfftw3f-3.dll ()
MOD - C:\Program Files (x86)\Last.fm\zlibwapi.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtSql4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtGui4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtXml4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtCore4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NCO) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe (Symantec Corporation)
SRV - (NAV) -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\symds64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NST) -- C:\Windows\SysNative\drivers\NSTx64\7DD02000.012\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NAV) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NIWinCDEmu) -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys ()
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\ironx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NAVx64\1402000.013\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (rspLLL) -- C:\Windows\SysNative\drivers\rspLLL64.sys (Resplendence Software Projects Sp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (YMIDUSBW) -- C:\Windows\SysNative\drivers\ymidusbx64.sys (Yamaha Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VX3000) -- C:\Windows\SysNative\drivers\VX3000.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20121130.005\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20121210.024\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20121210.024\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20121208.001\IDSviA64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 BB 98 56 8C CD CD 01 [binary data]
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "DuckDuckGo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://duckduckgo.com/"
FF - prefs.js..extensions.enabledAddons: firefox@ghostery.com:2.8.3
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.3
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\*****\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\*****\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\ [2012.10.18 18:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.1.7\coFFPlgn\ [2012.12.09 12:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 14:09:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.05.29 11:05:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2012.12.08 11:10:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\4nrb117h.default\extensions
[2012.09.26 06:54:58 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\4nrb117h.default\extensions\firefox@ghostery.com
[2012.08.08 19:18:39 | 000,060,243 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\4nrb117h.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
[2012.12.06 17:16:38 | 000,531,070 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\4nrb117h.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.11.23 12:28:33 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\4nrb117h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.20 16:28:45 | 000,010,316 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\4nrb117h.default\searchplugins\duckduckgo.xml
[2012.05.29 12:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.29 12:19:45 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\mozilla firefox\extensions\websitelogon@truesuite.com
[2012.10.27 14:09:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 02:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.07 23:46:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 02:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 02:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 02:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 02:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&client=ubuntu&channel=cs&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef\1.0_0\npwebsitelogon.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Disabled) = C:\Users\*****\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Disabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef\1.0_0\
CHR - Extension: PanicButton = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: AdBlock = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.49_0\
CHR - Extension: YouTube Options for Google Chrome\u2122 (Full Version) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.91_0\
CHR - Extension: YouTube Options for Google Chrome\u2122 (Full Version) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.92_0\
