Mizraziel | 22.05.2013 08:05 | Guten Morgen!
Log hab ich gemacht, ich hoffe dich trifft nicht der Schlag... mir sagt das ganze rein garnichts :balla:
OTL Log: Code:
OTL logfile created on: 21.05.2013 19:57:23 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = e:\
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
11,99 Gb Total Physical Memory | 11,07 Gb Available Physical Memory | 92,36% Memory free
23,91 Gb Paging File | 23,34 Gb Available in Paging File | 97,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,26 Gb Total Space | 360,79 Gb Free Space | 25,82% Space Free | Partition Type: NTFS
Drive D: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 14,96 Gb Total Space | 14,95 Gb Free Space | 99,96% Space Free | Partition Type: FAT32
Computer Name: BERNHARD-PC | User Name: 26041984 | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.21 17:41:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- e:\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - [2012.06.11 19:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.05.29 16:29:52 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2008.05.24 02:58:53 | 001,040,552 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2008.05.24 02:58:45 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2013.05.15 20:30:16 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013.01.19 13:13:50 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.13 13:02:36 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2012.12.26 20:11:04 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.03 22:21:23 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.05.29 16:29:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 16:29:52 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.05.24 02:58:45 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2008.05.24 02:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)
SRV - [2007.04.13 17:49:00 | 000,101,528 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2007.02.08 16:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1c\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2013.02.24 17:38:49 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.11 21:03:26 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)
DRV:64bit: - [2012.06.11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.06.11 20:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.06.11 18:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 14:31:50 | 000,092,176 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdLH6.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.01.08 14:33:42 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07)
DRV:64bit: - [2010.11.26 14:52:28 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Treiber\vmm.sys -- (vmm)
DRV:64bit: - [2010.11.06 15:29:05 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.11.06 15:29:03 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.08.25 16:41:36 | 000,323,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008.06.17 09:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vcd10bus.sys -- (vcd10bus)
DRV:64bit: - [2008.02.05 02:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VMNetSrv.sys -- (VPCNetS2)
DRV:64bit: - [2006.11.01 09:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\MarvinBus64.sys -- (MarvinBus)
DRV - [2012.02.09 13:16:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2004.03.09 12:18:09 | 000,065,504 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.03.09 11:45:49 | 000,077,184 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.appsarefun.info/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://search.appsarefun.info/?l=1&q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?affID=121562&tt=gc_&babsrc=HP_ss&mntrId=08A2002618060F9A
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=121562&tt=gc_&babsrc=SP_ss&mntrId=08A2002618060F9A
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = hxxp://search.appsarefun.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 203.232.208.116:8080
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: "hxxp://search.appsarefun.info/?l=1&q="
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=121562&tt=gc_&babsrc=HP_ss_bad2g&mntrId=08A2002618060F9A"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.01 17:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.20 10:16:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.01 17:06:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.20 10:16:57 | 000,000,000 | ---D | M]
[2013.02.07 14:54:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\26041984\AppData\Roaming\mozilla\Extensions
[2013.02.09 17:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\26041984\AppData\Roaming\mozilla\Firefox\Profiles\raip0dwt.default\extensions
[2012.10.05 12:37:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\26041984\AppData\Roaming\mozilla\Firefox\Profiles\raip0dwt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.01.09 13:42:57 | 000,000,000 | ---D | M] (Download and Sa) -- C:\Users\26041984\AppData\Roaming\mozilla\Firefox\Profiles\raip0dwt.default\extensions\508d07926ab7a@508d07926abb4.com
[2013.02.09 17:31:10 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\26041984\AppData\Roaming\mozilla\Firefox\Profiles\raip0dwt.default\extensions\helperbar@helperbar.com
[2013.05.18 09:33:08 | 000,006,534 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\babylon.xml
[2013.01.11 21:04:03 | 000,002,432 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\babylon1.xml
[2013.05.18 09:33:08 | 000,006,534 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\BrowserProtect.xml
[2013.02.07 15:17:45 | 000,001,300 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\claro.xml
[2013.02.07 14:51:15 | 000,001,294 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\delta.xml
