| Bontakun | 13.06.2012 20:14 |
Eidgenössischer Polizeitrojaner
Hallo Zusammen
Ich habe keine Ahnung was ich jetzt schreiben soll :crazy:
Ich habe einen "Polizeitrojaner" auf meinem PC, der fast so ist wie der hier: http://www.trojaner-board.de/116562-...-gesperrt.html
Ausser, dass er bei mir nicht von der Bundespolizei kommt, sondern von der Schweizer Eidgenossenschaft.
Wie angewiesen Poste ich hier die OTL.txt, die Extras.txt und die defogger_disable.
Hoffe dass ich alles richtig gemacht habe
Besten dank im voraus
PS
defogger_disable Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 02:12 on 14/06/2012 (Hellsing)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
OTL.txt Code:
OTL logfile created on: 14.06.2012 02:45:24 - Run 9
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Hellsing\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
31.98 Gb Total Physical Memory | 30.08 Gb Available Physical Memory | 94.07% Memory free
47.97 Gb Paging File | 46.16 Gb Available in Paging File | 96.23% Paging File free
Paging file location(s): c:\pagefile.sys 16384 16384 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.47 Gb Total Space | 97.90 Gb Free Space | 43.81% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1291.81 Gb Free Space | 69.34% Space Free | Partition Type: NTFS
Computer Name: HELLSING-PC | User Name: Hellsing | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.11 19:29:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Hellsing\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.12.03 05:18:12 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.08.12 16:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.03 21:38:44 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.01 17:39:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.30 00:41:45 | 003,417,376 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012.05.21 16:16:14 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.20 18:58:39 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.05.08 22:41:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 22:41:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.14 18:55:04 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.06.13 10:36:54 | 000,922,240 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011.03.13 11:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010.11.23 18:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.08 22:41:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 22:41:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.14 18:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.03 07:51:40 | 010,588,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.03 04:22:06 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.09.14 18:05:34 | 000,394,216 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.09.14 18:05:34 | 000,129,000 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.11 22:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011.04.11 22:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2011.03.13 11:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 11:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 11:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 11:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 11:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 11:58:42 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.13 11:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 11:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.08 15:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.09.21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.08.27 19:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.08.10 11:29:15 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.03 17:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.04.22 09:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E7 6A AA 1C 0C DA CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.ch/"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.07 19:25:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.01.23 22:20:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hellsing\AppData\Roaming\mozilla\Extensions
[2012.05.24 16:54:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hellsing\AppData\Roaming\mozilla\Firefox\Profiles\trbzv936.default\extensions
[2012.01.31 22:52:44 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Hellsing\AppData\Roaming\mozilla\Firefox\Profiles\trbzv936.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.07 19:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.24 16:54:01 | 000,102,890 | ---- | M] () (No name found) -- C:\USERS\HELLSING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TRBZV936.DEFAULT\EXTENSIONS\FBPHOTOZOOM@INSTALLDADDY.COM.XPI
[2012.06.01 17:40:25 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.01 17:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Hellsing\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [lezroafehskwsmw] C:\ProgramData\lezroafe.exe ()
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Hellsing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech blank Produktregistrierung.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hellsing\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hellsing\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7AF86595-EACC-4807-95CE-828D02BF1594}: DhcpNameServer = 212.90.199.2