CHR - Extension: YouTube Options for Google Chrome\u2122 (Full Version) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.95_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.2.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3390718732-3328125451-2647672254-1000\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12E22028-499A-4723-AACB-1FE4C18A9C75}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.11 11:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.2
[2012.12.11 11:03:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GeoGebra 4.2
[2012.12.10 23:16:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2012.12.10 20:41:33 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.6
[2012.12.10 20:41:25 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2012.12.08 18:30:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes
[2012.12.08 18:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.08 18:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.08 18:30:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.08 18:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.28 18:18:55 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Fax
[2012.11.25 20:34:08 | 000,000,000 | R--D | C] -- C:\Users\*****\Contacts
[2012.11.24 18:54:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.11.24 17:16:26 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\MIDI
[2012.11.17 23:51:04 | 000,000,000 | ---D | C] -- C:\Users\*****\shared
[2012.11.17 23:29:20 | 000,000,000 | ---D | C] -- C:\Users\*****\VirtualBox VMs
[2012.11.17 23:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.11.17 16:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.11.17 16:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.11.15 08:30:49 | 000,000,000 | ---D | C] -- C:\Windows\fomus
[2012.11.15 08:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FOMUS
[2012.11.15 08:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FOMUS
[2012.11.15 08:04:56 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.15 08:04:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.15 08:00:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.15 08:00:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.15 08:00:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.15 08:00:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.15 08:00:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.15 08:00:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.15 08:00:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.15 08:00:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.15 07:59:59 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.15 07:59:59 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.15 07:59:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.15 07:59:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.15 07:59:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.15 07:59:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.15 07:59:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.15 00:45:59 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.15 00:45:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.15 00:45:58 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.15 00:45:58 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.14 22:43:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\MoreTerra
[2012.11.14 09:47:13 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.14 09:47:13 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.14 09:47:13 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.14 09:47:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.14 09:47:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.14 09:47:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.14 09:47:09 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.14 09:47:09 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.14 09:47:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.14 09:46:31 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.14 09:46:31 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.11 23:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.11 21:30:48 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.11 21:30:48 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.11 20:58:13 | 000,282,472 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.11 20:55:03 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.11 20:55:02 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.11 19:31:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.09 