| MrMatrix | 07.07.2013 00:11 |
Ok, sollte kein Problem sein. Leider habe ich die bisherigen Scans nicht mit der Log-Datei gespeichert. Malwarebytes Logdatei
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.07.05.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
MrMatrix :: CORE2DUO [Administrator]
Schutz: Aktiviert
06.07.2013 02:17:45
mbam-log-2013-07-06 (02-17-45).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 548162
Laufzeit: 3 Stunde(n), 13 Minute(n), 45 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\MrMatrix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\4dd97ad9-65b35511 (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende) OTL Logdateien
OTL.txt Datei
OTL Logfile: Code:
OTL logfile created on: 07.07.2013 00:24:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MrMatrix\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 71,96% Memory free
15,95 Gb Paging File | 13,12 Gb Available in Paging File | 82,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 622,42 Gb Free Space | 66,82% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 284,11 Gb Free Space | 95,31% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 25,02 Gb Free Space | 5,37% Space Free | Partition Type: NTFS
Computer Name: CORE2DUO | User Name: MrMatrix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.07.07 00:23:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MrMatrix\Desktop\OTL.exe
PRC - [2013.07.03 08:13:22 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.07.02 19:45:48 | 000,239,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
PRC - [2013.06.27 16:13:29 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.06.27 16:13:22 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.06.27 16:13:22 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.06.13 11:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.06.11 22:05:09 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
PRC - [2013.06.05 14:18:06 | 001,039,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
PRC - [2013.06.03 13:06:20 | 003,999,512 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.07 03:57:55 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.03.20 07:23:33 | 000,513,048 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
PRC - [2013.03.20 07:23:29 | 000,323,336 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
PRC - [2013.03.20 07:23:27 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
PRC - [2013.02.07 18:38:55 | 001,838,872 | ---- | M] (Tobit.Software) -- C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
PRC - [2012.12.07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012.11.09 21:30:26 | 000,287,592 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyD.exe
PRC - [2012.11.09 21:30:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2010.04.23 09:14:00 | 000,126,976 | R--- | M] () -- C:\Windows\system\3DG4me.exe
========== Modules (No Company Name) ==========
MOD - [2013.07.03 08:13:22 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.06.11 22:05:08 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013.06.05 14:21:18 | 000,071,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
MOD - [2013.06.03 13:06:00 | 009,907,712 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll
MOD - [2013.05.16 14:28:32 | 000,242,688 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger
MOD - [2013.03.20 07:24:55 | 000,043,272 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
MOD - [2012.12.12 20:30:10 | 000,070,536 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll
MOD - [2012.12.07 15:15:16 | 007,422,392 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
MOD - [2012.12.07 15:15:12 | 002,126,264 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
MOD - [2012.12.07 15:15:12 | 001,270,200 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
MOD - [2012.12.07 15:15:12 | 000,192,952 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
MOD - [2012.12.07 15:15:10 | 002,453,944 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
MOD - [2012.12.07 15:15:10 | 000,795,064 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
MOD - [2011.08.24 04:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
MOD - [2011.08.24 04:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
MOD - [2011.08.24 04:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
MOD - [2010.04.23 09:14:00 | 000,143,360 | R--- | M] () -- C:\Windows\system\3DG4me.dll
MOD - [2010.04.23 09:14:00 | 000,126,976 | R--- | M] () -- C:\Windows\system\3DG4me.exe
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.03 08:13:22 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.27 16:13:29 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.27 16:13:22 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.13 11:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.11 22:05:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.03 13:06:20 | 003,999,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.08 00:37:15 | 000,143,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013.04.07 03:57:55 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.20 07:23:29 | 000,323,336 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service)
SRV - [2013.03.20 07:23:27 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service)
SRV - [2013.02.28 20:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.28 15:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.12.07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.11.09 21:30:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2012.07.17 16:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.05.30 22:36:28 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cm11264.sys -- (USBADVAU)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.30 18:34:34 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.30 18:34:34 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.30 18:34:34 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.03.13 23:03:07 | 000,031,344 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV:64bit: - [2012.12.26 19:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.03.19 11:08:28 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/07/01 21:05:49] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5})
DRV - [2012.11.16 17:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=UP72DHP&pc=UP72&dt=031613
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 DE 5B A6 92 21 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}: "URL" = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: betterfacebook%40mattkruse.com:6.603
FF - prefs.js..extensions.enabledAddons: admin%40proxy-listen.de:1.0.4.5
FF - prefs.js..extensions.enabledAddons: socialfixer%40mattkruse.com:7.601
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.http: "41.78.26.154"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.03 08:13:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.03 08:13:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.03.05 20:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\Extensions
[2013.06.24 21:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\Firefox\Profiles\phezuvoi.default\extensions
[2013.06.24 21:03:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\Firefox\Profiles\phezuvoi.default\extensions\trash
[2013.06.01 18:26:37 | 000,013,955 | ---- | M] () (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\extensions\admin@proxy-listen.de.xpi