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{15eb44af-45f1-11e1-bc2c-c8600005d867}\Shell - "" = AutoRun
O33 - MountPoints2\{15eb44af-45f1-11e1-bc2c-c8600005d867}\Shell\AutoRun\command - "" = V:\SETUP.EXE
O33 - MountPoints2\{15eb44af-45f1-11e1-bc2c-c8600005d867}\Shell\configure\command - "" = V:\SETUP.EXE
O33 - MountPoints2\{15eb44af-45f1-11e1-bc2c-c8600005d867}\Shell\install\command - "" = V:\SETUP.EXE
O33 - MountPoints2\{cc6b7d2b-44ae-11e1-af29-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc6b7d2b-44ae-11e1-af29-806e6f6e6963}\Shell\AutoRun\command - "" = X:\AutoRunCD.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.12 01:36:00 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Hellsing\Desktop\OTL.exe
[2012.06.10 20:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\wlrzueoncnddcnw
[2012.06.04 20:58:05 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\Documents\Diablo III
[2012.06.04 17:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.06.04 17:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012.06.04 17:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.06.04 17:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012.06.04 17:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.06.04 15:35:33 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Roaming\Apple Computer
[2012.06.03 21:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.06.03 21:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.06.03 21:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.06.03 21:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.06.03 21:40:21 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Local\Apple
[2012.06.03 21:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.06.03 21:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.05.28 21:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows
[2012.05.21 18:53:18 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\Documents\Revoca
[2012.05.21 18:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Revoca Lernsoftware
[2012.05.21 16:16:20 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Local\GameSpy
[2012.05.21 16:16:12 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Local\ApplicationHistory
[2012.05.20 19:00:05 | 000,000,000 | RH-D | C] -- C:\Users\Hellsing\AppData\Roaming\SecuROM
[2012.05.20 18:59:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2012.05.20 18:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.05.20 18:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.05.20 17:25:23 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Local\ElevatedDiagnostics
[2012.05.20 17:21:19 | 000,000,000 | ---D | C] -- C:\Users\Hellsing\AppData\Local\Okidata
[2012.05.20 17:20:37 | 000,119,808 | ---- | C] (Oki Data Corporation) -- C:\Windows\SysNative\opnetext.dll
[2012.05.20 17:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Okidata
[2012.05.20 17:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Okidata
[2012.05.20 17:20:31 | 000,158,208 | ---- | C] (Oki Data Corporation) -- C:\Windows\SysNative\OPDMN075.DLL
[2012.01.29 00:32:10 | 003,448,816 | ---- | C] (TeamViewer) -- C:\Program Files (x86)\TeamViewerQS_de.exe
========== Files - Modified Within 30 Days ==========
[2012.06.14 01:44:47 | 001,642,740 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.14 01:44:47 | 000,707,446 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.14 01:44:47 | 000,661,064 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.14 01:44:47 | 000,153,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.14 01:44:47 | 000,125,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.14 01:40:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.14 01:39:48 | 000,000,206 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012.06.14 01:33:23 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.14 01:33:23 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.12 01:32:23 | 000,000,188 | ---- | M] () -- C:\Users\Hellsing\defogger_reenable
[2012.06.11 21:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.11 19:29:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Hellsing\Desktop\OTL.exe
[2012.06.11 10:53:04 | 000,050,477 | ---- | M] () -- C:\Users\Hellsing\Desktop\Defogger.exe
[2012.06.10 20:24:49 | 000,000,052 | ---- | M] () -- C:\ProgramData\ybvkvehaobpmobk
[2012.06.10 20:23:48 | 000,053,248 | ---- | M] () -- C:\ProgramData\lezroafe.exe
[2012.06.10 20:23:48 | 000,053,248 | ---- | M] () -- C:\ProgramData\gpzslihr.exe
[2012.06.10 20:23:48 | 000,053,248 | ---- | M] () -- C:\ProgramData\cfpbhvud.exe
[2012.06.10 20:23:48 | 000,053,248 | ---- | M] () -- C:\Users\Hellsing\0.8043835681483237.exe
[2012.06.03 21:38:44 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.03 21:38:44 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.05.22 18:11:02 | 000,418,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.05.21 16:16:12 | 000,000,096 | ---- | M] () -- C:\Users\Hellsing\AppData\Local\fusioncache.dat
[2012.05.20 18:59:59 | 001,669,102 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.20 18:58:44 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.20 18:58:39 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.20 18:58:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