[2013.02.07 14:55:08 | 000,000,620 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\mozilla\firefox\profiles\raip0dwt.default\searchplugins\WebSearch.xml
[2013.02.07 14:54:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.19 13:13:46 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\mozilla firefox\extensions\{d060ed6d-48cb-0545-bc2c-3eaa1786e35f}
[2013.01.19 13:13:50 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2013.02.07 14:55:08 | 000,001,400 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.07 14:51:09 | 000,006,531 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.07 14:55:08 | 000,001,679 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.07 14:55:08 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.07 14:55:08 | 000,006,818 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.17 20:47:45 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2013.01.22 17:54:01 | 000,001,278 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.07 14:55:08 | 000,000,903 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://search.babylon.com/?affID=121562&tt=gc_&babsrc=HP_ss_bad2g&mntrId=08A2002618060F9A
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - Extension: QuickShare Widget = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Google Docs = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Download and Sa = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdcmjepiapeccnjgghnkinnghnamfoi\7.1_0\
CHR - Extension: Google Mail = C:\Users\26041984\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (QuickShare WidgetEngine) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (QuickShare WidgetEngine) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (Microsoft Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (QuickShare Widget) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (QuickShare Widget) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {98474E4F-5229-4CAC-9E28-6D52D992268D} hxxp://kpscddemo.ar-live.de/afc-frontend/main/Setup_AFC_ONLINE_2_7_0_3_STANDARD.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-35B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552440000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.153.32.129 213.153.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{584CE6E1-70AE-4C58-A3F4-BE1F299D3089}: DhcpNameServer = 213.153.32.129 213.153.32.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000 Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000 Winlogon: Shell - (C:\Users\26041984\AppData\Roaming\skype.dat) - C:\Users\26041984\AppData\Roaming\skype.dat ()
O24 - Desktop WallPaper: C:\Users\26041984\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\26041984\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\firefox.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ltu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pojytc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\firefox.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ltu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pojytc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.21 22:00:00 | 000,000,122 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2011.04.07 18:16:22 | 000,000,101 | ---- | M] () - E:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{b422589e-592a-11df-ab20-002618060f9a}\Shell\AutoRun\command - "" = G:\PMB_P.exe
O33 - MountPoints2\{e065c248-ad88-11de-99d1-002618060f9a}\Shell - "" = AutoRun
O33 - MountPoints2\{e065c248-ad88-11de-99d1-002618060f9a}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-559995923-1645723752-4187859042-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.21 19:11:55 | 000,000,000 | ---D | C] -- C:\FRST
[2013.05.20 22:32:32 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013.05.20 10:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spectrasonics
[2013.05.20 10:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spectrasonics
[2013.05.20 10:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\vstplugins
[2013.05.17 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\Drum n Bass Set
[2013.05.17 17:44:13 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.17 17:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.05.17 17:44:04 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\BabSolution
[2013.05.17 17:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013.05.17 17:43:57 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\Delta
[2013.05.16 20:13:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.16 20:13:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.16 20:13:02 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.16 20:13:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.16 20:13:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.16 20:13:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.16 20:13:01 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 20:13:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.16 20:13:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.16 20:13:01 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.16 20:13:01 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.16 20:13:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.16 20:13:00 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.16 20:13:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.16 20:13:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.15 15:44:59 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.12 18:21:56 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Local\Origin
[2013.05.12 18:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.05.12 17:25:30 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\Dom Rebel Ebay