12:09:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.09 12:09:12 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.09 12:01:14 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.08 19:27:05 | 001,795,766 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.08 19:27:05 | 000,762,184 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.08 19:27:05 | 000,717,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.08 19:27:05 | 000,172,538 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.08 19:27:05 | 000,145,484 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.08 15:03:34 | 000,294,944 | ---- | M] () -- C:\Users\*****\Desktop\bookmarks.html
[2012.12.08 15:03:23 | 000,163,697 | ---- | M] () -- C:\Users\*****\Desktop\bookmarks-2012-12-08.json
[2012.12.08 15:01:42 | 000,053,565 | ---- | M] () -- C:\Users\*****\Desktop\bookmarks_08.12.12.html
[2012.12.05 11:52:12 | 000,313,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.28 18:33:31 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.11.28 18:33:31 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.11.28 18:33:31 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.11.28 18:33:31 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.11.25 13:05:47 | 000,002,418 | ---- | M] () -- C:\Users\*****\.lmmsrc.xml
[2012.11.25 12:33:02 | 000,067,664 | ---- | M] () -- C:\Users\*****\Desktop\Unbenannt.mscx
[2012.11.25 12:22:58 | 000,001,718 | ---- | M] () -- C:\Users\*****\Desktop\Unbenannt.mid
[2012.11.25 12:18:18 | 000,067,631 | ---- | M] () -- C:\Users\*****\Desktop\.Unbenannt.mscx,
[2012.11.25 11:44:52 | 000,005,231 | ---- | M] () -- C:\Users\*****\Desktop\OewSong.mscz
[2012.11.23 16:27:44 | 000,004,872 | ---- | M] () -- C:\Users\*****\Fragile_Blossom.mscz
[2012.11.17 23:27:11 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.11.17 01:16:37 | 000,001,263 | ---- | M] () -- C:\Users\*****\Desktop\GNU Solfege.lnk
[2012.11.16 23:16:42 | 000,113,492 | ---- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.11.15 08:22:12 | 000,000,017 | ---- | M] () -- C:\Users\*****\AppData\Local\resmon.resmoncfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.08 15:03:33 | 000,294,944 | ---- | C] () -- C:\Users\*****\Desktop\bookmarks.html
[2012.12.08 15:03:23 | 000,163,697 | ---- | C] () -- C:\Users\*****\Desktop\bookmarks-2012-12-08.json
[2012.12.08 15:01:42 | 000,053,565 | ---- | C] () -- C:\Users\*****\Desktop\bookmarks_08.12.12.html
[2012.12.05 11:51:57 | 000,313,256 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.25 12:22:58 | 000,001,718 | ---- | C] () -- C:\Users\*****\Desktop\Unbenannt.mid
[2012.11.25 11:51:32 | 000,067,664 | ---- | C] () -- C:\Users\*****\Desktop\Unbenannt.mscx
[2012.11.25 11:51:32 | 000,067,631 | ---- | C] () -- C:\Users\*****\Desktop\.Unbenannt.mscx,
[2012.11.25 11:39:14 | 000,005,231 | ---- | C] () -- C:\Users\*****\Desktop\OewSong.mscz
[2012.11.23 16:27:44 | 000,004,872 | ---- | C] () -- C:\Users\*****\Fragile_Blossom.mscz
[2012.11.17 23:27:11 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.11.17 01:16:37 | 000,001,263 | ---- | C] () -- C:\Users\*****\Desktop\GNU Solfege.lnk
[2012.11.16 23:16:42 | 000,113,492 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.11.15 08:22:12 | 000,000,017 | ---- | C] () -- C:\Users\*****\AppData\Local\resmon.resmoncfg
[2012.11.15 08:04:58 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 00:45:58 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.07.27 18:28:48 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ppa_service.exe
[2012.07.27 18:28:48 | 000,042,496 | ---- | C] () -- C:\Windows\SysWow64\ppa_service.dll
[2012.07.27 18:28:48 | 000,000,750 | ---- | C] () -- C:\Windows\SysWow64\ppa_service.dat
[2012.07.05 18:47:50 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.05.30 18:23:57 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.30 18:23:55 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc (1).exe
[2012.05.30 18:23:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.30 17:09:51 | 000,002,418 | ---- | C] () -- C:\Users\*****\.lmmsrc.xml
[2012.05.28 16:58:21 | 001,824,936 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.27 13:36:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.05.27 13:28:31 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.05.27 13:27:23 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.09.30 21:42:20 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.08.09 07:30:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.09 07:30:02 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.09 07:23:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.09 06:58:38 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.03.17 12:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Code:
OTL Extras logfile created on: 12.12.2012 00:11:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: ***** | Language: DE | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 3,56 Gb Available Physical Memory | 44,79% Memory free
15,90 Gb Paging File | 11,53 Gb Available in Paging File | 72,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,98 Gb Total Space | 384,42 Gb Free Space | 56,29% Space Free | Partition Type: NTFS
Drive D: | 15,36 Gb Total Space | 1,62 Gb Free Space | 10,54% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 177,68 Gb Free Space | 38,15% Space Free | Partition Type: NTFS
Computer Name: *****-HP | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06045455-6439-45BC-9D6C-C2A1EF48DBE1}" = lport=138 | protocol=17 | dir=in | app=system |
"{5AF54124-ED29-465B-9F43-36FD27F9969B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D8BCD35-C02F-4F85-9447-3D3B922AF4F1}" = lport=137 | protocol=17 | dir=in | app=system |
"{8122E5F2-6923-487D-803E-ED78036996AB}" = rport=137 | protocol=17 | dir=out | app=system |
"{925B33E1-9E79-4AD3-8CB0-6AACBC63B935}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF06C952-2152-4F93-8240-981D642855C4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF07723F-B615-4C8C-88E6-6F53A3486705}" = lport=445 | protocol=6 | dir=in | app=system |
"{B8A47CAA-81EF-448A-A42B-38FD93F1EE4B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7A94606-F782-4342-B711-C9DCEEC072AD}" = lport=139 | protocol=6 | dir=in | app=system |
"{E1337CD7-7370-46E6-8B69-C70205067611}" = rport=138 | protocol=17 | dir=out | app=system |
"{EFE20B8F-7D21-4C99-BBD8-BBE12496EA47}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0CDF0E1-AF08-4DD1-B66F-C75FF8B38A45}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FD4D9C17-8D5A-4157-9397-8983A98F5C22}" = rport=445 | protocol=6 | dir=out | app=system |
"{FF9DC254-FD3C-4B7C-8CBD-ABB5C553B80F}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015C7DE1-F148-453D-AF2E-E9EF9EAC98D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{059E5217-38D4-4D7C-973C-CC7983A8ABB2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{06CA8EF3-DC8E-4DB8-AB10-2D7F78B1BF4D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{0CCAB957-9329-4395-A1B4-A6BA0D698FE8}" = protocol=6 | dir=in | app=c:\games\crossfire\cf_g4box.exe |
"{0D92F206-E861-4261-B0AD-CC6C9909DF75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{112C7C2E-3E62-4E64-BE56-3623B3A754D4}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1374A5EC-44E6-4E0A-A037-827F9778E3FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{14B20748-AE77-4352-BC1E-C4605B28877A}" = protocol=6 | dir=in | app=c:\program files (x86)\national guard\guard shield\prism.exe |
"{16069B81-7681-46BE-ACDE-DC046FBB50D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{16A4FBFB-D9A8-477A-981C-F8C4700F077E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{17CBDFE5-D8E1-4C7A-B560-42E4226D43AC}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{1D92F5E3-A0FE-4139-8CA6-64F2146E2558}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{1F9F9146-F0D3-4EDE-A68B-680A40EFA138}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe |
"{207A4893-FED9-4F63-B03B-A4C77AE06C5E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{2211ADDD-150E-473E-A148-599B3467A3D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base 2007\hl2.exe |
"{2355BC12-2BCC-4E45-9D1C-3BAE3208FBD0}" = protocol=17 | dir=in | app=c:\games\xonotic\xonotic-x64.exe |
"{269E7799-7EB1-4A11-BC71-E47ADBA34831}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{30CF275E-8FFF-4F53-9DA9-F9D9722016D4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{357CAA22-2A41-407A-9DF3-CAE97ABEAE18}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{35C7C784-E7FE-483A-BAEA-697E6EF48747}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3948B197-DF03-4EE1-8F17-98AEB01BC241}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3AE44E47-6DD6-4DA1-AAB0-ACD7A2B8ABB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{3D791806-A4F2-4A07-9343-DCCE815C5C02}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{4ABDD5C5-BDEE-480C-8212-CF1BBE8AA38F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base 2007\hl2.exe |