========== Files Created - No Company Name ==========
[2012.06.14 02:11:17 | 000,050,477 | ---- | C] () -- C:\Users\Hellsing\Desktop\Defogger.exe
[2012.06.12 01:32:23 | 000,000,188 | ---- | C] () -- C:\Users\Hellsing\defogger_reenable
[2012.06.10 20:24:49 | 000,053,248 | ---- | C] () -- C:\ProgramData\lezroafe.exe
[2012.06.10 20:24:49 | 000,053,248 | ---- | C] () -- C:\ProgramData\gpzslihr.exe
[2012.06.10 20:23:48 | 000,053,248 | ---- | C] () -- C:\ProgramData\cfpbhvud.exe
[2012.06.10 20:23:48 | 000,053,248 | ---- | C] () -- C:\Users\Hellsing\0.8043835681483237.exe
[2012.06.10 20:23:48 | 000,000,052 | ---- | C] () -- C:\ProgramData\ybvkvehaobpmobk
[2012.06.03 21:40:21 | 000,002,563 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.05.21 16:16:12 | 000,000,096 | ---- | C] () -- C:\Users\Hellsing\AppData\Local\fusioncache.dat
[2012.05.20 18:58:40 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.20 18:58:39 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.20 18:58:39 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.20 17:20:37 | 000,003,442 | ---- | C] () -- C:\Windows\SysNative\opnedef.str
[2012.05.20 17:20:37 | 000,000,044 | ---- | C] () -- C:\Windows\SysNative\opnetext.ver
[2012.05.20 17:20:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\opnetext.gid
[2012.05.20 17:20:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\OPNETEXT.GID
[2012.04.10 20:48:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.10 20:47:07 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.10 20:47:07 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.04.10 20:47:07 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.03.12 22:06:06 | 000,007,605 | ---- | C] () -- C:\Users\Hellsing\AppData\Local\Resmon.ResmonCfg
[2012.03.12 08:50:27 | 001,669,102 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.14 18:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.14 18:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.14 18:47:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.02.14 18:44:24 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.02.14 17:59:56 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.01.23 23:52:27 | 005,253,280 | ---- | C] () -- C:\Windows\PE_File.dll
[2012.01.23 23:27:49 | 005,187,744 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2012.01.23 23:17:14 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.01.23 23:17:13 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.01.23 23:04:01 | 000,000,306 | ---- | C] () -- C:\Windows\lgfwup.ini
[2012.01.23 22:17:07 | 000,614,400 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.01.23 22:17:07 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.01.22 23:26:59 | 000,045,287 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012.01.22 23:24:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.01.22 23:24:35 | 000,029,350 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.12.03 04:28:12 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\amdave32.dll
[2011.12.02 22:19:48 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.02 22:19:36 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2010.08.03 07:21:24 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
========== LOP Check ==========
[2012.05.24 21:24:14 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\.minecraft
[2012.01.29 17:43:31 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\DAEMON Tools Lite
[2012.01.31 22:53:22 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\DVDVideoSoft
[2012.01.31 22:52:44 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.23 00:02:25 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\GHISLER
[2012.01.23 22:23:00 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\Leadertech
[2012.01.30 20:36:06 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\Opera
[2012.01.29 00:31:30 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\TeamViewer
[2012.02.15 20:26:36 | 000,000,000 | ---D | M] -- C:\Users\Hellsing\AppData\Roaming\The Creative Assembly
[2012.06.14 01:39:48 | 000,000,206 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012.04.23 19:25:26 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras.txt Code:
OTL Extras logfile created on: 14.06.2012 02:45:24 - Run 9
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Hellsing\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
31.98 Gb Total Physical Memory | 30.08 Gb Available Physical Memory | 94.07% Memory free
47.97 Gb Paging File | 46.16 Gb Available in Paging File | 96.23% Paging File free
Paging file location(s): c:\pagefile.sys 16384 16384 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.47 Gb Total Space | 97.90 Gb Free Space | 43.81% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1291.81 Gb Free Space | 69.34% Space Free | Partition Type: NTFS
Computer Name: HELLSING-PC | User Name: Hellsing | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006D8662-6DD0-49C6-A4E2-5C2489C29D69}" = rport=445 | protocol=6 | dir=out | app=system |
"{0738FF28-C7A8-40F0-A910-A236FDE03EAD}" = rport=138 | protocol=17 | dir=out | app=system |