[2013.05.11 18:56:16 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\Bilder
[2013.05.11 15:16:36 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\N95 Fotos
[2013.05.10 22:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2013.05.10 22:36:09 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinPlug Instruments
[2013.05.10 22:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinPlug Instruments
[2013.05.10 20:26:20 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2013.05.10 20:26:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2
[2013.05.10 20:26:10 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Image-Line
[2013.05.10 20:25:54 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2013.05.10 20:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2013.05.06 14:47:26 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\Schriften
[2013.05.05 22:00:00 | 000,000,000 | ---D | C] -- C:\Users\26041984\Documents\Desktop\Gimp Flyer
[2013.05.03 20:52:01 | 000,000,000 | ---D | C] -- C:\Users\26041984\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013.05.03 20:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013.04.24 08:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Lx_cats
[2013.04.24 08:28:12 | 000,000,000 | ---D | C] -- C:\logs
[2013.04.24 08:27:18 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lxdug.dll
[2013.04.24 08:25:42 | 000,065,536 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\lxducfg64.dll
[2013.04.24 08:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Ezprint
[2013.04.24 08:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Toolbar
[2013.04.24 08:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Printable Web
[2013.04.24 08:25:20 | 000,493,056 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\LXDUwupd.dll
[2013.04.24 08:25:20 | 000,019,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\LXDUwupd.exe
[2013.04.24 08:25:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 5600-6600 Series
[2013.04.24 08:24:55 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxdugf.dll
[2013.04.24 08:24:55 | 000,524,288 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduutil.dll
[2013.04.24 08:24:55 | 000,200,704 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduinsb.dll
[2013.04.24 08:24:55 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduins.dll
[2013.04.24 08:24:55 | 000,147,456 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdujswr.dll
[2013.04.24 08:24:55 | 000,126,976 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxdulnks.dll
[2013.04.24 08:24:55 | 000,114,688 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduinsr.dll
[2013.04.24 08:24:55 | 000,090,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducub.dll
[2013.04.24 08:24:55 | 000,081,920 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducu.dll
[2013.04.24 08:24:55 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducur.dll
[2013.04.24 08:24:54 | 000,077,906 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXDUcfg.dll
[2013.04.24 08:24:43 | 000,743,936 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxduutil.dll
[2013.04.24 08:24:42 | 000,235,520 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxduins.dll
[2013.04.24 08:24:42 | 000,183,296 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxduinsb.dll
[2013.04.24 08:24:42 | 000,133,120 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdujswr.dll
[2013.04.24 08:24:42 | 000,097,280 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxduinsr.dll
[2013.04.24 08:24:41 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lxdugf.dll
[2013.04.24 08:24:41 | 000,104,448 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxducu.dll
[2013.04.24 08:24:41 | 000,073,216 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxducub.dll
[2013.04.24 08:24:41 | 000,023,552 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxducur.dll
[2013.04.24 08:24:40 | 000,065,536 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\LXDUcfg.dll
[2013.04.24 08:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark 5600-6600 Series
[2013.04.24 08:24:25 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 5600-6600 Series
[2011.03.23 20:03:06 | 113,554,016 | ---- | C] (Kaspersky Lab) -- C:\Users\26041984\AppData\Roaming\kis11.0.2.556en.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.21 20:00:10 | 001,721,094 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.21 20:00:10 | 000,735,946 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.21 20:00:10 | 000,677,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.21 20:00:10 | 000,170,202 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.21 20:00:10 | 000,139,866 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.21 19:54:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.21 19:50:05 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:50:05 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:40:16 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\OptimizerPro1UpdaterTask{CE460A30-D7D3-478B-BB03-DDDADF18B3E8}.job
[2013.05.21 19:18:08 | 000,000,732 | ---- | M] () -- C:\Users\26041984\AppData\Local\d3d9caps64.dat
[2013.05.21 18:23:46 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.21 18:23:22 | 000,000,004 | ---- | M] () -- C:\Users\26041984\AppData\Roaming\skype.ini
[2013.05.20 19:33:52 | 000,002,032 | ---- | M] () -- C:\Users\26041984\AppData\Local\d3d9caps.dat