[2013.03.06 23:35:27 | 000,138,110 | ---- | M] () (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\extensions\betterfacebook@mattkruse.com.xpi
[2013.06.24 21:03:53 | 000,155,222 | ---- | M] () (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\extensions\socialfixer@mattkruse.com.xpi
[2013.05.09 04:42:11 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.06 23:38:55 | 000,155,983 | ---- | M] () (No name found) -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\extensions\trash\socialfixer@mattkruse.com.xpi
[2013.03.05 20:28:36 | 000,002,376 | ---- | M] () -- C:\Users\MrMatrix\AppData\Roaming\mozilla\firefox\profiles\phezuvoi.default\searchplugins\icq.xml
[2013.07.03 08:13:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.03 08:13:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [3DG4me] C:\Windows\system\3DG4me.exe ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [PowerDVD13Agent] C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [icq] C:\Users\MrMatrix\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKCU..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKCU..\Run: [NoIPDUCv4] C:\Program Files (x86)\No-IP\DUC40.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.161 83.169.185.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E6F8DC2-8342-422F-8564-9FC3CB280E75}: NameServer = 192.168.104.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A03A52FE-4128-40EE-BB39-EB34B222FDE8}: NameServer = 192.168.152.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E93E8608-3BDC-4FF2-9CAF-3DF98FE1D073}: DhcpNameServer = 83.169.185.161 83.169.185.225
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.07.06 01:22:43 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{615954bc-85bf-11e2-9e46-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{615954bc-85bf-11e2-9e46-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Msetup4.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.07 00:23:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MrMatrix\Desktop\OTL.exe
[2013.07.06 02:59:10 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\SUPERAntiSpyware.com
[2013.07.06 02:58:49 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013.07.06 02:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013.07.06 02:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013.07.06 02:51:13 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013.07.06 02:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.07.06 02:50:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.07.06 02:10:26 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Malwarebytes
[2013.07.06 02:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.06 02:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.07.06 02:10:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.06 02:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.06 01:51:48 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\ElevatedDiagnostics
[2013.07.06 01:23:11 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\JPEGsnoop
[2013.07.06 01:22:16 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013.07.06 01:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.07.06 01:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.07.06 00:59:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.07.03 08:13:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.02 21:47:01 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\WinRAR
[2013.07.02 16:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQM
[2013.07.02 15:43:56 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013.07.02 15:43:56 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\Apps
[2013.07.02 14:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.07.02 03:07:00 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\Diagnostics
[2013.07.02 03:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.07.02 02:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Win7 MAC Address Changer
[2013.07.02 02:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7 MAC Address Changer
[2013.07.02 02:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.07.01 21:13:28 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\Cyberlink SoftDMA
[2013.07.01 21:10:46 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\Documents\CyberLink
[2013.07.01 21:10:32 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\CyberLink
[2013.07.01 21:05:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2013.07.01 21:05:44 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\MediaServer
[2013.07.01 21:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2013.07.01 21:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013.07.01 21:05:25 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\CyberLink
[2013.07.01 21:05:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13
[2013.07.01 21:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013.07.01 21:03:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.07.01 21:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2013.07.01 20:54:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\bptable
[2013.07.01 20:54:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\bdplus
[2013.07.01 19:12:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\vid
[2013.07.01 19:12:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\tks
[2013.07.01 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\log
[2013.07.01 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\Documents\BDCopy
[2013.07.01 18:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blu-ray Copy
[2013.07.01 18:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blu-ray Copy
[2013.07.01 18:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blu-ray Copy
[2013.07.01 18:11:10 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\Documents\O&O
[2013.07.01 18:11:07 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Local\O&O
[2013.07.01 18:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2013.07.01 18:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2013.07.01 18:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\OO Software
[2013.06.30 19:42:14 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\Documents\Nero
[2013.06.30 19:41:53 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Nero
[2013.06.30 19:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.06.30 19:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2013.06.30 17:52:13 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\dvdcss
[2013.06.30 17:50:40 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\vlc
[2013.06.30 17:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.06.30 17:49:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.06.17 21:57:31 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\Documents\Staatsexamen
[2013.06.16 15:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2013.06.16 15:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2013.06.15 22:59:30 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.06.15 22:23:13 | 000,262,144 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbaListView6.ocx
[2013.06.15 22:23:13 | 000,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalIml6.ocx
[2013.06.15 22:23:13 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\SSubTmr6.dll
[2013.06.15 22:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ Ignore Checker