"{4DF31977-ED5A-405A-B8DB-6CB9D1CB8018}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4F605C9F-BF68-449C-BEE1-3D03ADC269F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{505D7903-00D1-4FC5-BC64-68CA2C511434}" = protocol=17 | dir=in | app=c:\games\nightmare house 2\hl2.exe |
"{506C2841-C2D1-4D20-A90E-F67E309D5C62}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{523A16C5-C6BA-4E90-93BD-7D79E88B8ED8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{5535EC74-913B-451D-A09D-D148540BB070}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{55DDA4A0-7F11-4EEE-B71F-E81905DFA4EC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{57907C2A-52F0-4455-8F37-26EE584DE785}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{58FE87DD-D317-403A-B305-624E1F46D655}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{59ABA9DA-EB13-4068-9735-BF8C75709E8A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{5A1890E0-4B96-453F-81C7-ADD7E27477CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5C3EE307-CBC7-4487-AF78-B3F93AD0F107}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{5FFECAE9-4815-40ED-AEE0-16E11B90BC7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{66267216-AFAE-4867-8076-5FA0F7D4B93C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{731917A5-86BE-46BF-9FAE-83AE0AFE9A31}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{73E93EDD-C946-4EC4-8736-0EB65700F1A1}" = protocol=6 | dir=in | app=c:\games\xonotic\xonotic-x64.exe |
"{789A3061-7813-4F70-8E4D-16A6BACB47D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{7D2B0438-9994-45F4-A051-18A10ED32753}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7D9DD35F-BACA-4640-89D2-D090E881BEE8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{80F1E674-B00A-49BA-AE99-649D11BA6868}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{85FF6FF9-1FC1-4A77-9F05-7264CC9FF26C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base 2007\hl2.exe |
"{86F3DF1E-A5A1-4894-90AE-29FE612AECF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{8AE2A14A-CDFF-4EF3-B888-A99E1B2EFBCD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{8C72804F-29DA-45F7-A392-E256B6CA815E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{91768999-7095-4E46-BA50-3A1428C5878E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{918B84EA-9167-4D80-8B66-6060061FFABE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{93BA7A8A-8A5A-434B-B0B0-2F33F839C101}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{93FD4B8E-09F5-462E-909C-6134FBFCAA66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{9B22B830-135F-41C0-A748-B1C01AF71056}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{9C892C5D-2B38-4B9E-B04F-7F784D4B7481}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9FE2A01A-72A9-445C-A259-EEE6F6815C4B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{A1ED6253-B50B-45E0-B123-C69A9F38D9D7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{A34EE2FE-13EB-4869-9A16-71DB26BAA51F}" = protocol=6 | dir=in | app=c:\users\*****\downloads\tor browser\app\tor.exe |
"{A39BBFD7-3CEB-484B-82FE-CE46A1ACDDE6}" = protocol=6 | dir=in | app=c:\games\nightmare house 2\hl2.exe |
"{A3EA1257-1278-41C2-B509-19ACD8F0B7F6}" = protocol=17 | dir=in | app=c:\program files (x86)\national guard\guard shield\prism.exe |
"{A425BF66-BE0C-4946-BCD3-A3F1EFD8783A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{A5BFA90C-6669-4148-B518-EC37A8B21CBC}" = protocol=17 | dir=in | app=c:\games\crossfire\cf_g4box.exe |
"{A65BA528-F28C-4B98-BC95-71BFC27B4EC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{AAD45331-75FE-4BE3-BB7A-BE7DDBC3402F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{AB4E001A-8237-4BC0-9FCA-05E4E23FC090}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B0351117-C71E-4AED-B8B2-FCB7901C63F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{B0FC2BB8-CEB5-4258-94F3-41D4484C9742}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{B256F530-B091-484B-BF6C-E92BBC26764C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{B356A55C-7B75-475A-811F-E5938F3F13AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{B496C53D-793C-4CD6-9CE7-661EC09A13A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B9E527D9-AE3C-4845-AD5C-6B8F7075F67F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{C0EC5A92-D75D-49E6-8478-9EA9BC7E08A1}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{C1F3786C-CFDF-4081-8494-83DA68FE98B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{C6D61FE0-DF45-42E7-9C39-7BA6C925FE8B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{C9826A46-28B6-425B-955A-2ACA34116BDA}" = protocol=17 | dir=in | app=c:\users\*****\downloads\tor browser\app\tor.exe |