[2013.05.20 18:32:08 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.20 17:29:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.20 10:16:57 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.05.19 11:13:21 | 000,065,536 | ---- | M] () -- C:\Users\26041984\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.18 10:46:42 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.05.18 10:46:42 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.05.18 10:46:34 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.05.17 07:18:39 | 005,229,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.15 20:30:16 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 20:30:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.12 18:19:37 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.05.10 20:26:13 | 000,000,994 | ---- | M] () -- C:\Users\26041984\Documents\Desktop\FL Studio 10.lnk
[2013.05.09 17:05:18 | 000,020,194 | ---- | M] () -- C:\Users\26041984\Documents\Desktop\Hotel Tour.odt
[2013.05.07 21:15:21 | 000,016,170 | ---- | M] () -- C:\Users\26041984\.recently-used.xbel
[2013.04.24 08:28:16 | 000,107,840 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.20 17:51:28 | 000,000,004 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\skype.ini
[2013.05.12 18:19:37 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.05.10 20:26:13 | 000,000,994 | ---- | C] () -- C:\Users\26041984\Documents\Desktop\FL Studio 10.lnk
[2013.05.07 21:15:21 | 000,016,170 | ---- | C] () -- C:\Users\26041984\.recently-used.xbel
[2013.05.06 14:57:36 | 000,020,194 | ---- | C] () -- C:\Users\26041984\Documents\Desktop\Hotel Tour.odt
[2013.04.24 08:27:18 | 000,065,632 | ---- | C] () -- C:\Windows\SysNative\lxduprpr.chm
[2013.04.24 08:27:17 | 000,617,984 | ---- | C] () -- C:\Windows\SysNative\lxducoin.dll
[2013.04.24 08:26:35 | 000,109,056 | ---- | C] () -- C:\Windows\SysNative\lxduvs.dll
[2013.04.24 08:25:42 | 001,416,192 | ---- | C] () -- C:\Windows\SysNative\lxdudrs64.dll
[2013.04.24 08:25:42 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2013.04.24 08:25:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2013.04.24 08:25:42 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2013.04.24 08:25:42 | 000,054,784 | ---- | C] () -- C:\Windows\SysNative\lxducnv464.dll
[2013.04.24 08:25:42 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\lxducaps64.dll
[2013.04.24 08:25:24 | 000,000,044 | ---- | C] () -- C:\Windows\SysNative\lxdurwrd.ini
[2013.04.24 08:24:56 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2013.04.24 08:24:56 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2013.04.24 08:24:55 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2013.04.24 08:24:55 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2013.04.24 08:24:55 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2013.04.24 08:24:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2013.04.24 08:24:55 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2013.04.24 08:24:54 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2013.04.24 08:24:54 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2013.04.24 08:24:54 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2013.04.24 08:24:54 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2013.04.24 08:24:54 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2013.04.24 08:24:54 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2013.04.24 08:24:54 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2013.04.24 08:24:54 | 000,001,867 | ---- | C] () -- C:\Windows\SysWow64\lxdu.loc
[2013.04.24 08:24:43 | 000,680,960 | ---- | C] ( ) -- C:\Windows\SysNative\LXDUhcp.dll
[2013.04.24 08:24:43 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\LXDUinst.dll
[2013.04.24 08:24:43 | 000,548,864 | ---- | C] ( ) -- C:\Windows\SysNative\lxduinpa.dll
[2013.04.24 08:24:43 | 000,513,024 | ---- | C] ( ) -- C:\Windows\SysNative\lxduiesc.dll
[2013.04.24 08:24:43 | 000,107,840 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2013.04.24 08:24:42 | 001,660,928 | ---- | C] ( ) -- C:\Windows\SysNative\lxduserv.dll
[2013.04.24 08:24:42 | 001,337,344 | ---- | C] ( ) -- C:\Windows\SysNative\lxduusb1.dll
[2013.04.24 08:24:42 | 000,982,016 | ---- | C] ( ) -- C:\Windows\SysNative\lxdupmui.dll
[2013.04.24 08:24:42 | 000,896,000 | ---- | C] ( ) -- C:\Windows\SysNative\lxdulmpm.dll
[2013.04.24 08:24:42 | 000,525,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxduih.exe
[2013.04.24 08:24:41 | 001,291,264 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomc.dll
[2013.04.24 08:24:41 | 001,090,560 | ---- | C] ( ) -- C:\Windows\SysNative\lxduhbn3.dll
[2013.04.24 08:24:41 | 001,040,552 | ---- | C] ( ) -- C:\Windows\SysNative\lxducoms.exe
[2013.04.24 08:24:41 | 000,581,632 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomm.dll
[2013.04.24 08:24:41 | 000,300,032 | ---- | C] () -- C:\Windows\SysNative\lxdugrd.dll
[2013.04.24 08:24:40 | 000,614,056 | ---- | C] ( ) -- C:\Windows\SysNative\lxducfg.exe
[2013.04.24 08:24:40 | 000,001,867 | ---- | C] () -- C:\Windows\SysNative\lxdu.loc
[2013.01.09 23:15:17 | 000,000,000 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.08.31 16:48:02 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad
[2012.05.22 16:10:01 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\OptCVw7.dll
[2012.05.22 16:10:01 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\OptCVm6.dll
[2012.05.22 16:10:01 | 000,114,749 | ---- | C] () -- C:\Windows\SysWow64\cxts001.dll
[2012.05.22 16:10:01 | 000,057,400 | ---- | C] () -- C:\Windows\SysWow64\trs.dll
[2012.05.22 16:10:00 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\OptCVa6.dll
[2012.05.22 16:09:57 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\BS_Register.exe
[2012.03.26 14:40:06 | 000,017,408 | ---- | C] () -- C:\Users\26041984\AppData\Local\WebpageIcons.db
[2012.02.12 19:57:10 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2012.01.20 15:57:35 | 011,481,088 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\Sandra.mdb
[2012.01.16 21:58:12 | 000,000,552 | ---- | C] () -- C:\Users\26041984\AppData\Local\d3d8caps.dat