[2013.06.15 22:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ Ignore Checker
[2013.06.15 22:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ Status Checker
[2013.06.15 22:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ Status Checker
[2013.06.10 19:45:35 | 000,000,000 | ---D | C] -- C:\Users\MrMatrix\AppData\Roaming\NeatImage SL
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.07.07 00:23:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MrMatrix\Desktop\OTL.exe
[2013.07.07 00:19:21 | 000,050,477 | ---- | M] () -- C:\Users\MrMatrix\Desktop\Defogger.exe
[2013.07.07 00:18:34 | 000,000,000 | ---- | M] () -- C:\Users\MrMatrix\defogger_reenable
[2013.07.07 00:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.06 23:50:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.06 23:01:33 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 23:01:33 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 22:53:21 | 001,612,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.06 22:53:21 | 000,696,730 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.06 22:53:21 | 000,652,048 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.06 22:53:21 | 000,148,026 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.06 22:53:21 | 000,120,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.06 22:47:42 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.06 22:47:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.06 10:59:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 00d9ab8c-d749-46ce-af89-c49e3f665ab2.job
[2013.07.06 10:44:03 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5c2e7433-4451-484a-b7ae-4e31f0502f97.job
[2013.07.06 01:22:43 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.07.02 16:29:29 | 000,001,829 | ---- | M] () -- C:\Users\MrMatrix\Desktop\ICQ.lnk
[2013.07.02 02:14:17 | 000,002,041 | ---- | M] () -- C:\Users\MrMatrix\Desktop\JDownloader.lnk
[2013.07.02 00:44:12 | 000,004,984 | R--- | M] () -- C:\Users\MrMatrix\READ_TO_DECRYPT!!!.html
[2013.07.02 00:44:00 | 005,486,312 | -H-- | M] () -- C:\Users\MrMatrix\Documents\IMG_9617.jpg
[2013.07.02 00:44:00 | 000,022,232 | -H-- | M] () -- C:\Users\MrMatrix\Documents\Staatsexamen 2013 – Schriftliche Prüfung - 1. Tag.odt
[2013.07.02 00:44:00 | 000,020,616 | -H-- | M] () -- C:\Users\MrMatrix\Documents\Sturmjagd 2013 - Erstes Chasing.odt
[2013.07.02 00:44:00 | 000,019,608 | -H-- | M] () -- C:\Users\MrMatrix\Documents\Folder.jpg
[2013.07.02 00:44:00 | 000,009,720 | -H-- | M] () -- C:\Users\MrMatrix\Documents\Dienstplan.odt
[2013.07.02 00:43:59 | 000,044,648 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{EF8ED277-52BA-46A9-B49E-10D67A934360}_Large.jpg
[2013.07.02 00:43:59 | 000,040,056 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{8FA89C72-BA81-4FE1-A612-E896AC2E6DAC}_Large.jpg
[2013.07.02 00:43:59 | 000,030,248 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Large.jpg
[2013.07.02 00:43:59 | 000,028,152 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{FF2486D7-4C5B-45DB-ADC0-3BDDA5B90228}_Large.jpg
[2013.07.02 00:43:59 | 000,023,288 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{34A38A07-DEDD-493C-97E6-A7E4FF417719}_Large.jpg
[2013.07.02 00:43:59 | 000,008,376 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Small.jpg
[2013.07.02 00:43:59 | 000,008,184 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{8FA89C72-BA81-4FE1-A612-E896AC2E6DAC}_Small.jpg
[2013.07.02 00:43:59 | 000,008,040 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{EF8ED277-52BA-46A9-B49E-10D67A934360}_Small.jpg
[2013.07.02 00:43:59 | 000,005,864 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{FF2486D7-4C5B-45DB-ADC0-3BDDA5B90228}_Small.jpg
[2013.07.02 00:43:59 | 000,004,984 | R--- | M] () -- C:\Users\MrMatrix\Documents\READ_TO_DECRYPT!!!.html
[2013.07.02 00:43:59 | 000,004,920 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArtSmall.jpg
[2013.07.02 00:43:59 | 000,004,792 | -H-- | M] () -- C:\Users\MrMatrix\Documents\AlbumArt_{34A38A07-DEDD-493C-97E6-A7E4FF417719}_Small.jpg
[2013.07.02 00:43:31 | 000,004,984 | R--- | M] () -- C:\Users\MrMatrix\AppData\Local\READ_TO_DECRYPT!!!.html
[2013.07.01 21:05:22 | 000,001,415 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
[2013.07.01 18:20:39 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Blu-ray Copy.lnk
[2013.07.01 18:15:26 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\O&O SafeErase.lnk
[2013.07.01 00:02:33 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.30 17:50:21 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.27 16:13:30 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.26 21:33:05 | 002,446,641 | ---- | M] () -- C:\Users\MrMatrix\Documents\Loreen - Euphoria.mp3
[2013.06.25 21:08:39 | 000,000,866 | ---- | M] () -- C:\Users\MrMatrix\Desktop\CCleaner.lnk
[2013.06.25 20:59:48 | 002,590,685 | ---- | M] () -- C:\Users\MrMatrix\Documents\Real Life - Send Me An Angel.mp3
[2013.06.23 18:34:39 | 002,866,654 | ---- | M] () -- C:\Users\MrMatrix\Documents\Icehouse - Hey Little Girl.mp3
[2013.06.22 17:48:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2013.06.15 18:31:57 | 002,960,177 | ---- | M] () -- C:\Users\MrMatrix\Documents\Pet Shop Boys - Suburbia.mp3
[2013.06.15 18:31:06 | 003,144,550 | ---- | M] () -- C:\Users\MrMatrix\Documents\Europe - The Final Countdown.mp3
[2013.06.15 18:18:43 | 003,037,937 | ---- | M] () -- C:\Users\MrMatrix\Documents\Kid Rock - All Summer Long.mp3
[2013.06.15 18:18:13 | 002,419,288 | ---- | M] () -- C:\Users\MrMatrix\Documents\Toto - Hold The Line.mp3
[2013.06.15 18:17:49 | 002,516,771 | ---- | M] () -- C:\Users\MrMatrix\Documents\Kate Ryan - The Promise You Made.mp3
[2013.06.15 18:15:02 | 003,786,164 | ---- | M] () -- C:\Users\MrMatrix\Documents\R.E.M. - Drive.mp3
[2013.06.15 18:14:26 | 003,020,511 | ---- | M] () -- C:\Users\MrMatrix\Documents\Wax - Rosana.mp3
[2013.06.15 18:12:08 | 003,951,342 | ---- | M] () -- C:\Users\MrMatrix\Documents\Rod Stewart - Baby Jane.mp3
[2013.06.15 18:11:51 | 003,661,985 | ---- | M] () -- C:\Users\MrMatrix\Documents\John Farnham - You're The Voice.mp3
[2013.06.15 18:09:18 | 001,791,987 | ---- | M] () -- C:\Users\MrMatrix\Documents\Nik Kershaw - Wouldn't It Be Good.mp3
[2013.06.15 18:08:52 | 002,283,656 | ---- | M] () -- C:\Users\MrMatrix\Documents\Gossip - Move In The Right Direction.mp3
[2013.06.15 18:08:44 | 003,754,570 | ---- | M] () -- C:\Users\MrMatrix\Documents\Billy Idol - Sweet Sixteen.mp3
[2013.06.15 18:07:56 | 002,181,457 | ---- | M] () -- C:\Users\MrMatrix\Documents\Eurythmics - Sweet Dreams.mp3
[2013.06.15 18:07:19 | 003,524,123 | ---- | M] () -- C:\Users\MrMatrix\Documents\Daft Punk - Get Lucky (Feat. Pharrell Williams) (Radio Edit).mp3
[2013.06.15 18:06:55 | 001,897,885 | ---- | M] () -- C:\Users\MrMatrix\Documents\Jimmy Sommerville - Never Can Say Goodbye.mp3
[2013.06.15 17:14:26 | 003,318,441 | ---- | M] () -- C:\Users\MrMatrix\Documents\Robin Thicke - Blurred Lines (Feat. T.I. & Pharrell).mp3
[2013.06.14 17:19:07 | 002,795,516 | ---- | M] () -- C:\Users\MrMatrix\Documents\David Guetta - When Love Takes Over (Feat. Kelly Rowland).mp3
[2013.06.14 17:18:41 | 003,000,137 | ---- | M] () -- C:\Users\MrMatrix\Documents\Peter Kent - It's A Real Good Feeling.mp3
[2013.06.14 17:17:21 | 002,781,592 | ---- | M] () -- C:\Users\MrMatrix\Documents\Capital Cities - Safe And Sound.mp3