"{CACEB972-4660-4407-87E3-AE94CF4B063C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{CC3F73A2-6DC3-463C-928B-78A056106964}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base 2007\hl2.exe |
"{D4354B6E-1DC2-433E-8D6E-676F52F02FB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{E0AF9CA1-088C-4D39-BE68-FECA8AA7201C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E343B27C-6EF4-4CC1-8B34-0EC1968AD81E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{EA3CD729-7E96-479D-B1BC-A8A6D86D4D9B}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech touch mouse server\itouch-server-win.exe |
"{ED7B1E12-CDD3-4868-A9B5-D8EE5F9A5489}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{EF2D38B2-416C-48DB-BB4F-D86813A4E688}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F3883CA3-B174-4F83-9DF0-A142AA722351}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{F8FA7D28-E995-405C-BEF1-F3ED039D8244}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{FDC16F2B-5AF2-4E03-A753-8AA28558E615}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"TCP Query User{51EDEA88-A26C-40C6-9A80-1FECEF69DAA5}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"TCP Query User{64EA19F7-3E0F-4E35-93B1-8C9C7340A65E}C:\users\*****\downloads\tor browser\app\tor.exe" = protocol=6 | dir=in | app=c:\users\*****\downloads\tor browser\app\tor.exe |
"TCP Query User{67670ED8-B503-414D-B40A-89A3468EF46F}C:\games\xonotic\xonotic-x64.exe" = protocol=6 | dir=in | app=c:\games\xonotic\xonotic-x64.exe |
"TCP Query User{8B42AF2C-722C-46C2-B3B2-98730D383B49}C:\program files (x86)\steam\steamapps\temrix443\source sdk base\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base\hl2.exe |
"TCP Query User{8F65149A-314F-4540-9F3A-50FF15EBB3B1}C:\games\nexuiz\nexuiz.exe" = protocol=6 | dir=in | app=c:\games\nexuiz\nexuiz.exe |
"TCP Query User{912336E4-F163-4F2F-8AF7-7A57EF224003}C:\users\*****\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\*****\appdata\roaming\spotify\spotify.exe |
"TCP Query User{94321F4E-7AC5-4958-92A0-37A7FB4DBC6D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{953DAB61-1AD2-4461-903E-687ACF7E8CBA}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{99135E75-2CAD-4E3B-A761-6799336DDABD}C:\games\openarena-0.8.1\openarena.exe" = protocol=6 | dir=in | app=c:\games\openarena-0.8.1\openarena.exe |
"TCP Query User{AB48E917-8586-498F-9A61-78A75A1D6178}C:\games\nightmare house 2\hl2.exe" = protocol=6 | dir=in | app=c:\games\nightmare house 2\hl2.exe |
"TCP Query User{CF45FD96-66FA-4F69-BA27-E83C435926FB}C:\program files (x86)\supercollider-3.5.4\sclang.exe" = protocol=6 | dir=in | app=c:\program files (x86)\supercollider-3.5.4\sclang.exe |
"UDP Query User{1280C84D-0BC6-408E-96CA-34220CEAC700}C:\games\nexuiz\nexuiz.exe" = protocol=17 | dir=in | app=c:\games\nexuiz\nexuiz.exe |
"UDP Query User{33501019-3F83-4E51-8654-A0A4D4A1F895}C:\games\xonotic\xonotic-x64.exe" = protocol=17 | dir=in | app=c:\games\xonotic\xonotic-x64.exe |
"UDP Query User{35496D5F-7533-4659-BF42-387C451022B8}C:\users\*****\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\*****\appdata\roaming\spotify\spotify.exe |
"UDP Query User{388B14AE-59E2-4ADD-9B15-AD5A8E9D9CD8}C:\users\*****\downloads\tor browser\app\tor.exe" = protocol=17 | dir=in | app=c:\users\*****\downloads\tor browser\app\tor.exe |
"UDP Query User{5D0BC07D-B6D3-413F-A83D-AE9F91387B2D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{90E732C2-0E41-45E8-8D12-8D42D160B5A7}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"UDP Query User{97D9149A-634B-4260-9E8B-D0A8926ED07D}C:\games\openarena-0.8.1\openarena.exe" = protocol=17 | dir=in | app=c:\games\openarena-0.8.1\openarena.exe |
"UDP Query User{BEE2D61A-ACE4-40C4-94CA-ADE5B698D463}C:\games\nightmare house 2\hl2.exe" = protocol=17 | dir=in | app=c:\games\nightmare house 2\hl2.exe |
"UDP Query User{C01AFE9A-1E71-4BE9-91FF-9D973293BAFD}C:\program files (x86)\steam\steamapps\temrix443\source sdk base\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\temrix443\source sdk base\hl2.exe |
"UDP Query User{C35898DA-6A21-4B3C-9D45-E47D9AC0E167}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{F620CDC4-88CA-4C37-8C80-2063F5EB7C9A}C:\program files (x86)\supercollider-3.5.4\sclang.exe" = protocol=17 | dir=in | app=c:\program files (x86)\supercollider-3.5.4\sclang.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E086923-AAA3-4F98-A6E2-48B64CE27553}" = Native Instruments Reaktor Factory Selection