[2012.01.11 19:30:30 | 000,098,304 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\skype.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.10.25 13:10:32 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.25 13:10:29 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.21 11:20:04 | 000,000,084 | ---- | C] () -- C:\Windows\wininit.ini
[2011.07.13 23:37:07 | 000,002,844 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\8E16.F0C
[2011.06.06 10:33:26 | 000,000,000 | ---- | C] () -- C:\Users\26041984\AppData\Local\pojytc.exe
[2011.06.06 08:08:45 | 000,012,196 | -HS- | C] () -- C:\Users\26041984\AppData\Local\w750dc15gj4lahb7v3a
[2011.06.06 08:08:45 | 000,012,196 | -HS- | C] () -- C:\ProgramData\w750dc15gj4lahb7v3a
[2011.06.06 08:08:44 | 000,000,000 | -HS- | C] () -- C:\Users\26041984\AppData\Local\hoj.exe
[2011.06.05 20:32:58 | 000,000,051 | ---- | C] () -- C:\Users\26041984\AppData\Local\Tempzx58.bat
[2011.06.05 20:32:46 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\sshnas21.dll
[2011.03.25 23:09:58 | 000,000,000 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\GD1.exe
[2010.08.01 00:16:34 | 000,000,048 | ---- | C] () -- C:\Users\26041984\.gtk-bookmarks
[2010.07.13 19:25:38 | 000,002,032 | ---- | C] () -- C:\Users\26041984\AppData\Local\d3d9caps.dat
[2010.07.13 14:18:23 | 000,000,000 | ---- | C] () -- C:\Users\26041984\AppData\Roaming\chrtmp
[2010.01.25 15:23:32 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.01.25 15:23:32 | 000,000,088 | RHS- | C] () -- C:\ProgramData\E3DE922DB1.sys
[2009.09.20 16:59:40 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.09.06 19:53:48 | 000,065,536 | ---- | C] () -- C:\Users\26041984\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.03 20:12:33 | 000,000,096 | ---- | C] () -- C:\Users\26041984\AppData\Local\fusioncache.dat
[2009.08.31 20:35:03 | 000,001,024 | ---- | C] () -- C:\Users\26041984\.rnd
[2009.08.31 15:34:54 | 000,000,732 | ---- | C] () -- C:\Users\26041984\AppData\Local\d3d9caps64.dat
[2006.06.12 14:09:08 | 000,000,751 | -H-- | C] () -- C:\Users\26041984\AppData\Roaming\logs.dat
========== ZeroAccess Check ==========
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 481 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
Extra Log: Code:
OTL Extras logfile created on: 21.05.2013 19:57:23 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = e:\
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
11,99 Gb Total Physical Memory | 11,07 Gb Available Physical Memory | 92,36% Memory free
23,91 Gb Paging File | 23,34 Gb Available in Paging File | 97,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,26 Gb Total Space | 360,79 Gb Free Space | 25,82% Space Free | Partition Type: NTFS
Drive D: | 4,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 14,96 Gb Total Space | 14,95 Gb Free Space | 99,96% Space Free | Partition Type: FAT32
Computer Name: BERNHARD-PC | User Name: 26041984 | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Weltbild\Weltbild Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Weltbild Fotoservice] -- "C:\Program Files (x86)\Weltbild\Weltbild Fotoservice\Weltbild Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\Weltbild\Weltbild Fotoservice\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Weltbild Fotoservice] -- "C:\Program Files (x86)\Weltbild\Weltbild Fotoservice\Weltbild Fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 83 81 A0 C6 C3 5E CA 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A9C5BE-5526-465F-B746-FEA072FE9E8B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{01FAEA64-6053-43AD-A608-AC577A478E9E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0551118D-B902-4C20-8ECD-7EBF645875B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{06B3EF0A-DC0F-47A0-8DE3-BC5FC3419766}" = lport=445 | protocol=6 | dir=in | app=system |
"{1051AF82-8A9A-429C-A36B-1F5DA2252F41}" = rport=138 | protocol=17 | dir=out | app=system |
"{1178AFDE-D800-4A9F-84C6-4C9811DD6DBC}" = lport=53 | protocol=17 | dir=in | name=promo |
"{2C8AFB52-C2E9-4288-922F-3C82306ED479}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{40D1F63C-35E5-4F4F-9C8A-7B174427C54F}" = lport=137 | protocol=17 | dir=in | app=system |
"{45C1D114-4E88-4B44-9701-191B8B6EF01C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4F766484-83FE-4433-AF30-F96E51B042EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5DC94742-D6EC-4071-897B-0A9A8B9D439F}" = rport=139 | protocol=6 | dir=out | app=system |
"{63BFC7C7-764F-4F42-9772-939F135E38A5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6BEE04EE-70EA-47FE-A89D-2C8D6443DC5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6C2C8CE7-0E3A-4FA9-A865-DB0CFE7078E3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6CBEFBA6-4FC2-4B29-B935-5F82487A745C}" = rport=137 | protocol=17 | dir=out | app=system |
"{709AAE6C-5339-40A7-9E19-407BCB457E7E}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp1c\rpcagentsrv.exe |
"{761330B4-9CB9-4C02-9376-24A4AE93D815}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A53B3EA-316E-4FBE-A04F-70EE0E1C4E86}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A6D7ED6F-0C87-458C-B48E-70167F683739}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B8D7A857-6C1A-43E2-978E-D918F80D9698}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BE59C4E7-552C-4EDC-929B-741BFACCFD46}" = lport=80 | protocol=6 | dir=in | name=promo |
"{C85CC53D-F35F-405B-879B-7A1B1B72ABED}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CC9341D5-6979-488B-97F5-0C001F701193}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E47A3AB5-4958-438C-AC4B-33DA3160B22F}" = lport=139 | protocol=6 | dir=in | app=system |
"{E589779A-F632-4C4D-9286-2744AAC8E9F7}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp1c\wnt500x64\rpcsandrasrv.exe |
"{F60C2ECB-2A04-4118-969A-300BF35F1AC3}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008ECBA6-C7AE-4A9E-8249-8F4DA14CAC0C}" = protocol=17 | dir=in | app=c:\program files (x86)\dead space 3\deadspace3.exe |