[2013.06.10 19:06:40 | 000,000,132 | ---- | M] () -- C:\Users\MrMatrix\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.06.09 18:28:06 | 000,132,387 | ---- | M] () -- C:\Users\MrMatrix\Documents\bookmarks-2013-06-09.json
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.07.07 00:15:11 | 000,050,477 | ---- | C] () -- C:\Users\MrMatrix\Desktop\Defogger.exe
[2013.07.06 12:36:16 | 000,000,000 | ---- | C] () -- C:\Users\MrMatrix\defogger_reenable
[2013.07.06 02:59:18 | 000,000,528 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 00d9ab8c-d749-46ce-af89-c49e3f665ab2.job
[2013.07.06 02:59:17 | 000,000,528 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5c2e7433-4451-484a-b7ae-4e31f0502f97.job
[2013.07.06 01:22:43 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.07.02 02:14:17 | 000,002,041 | ---- | C] () -- C:\Users\MrMatrix\Desktop\JDownloader.lnk
[2013.07.02 02:14:14 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.07.02 02:14:14 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2013.07.02 02:14:14 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.07.02 00:44:12 | 000,004,984 | R--- | C] () -- C:\Users\MrMatrix\READ_TO_DECRYPT!!!.html
[2013.07.02 00:43:59 | 000,004,984 | R--- | C] () -- C:\Users\MrMatrix\Documents\READ_TO_DECRYPT!!!.html
[2013.07.02 00:43:31 | 000,004,984 | R--- | C] () -- C:\Users\MrMatrix\AppData\Local\READ_TO_DECRYPT!!!.html
[2013.07.01 21:05:21 | 000,001,415 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk
[2013.07.01 18:20:39 | 000,001,935 | ---- | C] () -- C:\Users\Public\Desktop\Blu-ray Copy.lnk
[2013.07.01 18:10:46 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\O&O SafeErase.lnk
[2013.07.01 00:02:33 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.06.30 17:50:21 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.30 16:36:24 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.06.26 21:30:46 | 000,028,152 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{FF2486D7-4C5B-45DB-ADC0-3BDDA5B90228}_Large.jpg
[2013.06.26 21:30:46 | 000,005,864 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{FF2486D7-4C5B-45DB-ADC0-3BDDA5B90228}_Small.jpg
[2013.06.25 21:08:19 | 005,486,312 | -H-- | C] () -- C:\Users\MrMatrix\Documents\IMG_9617.jpg
[2013.06.25 20:41:28 | 000,040,056 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{8FA89C72-BA81-4FE1-A612-E896AC2E6DAC}_Large.jpg
[2013.06.25 20:41:28 | 000,008,184 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{8FA89C72-BA81-4FE1-A612-E896AC2E6DAC}_Small.jpg
[2013.06.23 18:34:38 | 000,044,648 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{EF8ED277-52BA-46A9-B49E-10D67A934360}_Large.jpg
[2013.06.23 18:34:38 | 000,008,040 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{EF8ED277-52BA-46A9-B49E-10D67A934360}_Small.jpg
[2013.06.23 03:35:32 | 000,023,288 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{34A38A07-DEDD-493C-97E6-A7E4FF417719}_Large.jpg
[2013.06.23 03:35:32 | 000,004,792 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{34A38A07-DEDD-493C-97E6-A7E4FF417719}_Small.jpg
[2013.06.22 17:48:20 | 000,001,086 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2013.06.22 17:48:20 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2013.06.18 00:14:56 | 000,022,232 | -H-- | C] () -- C:\Users\MrMatrix\Documents\Staatsexamen 2013 – Schriftliche Prüfung - 1. Tag.odt
[2013.06.16 15:09:51 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2013.06.16 15:09:51 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013.06.16 15:09:50 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013.06.15 22:59:30 | 000,000,866 | ---- | C] () -- C:\Users\MrMatrix\Desktop\CCleaner.lnk
[2013.06.15 18:31:57 | 002,960,177 | ---- | C] () -- C:\Users\MrMatrix\Documents\Pet Shop Boys - Suburbia.mp3
[2013.06.15 18:31:06 | 003,144,550 | ---- | C] () -- C:\Users\MrMatrix\Documents\Europe - The Final Countdown.mp3
[2013.06.15 18:19:06 | 002,590,685 | ---- | C] () -- C:\Users\MrMatrix\Documents\Real Life - Send Me An Angel.mp3
[2013.06.15 18:18:43 | 003,037,937 | ---- | C] () -- C:\Users\MrMatrix\Documents\Kid Rock - All Summer Long.mp3
[2013.06.15 18:18:13 | 002,419,288 | ---- | C] () -- C:\Users\MrMatrix\Documents\Toto - Hold The Line.mp3
[2013.06.15 18:17:49 | 002,516,771 | ---- | C] () -- C:\Users\MrMatrix\Documents\Kate Ryan - The Promise You Made.mp3
[2013.06.15 18:15:02 | 003,786,164 | ---- | C] () -- C:\Users\MrMatrix\Documents\R.E.M. - Drive.mp3
[2013.06.15 18:14:26 | 003,020,511 | ---- | C] () -- C:\Users\MrMatrix\Documents\Wax - Rosana.mp3
[2013.06.15 18:12:07 | 003,951,342 | ---- | C] () -- C:\Users\MrMatrix\Documents\Rod Stewart - Baby Jane.mp3
[2013.06.15 18:11:50 | 003,661,985 | ---- | C] () -- C:\Users\MrMatrix\Documents\John Farnham - You're The Voice.mp3
[2013.06.15 18:09:18 | 001,791,987 | ---- | C] () -- C:\Users\MrMatrix\Documents\Nik Kershaw - Wouldn't It Be Good.mp3
[2013.06.15 18:08:52 | 002,283,656 | ---- | C] () -- C:\Users\MrMatrix\Documents\Gossip - Move In The Right Direction.mp3
[2013.06.15 18:08:44 | 003,754,570 | ---- | C] () -- C:\Users\MrMatrix\Documents\Billy Idol - Sweet Sixteen.mp3
[2013.06.15 18:07:56 | 002,181,457 | ---- | C] () -- C:\Users\MrMatrix\Documents\Eurythmics - Sweet Dreams.mp3
[2013.06.15 18:07:32 | 002,866,654 | ---- | C] () -- C:\Users\MrMatrix\Documents\Icehouse - Hey Little Girl.mp3
[2013.06.15 18:07:18 | 003,524,123 | ---- | C] () -- C:\Users\MrMatrix\Documents\Daft Punk - Get Lucky (Feat. Pharrell Williams) (Radio Edit).mp3
[2013.06.15 18:06:54 | 001,897,885 | ---- | C] () -- C:\Users\MrMatrix\Documents\Jimmy Sommerville - Never Can Say Goodbye.mp3
[2013.06.15 17:11:26 | 000,030,248 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Large.jpg
[2013.06.15 17:11:26 | 000,008,376 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Small.jpg
[2013.06.15 17:11:13 | 000,019,608 | -H-- | C] () -- C:\Users\MrMatrix\Documents\Folder.jpg
[2013.06.15 17:11:13 | 000,004,920 | -H-- | C] () -- C:\Users\MrMatrix\Documents\AlbumArtSmall.jpg
[2013.06.14 17:19:07 | 002,795,516 | ---- | C] () -- C:\Users\MrMatrix\Documents\David Guetta - When Love Takes Over (Feat. Kelly Rowland).mp3
[2013.06.14 17:18:41 | 003,000,137 | ---- | C] () -- C:\Users\MrMatrix\Documents\Peter Kent - It's A Real Good Feeling.mp3
[2013.06.14 17:18:14 | 002,446,641 | ---- | C] () -- C:\Users\MrMatrix\Documents\Loreen - Euphoria.mp3
[2013.06.14 17:17:33 | 003,318,441 | ---- | C] () -- C:\Users\MrMatrix\Documents\Robin Thicke - Blurred Lines (Feat. T.I. & Pharrell).mp3
[2013.06.14 17:17:21 | 002,781,592 | ---- | C] () -- C:\Users\MrMatrix\Documents\Capital Cities - Safe And Sound.mp3
[2013.06.10 19:06:40 | 000,000,132 | ---- | C] () -- C:\Users\MrMatrix\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.06.09 18:28:06 | 000,132,387 | ---- | C] () -- C:\Users\MrMatrix\Documents\bookmarks-2013-06-09.json
[2013.06.01 20:13:30 | 000,789,200 | ---- | C] () -- C:\Users\MrMatrix\test 3.wav
[2013.05.30 22:58:53 | 000,846,800 | ---- | C] () -- C:\Users\MrMatrix\ts3_recording_13_05_30_22_58_52.wav
[2013.05.30 22:37:58 | 000,000,370 | ---- | C] () -- C:\Windows\Cm112.ini.cfl
[2013.05.30 22:37:34 | 000,001,198 | R--- | C] () -- C:\Windows\Cm112.ini.cfg
[2013.05.30 22:37:34 | 000,000,230 | ---- | C] () -- C:\Windows\Cm112.ini.imi
[2013.05.30 22:37:32 | 000,000,678 | R--- | C] () -- C:\Windows\cm112.ini