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{18369253-E53F-4A47-818E-082DFB950872}" = Yamaha USB-MIDI Driver
"{1876545F-47B1-80A7-2F98-D175DA98A392}" = ccc-utility64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2BBE23DB-F92C-4319-9179-7E79717EE9AC}" = Native Instruments Komplete 8 Players
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3BF3599D-7F28-C60B-1C5D-82BFD4E5EF33}" = AMD Catalyst Install Manager
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76785052-9E6A-4403-B06A-929B6BF9D742}" = HP 3D DriveGuard
"{794E5C90-96E5-4413-B3F5-C803205AE30C}" = Intel(R) PROSet/Wireless WiFi-Software
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7C54D017-21BB-43AE-9746-33E78AF4A425}" = Validity WBF DDK
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{867DE0DC-A93F-41EA-9654-A212514FA946}" = Oracle VM VirtualBox 4.2.4
"{8812511F-8D8C-49D3-A711-C9650B2F5566}" = Native Instruments Guitar Rig Factory Selection for Maschine
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E7D0A7F-B85F-44DC-8C1C-2A2C27BAEA0B}_is1" = Psycle 1.10.0 64 bits
"{904FBA88-9E59-423f-B1C7-E03C9B1AA2EE}" = Canon MP800R
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C7B40C35-85AE-4303-9EEA-1A1EA779664D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"LatencyMon_is1" = LatencyMon 4.01
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07AF6797-0CF6-FFBB-FDE3-CC51D3B5F342}" = Catalyst Control Center Graphics Previews Common
"{08523528-BA2F-43BB-87E3-252C081872B9}" = Catalyst Control Center - Branding
"{120F4744-38ED-FB1E-F313-A7A7E419A71E}" = CCC Help Chinese Traditional
"{135AAD7D-FB4A-800C-E7F2-58D02B936C38}" = Catalyst Control Center Localization All
"{178EA4CE-9622-76B4-308F-73FEC150DBB4}" = CCC Help Norwegian
"{1AE85A98-397D-B62B-0D21-3F7DC93F4F3A}" = CCC Help Swedish
"{1C34B2AF-0D61-1784-8BC8-219F969BEFD6}" = PX Profile Update
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{339F5A1B-8DB7-E4F8-0A07-EF35B60EBE53}" = CCC Help Portuguese
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{412308A1-73B4-A26B-57A8-BE827ADA9BF9}" = Catalyst Control Center Profiles Mobile
"{4741965C-AFD0-4D00-81D1-1039F96D4DC3}" = HP SimplePass 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3FCC59-5231-4634-882C-BF8B511392C5}" = calibre
"{4A6937DA-DABE-31C9-C433-D67C640B7BED}" = CCC Help Italian
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{52594AFD-2797-356A-CC6F-57047524F1E1}" = CCC Help Japanese
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{56B8673F-EC44-4891-9FB7-332EA0189BAB}" = FOMUS
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5B46CEC7-DAD0-46A2-BCD6-B46A3CFD9B61}" = Intel(R) Wireless Display
"{5C7F3D35-9018-A839-3B9C-E50B517B9458}" = CCC Help Hungarian
"{5CA75999-3DDE-7B58-3394-38A4E82D8466}" = Catalyst Control Center InstallProxy
"{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}" = LibreOffice 3.6
"{60CD8628-DDD9-B498-A368-D01A4793CCFA}" = CCC Help Dutch
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6866ADAD-71F1-D306-B979-6371D8C4411A}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76D0E682-0183-E295-FA4C-DA6763669CCA}" = CCC Help English
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DB85CDE-EC37-A333-05B1-23846D03F08D}" = CCC Help Russian
"{8F6285DB-2536-7EDE-23D2-CA10E2D6399C}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{AA16FAFC-CCD3-899B-2860-A709BDE31CDC}" = CCC Help Korean
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B357B619-36C5-7C1E-063B-92677609CB14}" = CCC Help Danish
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BDEB2CF5-C1C5-BCC8-DF29-1EE4CF389F9D}" = CCC Help Turkish
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C5D8263A-4D81-8979-91DE-B10120642FC5}" = Catalyst Control Center
"{C77157BC-EC21-422F-8901-64B3D34ED67D}" = LibreOffice 3.6 Help Pack (German)
"{CEEE5B98-96F1-2F1E-0627-853C5F98DE41}" = CCC Help Finnish
"{CF48FF43-B417-637C-C804-0F285FD7ED05}" = CCC Help Spanish
"{CF6A05D4-E715-BCF4-9ED2-A3307E386D28}" = CCC Help Czech
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{DB2C5E6A-CFDD-D6FD-480E-692EBEC17BFC}" = CCC Help Greek
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E59E0B3D-F840-5910-DF8C-73CFA82613C2}" = CCC Help Polish
"{E635F3DC-E92B-6E68-A2E7-BF77298E8584}" = PX Profile Update
"{E77268D6-5E7F-6DE1-34AC-A1A276710C21}" = CCC Help Chinese Standard
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F5C7356C-463C-75BC-E4E0-324E4516EB73}" = CCC Help Thai