"{019A8EE2-9CBC-4560-9CC2-DC43ABF95A14}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{021AA6EE-8408-4050-BFA8-0CC991EBAE99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{042CC3DC-E0DF-45CA-99C0-ABBA5747F838}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{09BA465F-164D-424C-9BA3-060E946A1DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{0B2A81FB-4B4B-4C14-928A-39F71421274F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{0D4BD6C6-A775-43F6-B7F0-41A6A427201D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0DDA0919-A8E9-4E13-B046-AAB0DAFAC2CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{101B9FD1-4317-4CEB-B094-ECF7FA205178}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1422D702-352D-46A0-9F8E-ADC6378C3B59}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1AA440A2-98E1-44C8-95A6-842E98BC7DA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{1C3FCBDD-9F3A-4760-9991-F3B4BEE96B57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{1CE7E68C-576D-4CC4-8C5E-3B6107372A88}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1EB8D8AC-0570-4AD3-9482-72EA3B98FBC4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{1EEB4C03-BAF7-45BC-B473-DB464F661B41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1F2C7BD9-80EE-4BE9-8695-2796FD231E20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{20B15E53-6920-482A-9B85-20F9DE406985}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{20E98FB9-601B-4D15-AAAB-4152A9C800A9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{2A592AF7-B88C-4A2B-84AE-0A00586186FC}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{2E47FF5C-903D-49E6-9E51-7EC3FC45EAA6}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{339FE3FA-78E6-47A2-9020-85C658CA656A}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxducoms.exe |
"{38AD968B-B921-40D4-8185-F005862E75F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{39F60736-6B39-474A-A60E-C910700CE482}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{44DF6EDC-D15F-4FF0-ABF8-0049F297B2C2}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{44E2E59C-38DB-4DD7-B2B7-62493048C2F3}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{4F23E7FF-921C-48A5-9165-95F093B85296}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5387534E-67A4-4DE2-A537-8C801F70ED01}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{572AA8C1-F502-4FF2-924D-3DBCDCED3FDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{58AFCBFB-96CF-4FF1-887C-FE7E767AC8B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{626C5046-C326-4B28-A58A-D2261D85372D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{65EFC742-0D2E-45C7-853E-5CE0C647CBFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{67A5BA5F-943E-44E3-A119-A74DDACA5095}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{67EC4B95-4CD0-4C67-94C9-2FA22DCA209C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{68839C87-C61D-4F52-8941-7A6580E18DC5}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{696D5330-FA39-4CAD-BDE8-32CCB2C0EF33}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{6C013D79-093B-4574-B0DE-2E152C37C7AD}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe |
"{6D96F7BF-A932-4ACE-8D74-B7AE01649143}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E489681-0B13-4DC5-9028-DA9D1E97C0E8}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{72D53D15-4935-4F07-B065-FCB53274EB37}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{7871A8D0-953F-4D7F-8BCA-29CB0385E0CC}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{7C71A42A-1C29-4466-8462-CB1752AAB749}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7E766D89-8843-4D6B-82D5-8B3015698772}" = protocol=6 | dir=in | app=c:\program files (x86)\dead space 3\deadspace3.exe |
"{86A79F65-126B-4465-9A83-851E09368737}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{88CD9395-FA1B-4388-A5BF-D722C97A0EC5}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{8BB8DC36-6529-4D67-9688-8E4A37D5C8C3}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{8F44F797-F100-4E20-8D97-A28D1F6FC379}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{96B7AD79-DD92-430F-AFFF-95261EEA540C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9C4332EA-8B1E-4E8A-A13F-909265CBB32B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D8E05F5-C3B0-4554-837C-A6D4B19DD7D7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{9F114C4E-94E8-45B8-8B98-1F1BBF953C85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9FF2976B-8E69-43AE-8266-F7E0384BCD2C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{A06E951B-2536-468A-8D5A-1AF03F43A27A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{A11FF59D-F5D7-419E-8776-9E0C930C5B16}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\singularity(tm)\binaries\singularity.exe |
"{A5CBA5F8-FE11-4322-AAF6-0E5860B46700}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{AA043BE1-746E-43FF-B758-E656FED02A6D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{AD9BB1C2-C15E-4AE2-AC60-C37084F1E73E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{AF165D08-B71E-48C8-A31F-CE72BB253130}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{B1CC4E03-BDFF-4DFD-891F-A456DD2571F0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{C2BC71E6-4BD3-4CC2-8151-815F2670CA4D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{C5B4707B-F05F-4816-B6B1-0BD55B16EAC0}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C5D9726F-F796-48BE-AF11-D47DB8FC5BCF}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{CB31C134-72FC-4A91-B4CD-28FF919AA1DC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CD042E78-B7DB-4C4C-92EF-C60E00FE7C78}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{CE599814-AB56-