[2013.05.21 19:02:13 | 000,003,584 | ---- | C] () -- C:\Users\MrMatrix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.21 05:12:01 | 001,165,520 | ---- | C] () -- C:\Users\MrMatrix\test.wav
[2013.04.14 03:27:15 | 000,337,857 | ---- | C] () -- C:\Users\MrMatrix\bookmarks-2013-03-03.json
[2013.03.31 17:46:58 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.31 17:46:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.28 23:02:49 | 001,589,886 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.21 06:10:18 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013.03.18 22:37:57 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.03.17 00:38:21 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2013.03.05 20:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.14 18:30:12 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Bioshock2
[2013.04.22 23:41:02 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\DVDVideoSoft
[2013.03.06 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\ICQ-Profile
[2013.07.02 16:29:08 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\ICQM
[2013.05.21 19:23:19 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\IrfanView
[2013.07.06 01:23:11 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\JPEGsnoop
[2013.03.28 23:07:10 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Lansoftware
[2013.07.01 19:12:52 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\log
[2013.06.10 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\NeatImage SL
[2013.03.06 23:59:38 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\OpenOffice.org
[2013.06.23 14:57:09 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Origin
[2013.05.21 19:50:14 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\PDAppFlex
[2013.07.02 00:43:49 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Stellarium
[2013.07.02 00:43:49 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Subversion
[2013.07.02 00:43:49 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\TeamViewer
[2013.03.17 00:38:34 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\Tobit
[2013.07.04 01:12:17 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\TS3Client
[2013.03.05 20:24:33 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\TuneUp Software[2013.07.02 00:43:50 | 000,000,000 | ---D | M] -- C:\Users\MrMatrix\AppData\Roaming\XnView
========== Purity Check ==========
< End of report >
--- --- ---
EXTRAS.txtOTL Logfile: Code:
OTL Extras logfile created on: 07.07.2013 00:24:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MrMatrix\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 71,96% Memory free
15,95 Gb Paging File | 13,12 Gb Available in Paging File | 82,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 622,42 Gb Free Space | 66,82% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 284,11 Gb Free Space | 95,31% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 25,02 Gb Free Space | 5,37% Space Free | Partition Type: NTFS
Computer Name: CORE2DUO | User Name: MrMatrix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{062FCD0A-2E74-4CC1-AE21-AEFABB8238B7}" = lport=3658 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{08E95CFA-7AD5-4140-9945-CAD290B1F55A}" = lport=3074 | protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{0D3AD6B2-94D1-4A77-9DD3-270F1489925F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{131AA560-D73A-46E3-84EB-04343A9436D9}" = lport=138 | protocol=17 | dir=in | app=system |
"{14C8F06F-DBCE-4211-A4F7-8E59BC882F62}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{1E0EACE4-F9E5-41D6-9DD6-A3DA27FD83B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{223F3799-A059-4DF8-B474-3165865CAA57}" = lport=445 | protocol=6 | dir=in | app=system |
"{31281F4E-B0BA-497D-801F-97998868A648}" = rport=138 | protocol=17 | dir=out | app=system |
"{336E6FF8-A146-4CEF-B0C5-408ECF262F2E}" = lport=3074 | protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{3A2FB0BB-BE8F-4429-805F-F4DC2A738AC4}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{3BF94933-8209-495E-BEAC-4878E9C35B1B}" = lport=88 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{3E478096-10CE-4D82-BC79-20C3B79F81D2}" = lport=59278 | protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{41FBF03A-B9DF-4C93-A8E6-EE1DC3BD2A66}" = lport=10243 | protocol=6 | dir=in | app=system |
"{45723412-061A-4B05-B008-A54CA2176F7B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4621E489-9898-4BB5-A8FB-86D1B8F560DB}" = lport=3074 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{462A4755-73B0-45FA-B8EB-473625A4206F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46E3B6CC-569C-49B1-AF00-D13BD4F3148E}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{4D0278CF-14B6-4B97-9B34-6FB39FD3CEFD}" = rport=2869 | protocol=6 | dir=out | app=system |
"{4F4BB1A2-FCD9-4F60-A7CF-9681DC387409}" = lport=5223 | protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{52323736-62DA-430B-A40D-492F989CC329}" = rport=445 | protocol=6 | dir=out | app=system |
"{5889F54A-F5AF-4C33-AA6A-E97F75D51E84}" = lport=3478 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{5B534922-D823-4C0E-B9F5-DEFEBA73C5CD}" = lport=5000 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5F4BA275-5986-4A48-8E48-9C9EC2CEBA4F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69F8A731-A28C-4A75-B935-70A8136EA986}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{7034D833-A94A-4EB1-B8F5-D4C870FE0BA5}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{72E40083-827B-4F48-A876-D5F9C8B3ABFE}" = lport=1317 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{78512423-2AC4-4C1D-9BF7-C5923F226378}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{79D55298-3749-44A6-8CE9-FB745461BEF4}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{7F127A2C-19BD-425F-BCB7-943E75029A77}" = lport=88 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{83D12A51-B6A1-42D4-AFFA-2C04C9E6DB1C}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{884FFB4D-0FC7-494B-A37B-E9902F2DDBEB}" = lport=3478 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{8C9B562A-768D-4E7B-B6A8-DAF10EF4B21D}" = rport=139 | protocol=6 | dir=out | app=system |
"{92FEA427-C842-4AE2-8FDD-822AE41B5607}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93BF748B-0975-48C6-B74B-1552B35E59FC}" = lport=3479 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{98A03BC7-9C95-492E-B0EF-5AF04E581167}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98CA604F-B2FE-4774-960B-5F57FEACF4CA}" = lport=5000 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{A5B8CDA6-26CA-45B2-BCB9-3657FB8372B5}" = lport=5223 | protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{A8448A4D-FA07-477D-A502-D9A6BEF7EAFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC3416B1-436A-44A2-8FFE-13A9F448B547}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF8B1AD6-E31B-4347-B158-C087A12AB3BF}" = lport=3658 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{B0295943-BF0E-4658-BF81-E20ECFE1B378}" = lport=59278 | protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{B8EB3584-05C1-4B0E-B4ED-7323864CB5D2}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{C9D81BA9-7D14-4D11-BCB4-6150A73AF47A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CB3FE80E-B371-49B4-8E05-33D536B7CFBB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CBDF618C-8AEF-4C1F-B428-BB51D044ABDB}" = lport=139 | protocol=6 | dir=in | app=system |