"{2FDD7A72-D7AE-46E1-BA5D-0C003876027C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3946883A-0F4A-4F6C-9C73-12F0AFF3D723}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3C25F898-1543-4C68-8957-52C3695E2C16}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3D7F4268-C2C7-48B0-B43D-6FE61757718B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{409F2325-55E3-4D45-A167-1D59016ADF1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48329787-3D34-410E-AE02-F99E7E2F1F2A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49B298B3-C758-4067-BB72-70E7F2906A3A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{4EC4925E-F5C2-4E12-A705-3BFC1860925E}" = rport=139 | protocol=6 | dir=out | app=system |
"{527AF6C1-6916-4BD2-A8CE-7E54E8E917EB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{94268214-79B4-4527-8934-5D69F1FD9C20}" = rport=10243 | protocol=6 | dir=out | app=system |
"{96927A65-28DA-49BC-A506-ECD27C4A6BCC}" = lport=139 | protocol=6 | dir=in | app=system |
"{A50A81C7-63FD-4CED-8842-FC166DCB99BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC415FA8-E620-4BA7-8654-0F6AC60A67AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BEB15FE6-6B5E-422C-B2FD-3B889957624B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1DF45CA-B114-48D5-8B22-3024B48AB8BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{D704EC91-2B03-487E-BEAB-36CF9B8FE66A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD2EC8AD-0451-4E50-BE39-2F8F08EEB434}" = lport=137 | protocol=17 | dir=in | app=system |
"{E7E89738-C724-4C23-8769-CD24D84F658D}" = lport=138 | protocol=17 | dir=in | app=system |
"{EC13A88E-5322-411D-880F-81CBFF535909}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FBAC0182-4027-43C9-9C10-AA89F8C696B8}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06322DBC-F2F4-431C-BF3A-026DFE8DDB04}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{0E1AF5ED-EDB9-4F18-BF9B-673CBF97D039}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{124340CF-0410-4F14-B5ED-8AA685AC4559}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{1278669A-CC78-4CDB-A7FC-657AFF580F73}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16618BA7-9DF3-4856-99DE-992558C1581D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16C2EF2E-CCAE-4EFF-86BB-0173F7DE940E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{190923FA-FCA5-408B-BD83-953BEB333C5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19586CD4-0B4A-46FD-84DB-8BDA518B186F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{1F4043C1-94A1-406D-9B39-0C7EDFE8C62E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{21B84E60-822F-437E-9264-DD457047E7D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{27F8577E-A6B6-4840-87BD-7DF4390F3613}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2E37D925-96E3-4BFA-A4EF-359CC7D49744}" = protocol=6 | dir=out | app=system |
"{2EE595E3-6F50-461F-8A3F-79A8F232A632}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{300EE6A0-837F-4199-B5FD-47A9406A9D02}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{316CCCB0-40B2-44F3-A705-6B79D436692D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3496C0D8-C467-4D52-A4AC-9D7F15F5C0D3}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{34CEA6A9-2AC6-469D-B014-A33D374C3146}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3695DC66-AEF3-4BEF-99FC-B95B78FD8439}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{3851B2FC-1009-48B7-B04C-3152E16A6DEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{39342CE1-0791-4D86-8C35-AC1A0EABE94D}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3EC1ACA2-471D-4589-9EF7-965C046B653A}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{3EF476B7-C24E-457E-A87C-129C5791CCF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{40D1F74F-9F95-4A8A-A954-0B8FD3017D51}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{412F919D-DB02-43EB-BD57-A292CE48530F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{48540904-A3AD-4B7F-9A20-A28D90618836}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{4CC52348-8B00-4672-B1C1-4A8923914D17}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4E266D39-F6D6-461A-93D2-12E60D1471E3}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{4EDFB223-8391-4C6A-9E40-751B2DD38C4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{5310555D-DF19-4A0A-AE1C-A076D7EE48C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57B9449D-E11E-4549-B2A1-A5C19B8E645E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58FBC435-EDF7-4E54-AAD6-FA460E74FE8E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5CA0A4CC-C3B6-41C7-90C7-67DF98EEB4B9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{60105456-F187-43B6-8FDF-56D39B4B0AE8}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{61C21D8D-15E7-4E46-BA34-93AA5325E417}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{677BBA4E-BA1E-4C7E-AA23-6D0416B63489}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{6CDC5845-EE38-45F9-938B-DA364FA93F76}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\asus mobilink\iphone simulator\pnsvc.exe |
"{70793D2E-6D8E-442A-8F38-90A42C1D9FDA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{7329520A-9CA2-4612-A4B2-B4A26B3BB3E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E17D527-F66E-4FBF-A2CC-E2A3692BA36F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{804F6CF5-5937-43B3-95B6-A1920B4ACC27}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{84F1B99D-7E8C-4E52-9976-0575D0819A9A}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{86AA00BA-0329-4CA4-AAC8-D24D49B66A50}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90B9216F-4968-4DFB-82BA-592C42BF436A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{92BAE686-EF01-4D60-9160-2511C68B5324}" = protocol=6 | dir=in | app=c:\users\hellsing\appdata\local\akamai\netsession_win.exe |