4C17-A4C5-54ED14CA7818}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D2935BF9-D212-4D9B-AB21-0C0F508DF116}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{D70E6D0E-0402-4A06-9DB4-1E5BCCEAD66A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D711673A-612E-4538-93BE-B90CF5DFEA25}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D74CCD72-719F-4DBA-9521-CA73EA5AF1EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DA398515-9E0A-4029-AF4E-7E0C25D17774}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{DB1B2C29-8415-47C2-A70E-89A6B98069B9}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{E054EF7F-BB06-4B1D-ABC0-0C74D11FC07C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E3316986-76FA-4D5D-BD09-F47379478326}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{E35C34E9-8A41-46B3-8054-B4A31DB6B83D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{E74A46A5-A0D2-4833-B081-8A1C3F66C2D1}" = dir=in | app=c:\program files (x86)\namco bandai games\darksouls\darksouls.exe |
"{EBBD98BC-C53C-4F44-833D-AAEDF5D443B4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC576EED-4926-4069-93E1-98CFE9992C85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{ED1EF53F-A855-4526-8D51-F9AB8F3BA4B9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{F5CDBB41-9938-4BAC-9D58-4E3C40C18933}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F7AF2413-E934-4372-9870-51661A2E8A3B}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxducoms.exe |
"{FACE2314-90B4-487D-BA49-330697C201C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FB322ACE-0E0F-4FF1-A600-74B827BF4291}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"TCP Query User{0387AEE8-2225-4BAF-97C0-A14FDC9CB237}C:\users\26041984\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\26041984\appdata\local\akamai\netsession_win.exe |
"TCP Query User{0D2DDE5C-5B65-4D6E-A788-2F6C97CB0303}C:\program files (x86)\thechineseroom\dear esther\dearesther.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thechineseroom\dear esther\dearesther.exe | |
"TCP Query User{23467979-402A-4E2D-A71D-EA5D0F48E4F2}C:\program files (x86)\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty black ops\blackops.exe |
"TCP Query User{7558BB42-5AA8-43ED-9881-6DFD3F5B9208}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{76711AD7-95BB-4DA8-ADD4-768ECFB9548F}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"TCP Query User{7F0C6C3D-394C-4E77-83B7-A382D1A8B370}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{817FA09A-4B52-414F-9739-FD299E2758B6}C:\users\26041984\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\26041984\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8C75697C-0114-4BDF-95E4-420281AE6EC4}C:\program files (x86)\steam\steamapps\aeanchopper\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\aeanchopper\counter-strike source\hl2.exe |
"TCP Query User{A22C906E-0EF5-4A8F-A8B6-D9524F0DE80B}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe |
"TCP Query User{CCEF3904-E555-4C35-A520-41DE6B47B841}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{D028FDB8-B31C-4918-BAE6-058BA01ACC04}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe | |
"UDP Query User{2C8B79A0-F4D9-4224-8DE0-61F58155EC76}C:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"UDP Query User{32C9134A-B4FE-4037-97DA-7BEF3C294049}C:\users\26041984\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\26041984\appdata\local\akamai\netsession_win.exe |
"UDP Query User{46A0AC15-7457-4818-A8A4-5F99C2932A97}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{5AD51E01-CF47-4B43-97D0-2B42A76E6D4F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{8924415C-7ADC-4F49-979C-5B4000695A78}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{8B44C48D-E1A9-4B08-AC1D-BF43038A1773}C:\program files (x86)\electronic arts\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\dead space\dead space.exe |
"UDP Query User{90D25349-5747-4611-8F51-F0231C6F2AD7}C:\program files (x86)\steam\steamapps\aeanchopper\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\aeanchopper\counter-strike source\hl2.exe |
"UDP Query User{C7E7ED98-2114-4D8C-8C84-824376F6A449}C:\program files (x86)\thechineseroom\dear esther\dearesther.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thechineseroom\dear esther\dearesther.exe |
"UDP Query User{CFACFB4A-DCDF-4144-9489-C61D30D586D9}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe |
"UDP Query User{D8A6D0A8-0D8D-451D-BC66-D3BD9B582FC1}C:\program files (x86)\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty black ops\blackops.exe |
"UDP Query User{E30D40EE-4DB6-4B21-98B2-AB82F78D52E4}C:\users\26041984\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\26041984\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CB2E2BC-A312-5821-C5C7-A295A1BEFD08}" = AMD Catalyst Install Manager
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A85E8AD-6CF6-D3D1-2280-420452F5E1EE}" = ATI AVIVO64 Codecs
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}" = GEAR driver installer for AMD64 and Intel EM64T
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6EBA183A-EFD3-4FF4-BC00-9A9B97EA7A10}" = MAGIX Speed burnR (MSI)
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDC742CC-2382-4E49-8B59-A6EC368F94D4}" = PC Connectivity Solution 64-bit components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"OptimizerPro1" = OptimizerPro1
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198573D8-60B3-4BBA-9B35-A8D2AFA8B5C0}" = MAGIX Music Maker 17 Premium (Sound package)
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All
"{23D41E39-79E7-4029-81CD-F23E6F3B9364}" = MAGIX Music Maker MX Premium
"{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = Catalyst Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{364687E1-D0CC-4B91-B310-6C5ED28C1031}" = Nero 8