"{D06BEF45-F334-45EB-AE14-5E00B66545FB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D26B9D48-15F4-4304-90A9-4E87F4A4D125}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D518EA01-E206-4209-BCEC-259D9DB2EDC7}" = lport=137 | protocol=17 | dir=in | app=system |
"{D950C6A0-820E-48FF-BF4C-595926F838A4}" = lport=3479 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{DB68EF2F-51E7-4A01-B7CD-FF09AA9AD618}" = rport=137 | protocol=17 | dir=out | app=system |
"{DD921DAD-33D7-4E29-8B75-91AF8699645C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E387CFA3-681D-4D26-B0B5-E965146A29E7}" = lport=1303 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{E6417705-1719-4B25-B083-D79723095CE6}" = lport=3074 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{EA85B941-BA4C-4F78-B1C2-7CB5A9829578}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC37D324-0970-4D11-9F58-DB540801F489}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00729B02-9190-471F-8019-8E45CCB1F02A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{00DE732B-98EC-492A-B8EE-2693026F9F31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{01587D62-AEE8-4112-945F-8AF20B048555}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{015F7377-D333-48E9-9F33-6207B30C7DBB}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{027BF9BC-DE10-41DF-8BC0-D75A9AD6A98A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{02EBD406-DC1A-470B-80A6-22D30C9E1284}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd cinema\powerdvdcinema13.exe |
"{04B33C11-1B5B-4795-AFA7-4F4F2AC1E088}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{060C10BF-8A06-4E2D-B3C6-F3E64DD90018}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{0806BFA7-5764-4B51-9746-847DBB41D074}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{087A5C2B-80C8-4532-948C-7D2F9C9DEB9D}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{0D4C74DD-AADC-4ADC-9A97-022CAA0C5A88}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{103C0297-8158-4017-B687-A361F6AAF190}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{13878FC3-DB1D-40AC-8593-4F53FF5CBB4E}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{139803C2-18E7-4B9D-B7BB-0AAED91059FD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{14F1C44D-405B-4B7B-8BA0-13AD39D2D79A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1A674064-BDCB-4E4C-9DF9-FC6D58F81922}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dms\clmsserverpdvd13.exe |
"{1B693BE4-CD29-47ED-BB02-FB2C91EA1E4C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{1D545B72-BFF1-4E2F-8220-4572838B7684}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{221D05B2-14F9-411B-AD0E-FFE294D12D49}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{2495115F-E663-4D3E-BC48-76D8C5DB2D0F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\matrix1337\garrysmod\hl2.exe |
"{29C40907-D1E7-450A-B29C-4DFBE3826FA8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2 demo\bin\win_x86\eurotrucks2.exe |
"{2A0E96A1-37CA-47B8-B227-DB792B25548F}" = protocol=58 | dir=in | app=system |
"{2B3B4148-D172-4FC7-93BD-69F0310B53AF}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{2EC38DC0-B412-4D5E-B6F2-4E9E3E03289E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2F8DFD48-64E8-4A79-8712-75E7196CB17F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{302FEFC3-9620-4636-9608-C739EF1C07F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanet.exe |
"{31E9EF31-8F3B-4B77-9DB6-D77A13BF7079}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{347B3E6C-044E-4CDD-906F-A7D70FFFD142}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3BCDC815-87D8-4C07-A9E2-32ACD04B2F41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{3DE6B07C-1BEE-4E2C-BE46-98D0E538F636}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3E83B547-F02D-454E-9CDB-11C06E91D172}" = protocol=6 | dir=out | app=system |
"{3EE38A1F-0B49-47B7-BB4B-1B7B9ACA40D8}" = protocol=6 | dir=in | app=c:\users\MrMatrix\appdata\roaming\icqm\icq.exe |
"{4161F1E1-BA6C-47EE-89FD-54BB09E0265A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{42A56ED8-1AAA-4F19-863E-13588DCFE363}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4408C1C2-B3CA-4727-A2FC-42B2381163C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\matrix1337\garrysmod\hl2.exe |
"{457C1CA2-83D9-4F37-B919-6AAC5F1C43C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46091D70-EA26-4C7A-A24C-BF0B4C6F5475}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{466E358C-BA37-4CA7-90DE-48E70A8B9419}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4B4FD7FC-829A-4A2B-81C0-33B91C8533B4}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{4D4CBE7C-C844-44A0-B5A0-327CB2C5426D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13ml.exe |
"{4FC78864-9C4C-493C-8277-407AD6DD93A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{5029A6DF-7686-4401-8CA9-BCE6251B6A45}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fearcombat\fearmp.exe |
"{50CDE436-716F-4D6B-83AE-D085CE1E6556}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13.exe |
"{515919BC-837B-440F-A515-60B55B1388D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{516E94E6-60D6-4C89-9015-16AF65B1E974}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5180154B-1DF2-4C54-BFFF-2B515092BC63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{521D08E4-D376-49B6-9D76-9C830B69DE42}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{54864F66-DEC2-456C-B7F6-618A4A06DECB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{54945A71-F5C1-4F0D-9F75-04939231F2BA}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fearcombat\fearmp.exe |
"{56F2867F-08CA-485A-808B-D976CBA91776}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{57FCC265-6E01-485A-AF02-8D2256885ACF}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5818C072-D3F7-4485-BF66-355C33C7E929}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{595CA5E5-823C-4CFF-B09C-7B366DF68F90}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{5BE7A079-1E13-4077-9FE6-9B41C3FED231}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{5D5C4FD6-2FEF-49E7-A6BC-8FEA77BC0585}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5F844DEF-83A0-4654-9AD5-1266D3F34143}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{60A8FC04-5064-4A0B-9CED-D7AB3CAB794A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6172552A-F2D2-4451-8B4B-4E72844BED61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{62E25632-5CB4-4902-AFA1-3F9F630A9086}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{6413B1B0-44C3-41A5-BE49-10187B198DC3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6414B34F-8C5A-4275-8CD2-BB7107830228}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{64D70046-F5AA-428D-AADF-C4DF78183770}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{69119C34-E407-4549-A7F8-C6D2891D8C45}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{697CEC63-D1CA-4D05-A1F3-5E7A54C6EAFA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{6F58FFB3-5C8B-4A11-94AE-1F57F7C03461}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{725AFC35-828C-4AD6-AE2B-46856966E67B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 2 complete collection\bf2.exe |
"{7399230F-3C9A-4E59-9E55-843652C1E27D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13agent.exe |