"{94553825-5A62-4090-875B-FE3B0952C29C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{951E6E90-5786-4502-B67C-B7B20CB613C7}" = protocol=17 | dir=in | app=c:\users\hellsing\appdata\local\akamai\netsession_win.exe |
"{95968DC6-4285-43C9-96D1-D677CF7EB56F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99C17D3C-2E0A-4908-923B-50A8014052B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{9EAAAD6B-93B9-45A5-84CA-C0C4725FEBD8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{A221B78E-35B8-4D3E-824C-9B0AD2012BF3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A634E799-CDAB-43C4-A923-4DA35BD88D21}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A968E7E6-8A70-4896-BCE4-15DC8ABE3628}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{AC19227B-7A15-4545-80C7-2C27340383FE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{B0B5B3AF-407A-49E9-A18D-0BC086AF3C71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3DD703A-6A69-414E-BE77-B25E0428F572}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{B555B7A0-0D25-4BEE-9B9B-8DD5C870374E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B950A9DB-2DBD-448B-A674-B421BE402254}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BA836654-0990-4BCF-B9EE-FA5BDCDB3717}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C3F5A24C-5F60-44B3-B9E9-57149B41B6CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{C4304712-113E-44DD-885D-C0CD90D0BA3F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{C67D2817-C476-4BA4-A5AF-E6DE6AE981F7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{C8C4C357-F13D-45B8-A372-B94AEEABDFB1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CEB520DE-33C4-4769-AE9D-FE7DC29381EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{CF730A01-0321-48D9-98A4-DBD776ED267E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{E8C3870E-1CEC-4789-9798-7B292CBF50B6}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"TCP Query User{117EDA1E-8494-4B2A-9298-8D38746A3712}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{35FE3CAE-D96C-4089-8D32-04500065E8D5}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{602E0438-C161-452E-8E60-3135418D9AA8}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{9EEF634E-509A-426D-8672-8677C2037DE0}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{9EFAFF7B-C33E-434E-8C5E-FF91CDA66F4E}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{ADA0905D-392E-45FB-A672-7677132A7FCA}C:\program files (x86)\1clickdownload\1clickdownload.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownload.exe |
"TCP Query User{F7A44262-7E02-46F4-9F2F-0194771EF00F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{13705AD9-433A-4326-BC68-79A0F2C67CF3}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{17ABCD8D-8108-42FB-8676-F5FA9B18A5D7}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{24624015-2524-44D0-8049-869AFA92F103}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{77418C11-6282-4D78-A105-27C49C5427F6}C:\program files (x86)\1clickdownload\1clickdownload.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownload.exe |
"UDP Query User{85078F31-C9B5-474B-B75C-E92AB42A4050}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{AD180B4D-D2D1-42E8-A2C7-1CF99ADD5456}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{F19C47E0-D8E4-4D0B-8BD5-95B132CA79A2}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0017-0407-1000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2010
"{90140000-0017-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{D3646908-5C00-4C50-B9A5-9F1D1A83B452}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.OMUI.de-de_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIO_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.VisMUI.de-de_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.OMUI.de-de_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIO_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.VisMUI.de-de_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.OMUI.de-de_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.VisMUI.de-de_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIO_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.VISIO_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.VISIO_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-1000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{1F29ED16-958F-4278-B8DD-5F421E1166DA}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0054-0409-1000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-0054-0409-1000-0000000FF1CE}_Office14.VISIO_{7DC2B20B-31B9-4C7C-B8DC-8492A9A3095E}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0055-0407-1000-0000000FF1CE}" = Microsoft Office VisMUI (German) 2010
"{90140000-0055-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{F0105021-0FBE-4517-B972-1B573A17CC40}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{9081486B-B26D-42DB-8D31-81C525A9526A}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0100-0407-1000-0000000FF1CE}" = Microsoft Office O MUI (German) 2010