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Areca" = Areca
"Audacity_is1" = Audacity 2.0
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Desura" = Desura
"Desura_78915729096720" = Desura: G String
"Digital Fake Book_is1" = Digital Fake Book Version 1.9.7
"DreamStation I" = DreamStation I
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"Free Audio Converter_is1" = Free Audio Converter version 5.0.20.1031
"GeoGebra" = GeoGebra
"GeoGebra 4.2" = GeoGebra 4.2
"GNU Solfege_is1" = GNU Solfege 3.20.6.1
"Grey" = Grey 1.1.0
"InstallShield_{18369253-E53F-4A47-818E-082DFB950872}" = Yamaha USB-MIDI Driver
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME_is1" = LAME v3.99.3 (for Windows)
"LastFM_is1" = Last.fm 1.5.4.27091
"LinuxLive USB Creator" = LinuxLive USB Creator
"lmms" = LMMS 0.4.13
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 2.1" = Canon MP Navigator 2.1
"Mp3tag" = Mp3tag v2.53
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Factory Selection for Maschine" = Native Instruments Guitar Rig Factory Selection for Maschine
"Native Instruments Komplete 8 Players" = Native Instruments Komplete 8 Players
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Factory Selection" = Native Instruments Reaktor Factory Selection
"Native Instruments Service Center" = Native Instruments Service Center
"NAV" = Norton AntiVirus
"NST" = Norton Identity Safe
"OpenAL" = OpenAL
"Origin" = Origin
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"Steam App 218" = Source SDK Base 2007
"TeamViewer 7" = TeamViewer 7
"TrueCrypt" = TrueCrypt
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WirisDesktop" = WIRIS Desktop
"ZynAddSubFX" = ZynAddSubFX 2.2.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3390718732-3328125451-2647672254-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameMaker81" = GameMaker 8.1
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.11.2012 15:35:45 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12995
Error - 29.11.2012 15:35:45 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12995
Error - 29.11.2012 15:35:46 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29.11.2012 15:35:46 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13993
Error - 29.11.2012 15:35:46 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13993
Error - 29.11.2012 15:35:47 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29.11.2012 15:35:47 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14992
Error - 29.11.2012 15:35:47 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14992
Error - 29.11.2012 15:35:48 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 29.11.2012 15:35:48 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15990
Error - 29.11.2012 15:35:48 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15990
Error - 29.11.2012 15:35:49 | Computer Name = *****-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
[ HP Connection Manager Events ]
Error - 27.05.2012 09:00:32 | Computer Name = *****-HP | Source = hpCMSrv | ID = 5
Description = 2012/05/27 15:00:32.101|00001470|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 27.05.2012 09:34:35 | Computer Name = *****-HP | Source = hpCMSrv | ID = 5
Description = 2012/05/27 15:34:35.341|000015C0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
[ System Events ]
Error - 25.10.2012 06:36:14 | Computer Name = *****-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 25.10.2012 06:51:12 | Computer Name = *****-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 26.10.2012 06:03:04 | Computer Name = *****-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.10.2012 19:28:00 | Computer Name = *****-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 27.10.2012 04:38:14 | Computer Name = *****-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?27.?10.?2012 um 01:32:37 unerwartet heruntergefahren.
Error - 27.10.2012 04:40:41 | Computer Name = *****-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 27.10.2012 08:54:32 | Computer Name = *****-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 27.10.2012 09:03:21 | Computer Name = *****-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 28.10.2012 06:07:59 | Computer Name = *****-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 29.10.2012 08:21:37 | Computer Name = *****-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Support Assistant Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report >
|
AdwCleaner auf deinen Desktop.