"{749F45E2-91CC-472E-B13C-2655CA9A25F8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{757D4ED3-9256-45BA-8C54-C5C47E7978CF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7DF38B88-18FB-4F85-9C9B-EE23D56DD624}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{802C499B-167B-4D40-9EF5-66855B90780A}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{807D3F67-D802-42D5-BD22-58FA7D3B6B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{851133CC-ADBF-4CCA-B0D1-F317D5F43BF7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanet.exe |
"{854726EF-B5AF-4C4F-8051-F49AE69FC4B0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{86E78B0A-028F-48F7-9BBA-75592B4B41CC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dmr\powerdvd13dmrengine.exe |
"{895113BA-8873-41A4-B11F-18AF89F0D6DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8DB041B5-3CB3-4FAE-8284-EC28663209D3}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{959072FD-9248-437F-B445-87A87E6DA2D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{972E7A2E-6C0A-4E83-A5ED-79E11604EC31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9995D74F-C85D-4ADD-AEE6-B392980A5923}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{9A45D9FD-BB50-4B60-9FAB-057B7442A25C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2 demo\bin\win_x86\eurotrucks2.exe |
"{9AA677A0-66D2-4553-A68D-233EE5AA2D85}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{A0287D2E-E098-47D5-A57A-6BBEF4C9A663}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{A380393A-DC60-4AC4-B403-428ACCFA7449}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A68BC676-4AF9-485F-B0D7-EAA8DCDB380D}" = dir=out | app=c:\windows\system32\svchost.exe |
"{A7B647CE-1368-4E98-83D7-57127A7F1F73}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A923B606-93A9-4CE8-A0B0-4A96F5E3C3FC}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{A93C053B-FE00-477E-8EF4-F85E1FFE459C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{AEB7733A-6B06-43FB-822E-3946467EFC09}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{B26B36DD-00B1-4CEE-89D5-03B46E47E1C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{B45EE0ED-6A25-41C3-ABD4-B191B64ABF8A}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{B59B4911-6FDB-4122-A8AB-C05921028E54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA437094-105F-42F9-86D7-DF8CE6F952ED}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{BADDA7BC-AFB3-466D-9D7F-0C2DBC827D60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0A33674-267B-4387-A880-DB1FA7560261}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{C120DD73-450A-4FAC-94BB-CE2EF1900417}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{C87A5925-C55F-41C8-B05A-4F9613C62775}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{CBD55D95-58E2-463F-9D4C-38EBD11BA7D9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 2 complete collection\bf2.exe |
"{CC2090A9-187A-4342-B0D9-598D66FA57AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD1B9F8F-528C-47E1-BEA0-EDDEFE6F5B73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\launcher.exe |
"{D090062F-7F63-4801-8056-D8A60A353D83}" = protocol=17 | dir=in | app=c:\users\MrMatrix\appdata\roaming\icqm\icq.exe |
"{D0AF3AA3-F6E2-470A-B2D2-39AA9296833E}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{D0B02B6A-2D4E-43C6-AC54-05B5728378A7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D0EB00BE-43BC-4224-AEE9-7830CC9C4328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{D3C838F6-BCC3-48B8-8A16-9B34C2508249}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{D4421BB6-B063-4CDD-93C9-AED7F285E477}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5FB2B53-7FF6-4BD4-877A-1664F6EAB7A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{D7333815-F96C-48C2-BCF1-158A3E3B1603}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\launcher.exe |
"{D798ACE8-63C0-4447-8BC1-95ED8DD7E525}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{D7BCEDDD-D9BC-45CB-9996-16B09B820F0C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd.exe |
"{DDAF5F55-78AF-45D7-BB6C-E58792573105}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF15592A-C72C-4526-BF44-941C94998678}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{E3DB2BF3-F238-497A-ABF9-AF1C6F1E597C}" = dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{E57F3BE8-DBE5-4421-9F9C-1B94C6B1C1CC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{E920877F-FF41-4AD3-9BFB-C3CB77003D21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9B38066-F3F6-4A50-9F72-69112E186F02}" = dir=out | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{EA6C2470-982B-4A34-856F-4AD033E8688F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{ECA8DA34-9CC7-497D-9C99-C72AB97D5303}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{EFB8193E-9CB0-470C-902F-453F695A73BD}" = dir=out | app=c:\program files (x86)\connectify\connectifyd.exe |
"{F1345F3A-E7C0-4725-AFB7-C1BCF8B94653}" = protocol=1 | dir=in | name=icmp - in |
"{F632DB9A-7115-4A97-BB2D-EA3CFBCF3A89}" = dir=in | app=c:\program files (x86)\connectify\connectifyd.exe |
"{F65BC6A2-2822-4B00-B195-721E0DDED006}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9E6AC6F-0CD2-403E-A539-D54BB9EE9969}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{FA168DC0-15B0-4B03-9809-27184A0EB4BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC11AF2C-E04D-4B19-93B0-7DF09D5A6062}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FC78ABEB-52DB-4504-A6BA-6D63040444D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FD076692-8FF4-4F74-B39E-57033B4B15AD}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{FE4F26AF-55B4-47A3-974E-26D6C3DB384C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe |
"{FFCDE7C7-AE92-47ED-B61C-952907371129}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0BB8272F-E6F2-49B3-9D5A-EB8FD11ADF2D}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe |
"TCP Query User{3CBC5581-2A8B-4732-83F2-78D4CCCC0908}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{41932885-3634-4A82-B6C1-0D2CBF4DCE4D}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{511D1D40-F91D-4F77-89FA-660841656C8D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{52EE95AB-450C-44BB-A215-57613DA6B7F4}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe |
"TCP Query User{5529BC31-E851-443F-895A-D457DADD2B29}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{6A6467EF-1564-49EF-8178-12BF17729F4B}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{8E90C307-A2AF-4F18-BE5E-713AB8808F4A}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{AA370514-0969-45DD-960B-487A6F66A0C2}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"TCP Query User{D36E00E4-1C80-42DC-8FF2-321B90B03928}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{1C3EF344-B2CA-468D-A5EA-E2C89D4405D4}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{2DDE8502-3D83-42A1-93FA-585510DEE0D7}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{53ED4F13-E5E7-441E-B636-9C9FD0AE8AED}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"UDP Query User{6DACC6AF-EDA6-4C93-9F1F-E991CDACDD6A}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{7BF0DF73-0543-40EE-91E6-98926E41F561}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{7D9C00EA-1865-4DAF-980C-DC3EAA7766CF}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx9.exe |
"UDP Query User{85E7A561-81F1-43E4-99EC-0A175DB4077E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{9B49CDE6-5C9E-46AC-9DE2-B32BD8FEF940}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A4A2AF30-DB4D-4551-8D0C-2B9B8E6A86D7}C:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\resident evil 5\re5dx10.exe |