"{90140000-0100-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{E2D2FA5C-6353-4F7B-9ABF-F548759A5D35}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0407-1000-0000000FF1CE}" = Microsoft Office X MUI (German) 2010
"{90140000-0101-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{EA7ED796-796A-4C86-8BCB-88A55C89E32C}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0407-1000-0000000FF1CE}_Office14.VisMUI.de-de_{EA7ED796-796A-4C86-8BCB-88A55C89E32C}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{A99F0C57-4D65-83B3-3466-9072D1892D51}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{CA9A3E57-7DEB-BEFC-409E-FC704DD0B1AE}" = AMD Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Office14.OMUI.de-de" = Microsoft Office Language Pack 2010 - German/Deutsch
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIO" = Microsoft Visio Premium 2010
"Office14.VisMUI.de-de" = Microsoft Visio Language Pack 2010 - German/Deutsch
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"sp6" = Logitech SetPoint 6.32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0D0570FC-23D9-B634-9C20-55E73A2358C4}" = CCC Help Norwegian
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{10092811-DB20-1C26-E1E6-5C743EEF4955}" = CCC Help Dutch
"{10E9ADC9-F178-D887-2899-57541303436F}" = CCC Help German
"{12117975-3B3E-DD59-0139-C168E511DB85}" = CCC Help Russian
"{16F669CE-854F-F722-8FD9-5D4731BFD565}" = CCC Help Italian
"{1DA8C485-28AA-97B7-13C0-45D22E489AB7}" = CCC Help French
"{1EA89FA1-2103-06E7-6DD4-90D3EE988714}" = CCC Help Hungarian
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254B3DAA-0179-5B76-A15E-491837281C32}" = CCC Help Portuguese
"{2647C91D-6E62-83AA-494D-1BDCF2AD4D9F}" = CCC Help Chinese Standard
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD Advisor 2.0
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43233646-BE3B-F242-49F6-2A2C9BB29DFA}" = CCC Help Spanish
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2A9FC-3FD4-49FC-72CC-FB2DD076A800}" = CCC Help Japanese
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{54998983-4BAC-26B9-14A2-2302EB08778E}" = Catalyst Control Center
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5729DA4D-AEBC-C6F2-FB2D-1BC9B290BD19}" = CCC Help Danish
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG Tool Kit
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6AE6DB16-25A7-DA7E-16DC-0AF149AA7731}" = CCC Help Greek
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7936E2AA-C2C5-61E2-9128-272DB9D2B429}" = CCC Help Thai
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7E666A24-E069-DBA3-5376-4193EDBABC93}" = CCC Help Korean
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{857E7434-86A5-98A7-A4DE-53FAE2D07CFE}" = CCC Help English
"{871AC27D-7BD4-BFA8-0270-BA2305F8B3E2}" = Catalyst Control Center Localization All
"{9043A7CD-D637-6738-651A-5448AF9A8FA0}" = CCC Help Chinese Traditional
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{AB35DF1B-FF75-0A24-A2B0-E9FACA834EF5}" = CCC Help Finnish
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AD72733C-3345-628E-C9B1-6523F5C21534}" = CCC Help Czech
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C39C9BB1-0203-A91A-DA71-A657BBEABC01}" = CCC Help Swedish
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF6D5E33-7D66-472C-BB9D-A886A2FE252A}" = Catalyst Control Center InstallProxy
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E64998BE-263A-BC4A-ACC9-BC4D4C09AAE3}" = CCC Help Turkish
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A4CA6-6BEB-8EAE-EB9A-E5B3395BD418}" = CCC Help Polish
"{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE)
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownloader" = 1ClickDownloader
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"Combat Arms EU" = Combat Arms EU
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Opera 11.64.1403" = Opera 11.64
"PunkBusterSvc" = PunkBuster Services
"Revoca 5 5.3" = Revoca 5 5.3
"Steam App 105600" = Terraria
"Steam App 240" = Counter-Strike: Source
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.11
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.06.2012 13:18:15 | Computer Name = Hellsing-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10.06.2012 13:43:47 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2012 14:31:00 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2012 14:34:21 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2012 10:53:03 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2012 15:27:37 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2012 19:08:00 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2012 19:29:10 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.06.2012 19:31:45 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.06.2012 19:42:32 | Computer Name = Hellsing-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:41:03 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 19:42:10 | Computer Name = Hellsing-PC | Source = DCOM | ID = 10005
Description =
Error - 13.06.2012 19:42:10 | Computer Name = Hellsing-PC | Source = DCOM | ID = 10005
Description =
Error - 13.06.2012 19:42:10 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.06.2012 20:01:30 | Computer Name = Hellsing-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