"{36B5C759-4243-48A4-A0C9-CAB0263DFF4C}" = MAGIX Screenshare
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3D8D8094-9789-402E-BD28-337343F1DE6F}" = Samplitude Music Studio 17 Download-Version
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R)
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5D58EACA-0317-4CFF-9E13-53CCD525DE32}" = Catalyst Control Center InstallProxy
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7E4B7FD9-4ECE-4298-A910-3160B7918059}" = CryEngine(R)2 Sandbox(TM)2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2009-07-28
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.5 - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B352D3F6-352B-4031-9C79-2C7A26062BBC}" = MAGIX Music Maker 17 Premium (Synthesizer and effects)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF103EDA-7937-4966-8EFB-5EF5C38301F2}" = simplitec simplicheck
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E4C27ADB-3345-4299-82F8-9250DFF47156}" = MAGIX Music Maker 17 Premium (Demo songs)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8B708FF-D116-0D4D-DC14-72827A219D54}" = HydraVision
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{EEE692AE-E71E-4EA2-BF29-BF70811A6476}" = MAGIX Music Maker MX Premium Update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D49A81-DFD1-4580-B7B3-B5990F64C0EC}" = QuickShare
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4884EA7-CF31-4E87-B840-CFE161BD81D3}" = MAGIX Music Maker 17 Premium (Instrument package 3)
"{F8BD7716-7362-4553-9890-378322F2C0CC}" = DENON DJ ASIO Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ASIO4ALL" = ASIO4ALL
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Audio Editor_is1" = AVS Audio Editor 7.1
"AVS Audio Recorder_is1" = AVS Audio Recorder version 4.0
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Battlelog Web Plugins" = Battlelog Web Plugins
"Black Mirror 2_is1" = Black Mirror 2
"Black Mirror III_is1" = Black Mirror III
"Black Mirror_is1" = Black Mirror 1.0de
"Call of Duty Black Ops_is1" = Call of Duty Black Ops
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"CANONIJPLM100" = PIXMA Extended Survey Program
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis Wars(R)" = Crysis Wars(R)
"Dear Esther_is1" = Dear Esther
"delta" = Delta toolbar
"DPP" = Canon Utilities Digital Photo Professional 3.8
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EOS Utility" = Canon Utilities EOS Utility
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"Free AVI Video Converter_is1" = Free AVI Video Converter version 5.0.19.1015
"Free Studio_is1" = Free Studio version 5.0.9
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Game Booster_is1" = Game Booster 3
"GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"InstallShield_{362C6A81-4C88-4B26-8C79-B2EE0076F65F}" = Wolfenstein(TM) 1.11 Patch
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"Linplug Albino v2.1" = Linplug Albino v2.1
"Mafia II_is1" = Mafia II
"MAGIX Music Maker 16 Premium Download-Version D" = MAGIX Music Maker 16 Premium Download-Version
"MAGIX_{6EBA183A-EFD3-4FF4-BC00-9A9B97EA7A10}" = MAGIX Speed burnR (MSI)
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"MAGIX_MSI_mm18dlx" = MAGIX Music Maker MX Premium
"MAGIX_MSI_ms17dlx" = Samplitude Music Studio 17 Download-Version
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.47b
"Mster" = Crysis Modification - Mster Config v3.01
"OpenAL" = OpenAL
"Origin" = Origin
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"TuneUpMedia" = TuneUp 2.4.6.4
"Uninstall_is1" = Uninstall 1.0.0.1
"Uplay" = Uplay
"VLC media player" = VLC media player 1.1.9
"Weltbild Fotoservice" = Weltbild Fotoservice
"WFTK" = Canon Utilities WFT Utility
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-559995923-1645723752-4187859042-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.05.2013 11:23:34 | Computer Name = Bernhard-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul mshtml.dll, Version 9.0.8112.16484, Zeitstempel
0x5186b207, Ausnahmecode 0xc00002b4, Fehleroffset 0x00414f38, Prozess-ID 0x844, Anwendungsstartzeit
01ce56370b523527.
Error - 21.05.2013 11:23:38 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2013 11:23:57 | Computer Name = Bernhard-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\System32\CanonIJ
Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series\DelDrv.exe".
Fehler in Manifest- oder Richtliniendatei "C:\Windows\System32\CanonIJ Uninstaller
Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series\DelDrv.exe"
in Zeile 0. Ungültige XML-Syntax.
Error - 21.05.2013 11:23:57 | Computer Name = Bernhard-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\System32\CanonIJ
Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series\DelDrv.exe".
Fehler in Manifest- oder Richtliniendatei "C:\Windows\System32\CanonIJ Uninstaller
Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series\DelDrv.exe"
in Zeile 0. Ungültige XML-Syntax.
Error - 21.05.2013 11:30:12 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2013 11:50:54 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2013 12:23:23 | Computer Name = Bernhard-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6001.18000, Zeitstempel
0x47918b89, fehlerhaftes Modul mshtml.dll, Version 9.0.8112.16484, Zeitstempel
0x5186b207, Ausnahmecode 0xc00002b4, Fehleroffset 0x00414f38, Prozess-ID 0xb50, Anwendungsstartzeit
01ce563f715a39d8.
Error - 21.05.2013 12:28:06 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2013 13:41:23 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2013 13:55:08 | Computer Name = Bernhard-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2013 13:55:09 | Computer Name = Bernhard-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
DANKE!!! |