"UDP Query User{F9631DED-3120-4C89-942E-32935077FA9F}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{12DA3057-6836-4C8B-A44D-A447474E302B}" = O&O SafeErase Professional
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{44610EE0-C908-D8F1-425D-914A5B745DEA}" = AMD Drag and Drop Transcoding
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67E1227E-D553-4A6A-96CD-40CCBBC705D8}" = SpyHunter
"{6B13A3F1-F66A-42FB-9E62-98952D582187}" = TortoiseSVN 1.7.11.23600 (64 bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Connectify" = Connectify Hotspot
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.9.5 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Stellarium_is1" = Stellarium 0.12.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{350E3960-DE20-4FE6-9E6B-26B464AD27FD}" = DeepSkyStacker
"{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}" = Sennheiser 3D G4ME1
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75E607CF-7BAE-4B88-84B3-97F3DF44BA28}" = FEARCombat
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A06714C-F24B-4144-9BA2-788B5DD4F270}_is1" = ICQ Ignore Checker 1.4
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E012857-0B5E-40A0-A36A-36751966A79B}_is1" = ICQ Status Checker 1.9
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D25E16F9-902D-4B08-B6AD-C28882C6EBFE}" = Garry's Mod Manager
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EE56B531-B655-4afa-9664-0C0970E5798B}_is1" = Blu-ray Copy 1.0.30
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F9A76116-6D56-4CEA-830E-E95C168DC95B}_is1" = Win7 MAC Address Changer version 1.9.5
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anti-Twin 2013-05-21 18.14.44" = Anti-Twin (Installation 21.05.2013)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.419
"Garry's Mod Manager 8.30.0000" = Garry's Mod Manager
"Guild Wars 2" = Guild Wars 2
"InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoIPDUC" = No-IP DUC
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 10" = Counter-Strike
"Steam App 200710" = Torchlight II
"Steam App 21690" = Resident Evil 5
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 22600" = Worms Reloaded
"Steam App 231120" = Euro Truck Simulator 2 Demo
"Steam App 233070" = TrackMania² Stadium Open Beta
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 310" = Source Multiplayer Dedicated Server
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 4000" = Garry's Mod
"Steam App 410" = Portal: First Slice
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 8850" = BioShock 2
"TeamViewer 8" = TeamViewer 8
"TmNationsForever_is1" = TmNationsForever
"Tobit Radio.fx Server" = Radio.fx
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.1 (build 6327)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.05.2013 13:19:54 | Computer Name = core2duo | Source = Application Hang | ID = 1002
Description = Programm xnview.exe, Version 2.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 32e4 Startzeit:
01ce56471df8d50d Endzeit: 3 Anwendungspfad: C:\Program Files (x86)\XnView\xnview.exe
Berichts-ID:
a54652a5-c23a-11e2-851f-f46d049685c7
Error - 25.05.2013 22:16:23 | Computer Name = core2duo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: left4dead2.exe, Version: 0.0.0.0,
Zeitstempel: 0x519d2316 Name des fehlerhaften Moduls: xfire_toucan_46139.dll, Version:
1.0.0.46139, Zeitstempel: 0x514a81a7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000498d9
ID
des fehlerhaften Prozesses: 0x1cc4 Startzeit der fehlerhaften Anwendung: 0x01ce599e34c6d735
Pfad
der fehlerhaften Anwendung: c:\program files (x86)\steam\steamapps\common\left
4 dead 2\left4dead2.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Xfire\xfire_toucan_46139.dll
Berichtskennung:
42adb9f8-c5aa-11e2-a1f6-f46d049685c7
Error - 08.06.2013 19:16:44 | Computer Name = core2duo | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 73c Startzeit: 01ce645f0e0417b1 Endzeit: 14910 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: 6e50613a-d091-11e2-97af-f46d049685c7
Error - 20.06.2013 20:11:27 | Computer Name = core2duo | Source = Application Error | ID = 1000
Error - 24.06.2013 15:03:55 | Computer Name = core2duo | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc
Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c9789
ID des fehlerhaften Prozesses: 0x162c
Startzeit der fehlerhaften Anwendung: 0x01ce70e1ac2ec3f0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: d0629429-dd00-11e2-a57c-f46d049685c7
Error - 24.06.2013 17:41:39 | Computer Name = core2duo | Source = Application Error
| ID = 1000
Error - 30.06.2013 13:15:03 | Computer Name = core2duo | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 2b44 Startzeit: 01ce75b5524830e7 Endzeit: 24 Anwendungspfad:
C:\Program Files (x86)\Windows Media Player\wmplayer.exe Berichts-ID: 96ecf450-e1a8-11e2-9a36-f46d049685c7
Error - 30.06.2013 13:36:17 | Computer Name = core2duo | Source = Application Hang | ID = 1002
Description = Programm Nero-12.5.01900_trial.exe, Version 12.0.3.0 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 295c Startzeit: 01ce75b84d4f353a Endzeit: 3 Anwendungspfad:
C:\Users\MrMatrix\Downloads\Nero-12.5.01900_trial.exe Berichts-ID: 8f9f0367-e1ab-11e2-9a36-f46d049685c7
Error - 30.06.2013 13:37:16 | Computer Name = core2duo | Source = MsiInstaller | ID = 1013
Description =
Error - 01.07.2013 13:17:21 | Computer Name = core2duo | Source = Application Error | ID = 1000
Error - 02.07.2013 15:38:57 | Computer Name = core2duo | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1c28
Startzeit der fehlerhaften Anwendung: 0x01ce775bc81f0f44
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Windows Media Player\wmplayer.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 08c48291-e34f-11e2-90cf-12319e29871b
Error - 03.07.2013 19:52:10 | Computer Name = core2duo | Source = Application Error
| ID = 1000
[ System Events ]
Error - 05.07.2013 20:13:25 | Computer Name = core2duo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.07.2013 20:13:25 | Computer Name = core2duo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.07.2013 20:13:25 | Computer Name = core2duo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.07.2013 06:45:22 | Computer Name = core2duo | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 06.07.2013 16:49:59 | Computer Name = core2duo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 06.07.2013 16:49:59 | Computer Name = core2duo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 06.07.2013 16:50:29 | Computer Name = core2duo | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Radio.fx Server" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 06.07.2013 16:55:57 | Computer Name = core2duo | Source = volsnap | ID = 393232
Description = Die Schattenkopien von Volume "E:" wurden verworfen, weil die Bereitsstellungaufhebung
von Volume "E:", das einen Schattenkopiespeicher für diese Schattenkopie enthält,
erzwungen wurde.
Error - 06.07.2013 17:10:27 | Computer Name = core2duo | Source = volsnap | ID = 393226
Description = Die Schattenkopie von Volume "" hat das Installationszeitlimit überschritten.
Error - 06.07.2013 17:10:47 | Computer Name = core2duo | Source = volsnap | ID = 393226
Description = Die Schattenkopie von Volume "" hat das Installationszeitlimit überschritten.
< End of report >
--- --- --- |
