OTL Logfile: Code:
OTL Extras logfile created on: 02.08.2012 15:06:47 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Sren\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,95 Gb Available Physical Memory | 73,74% Memory free
8,00 Gb Paging File | 6,79 Gb Available in Paging File | 84,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 63,03 Gb Free Space | 27,07% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 57,22 Gb Free Space | 12,28% Space Free | Partition Type: NTFS
Drive G: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,74 Gb Total Space | 3,35 Gb Free Space | 89,56% Space Free | Partition Type: FAT32
Computer Name: SREN-PC | User Name: Sren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C45E73-C9D2-4A71-983F-68254E2F5FCD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{01DAE92E-8590-4D7A-9C38-C9A747F36AEB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AD0F812-01A5-43FC-9BE6-58F61225C489}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3CB6BD1D-04B1-4DE4-B00C-C8DE372BB193}" = lport=445 | protocol=6 | dir=in | app=system |
"{40FF36CA-E438-4E90-80DC-4F0F507DF0B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A49E008-BECE-4199-A240-F251C5A3F99D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54B92A40-8EDF-444B-8D43-9613494617B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DA37574-6EA4-4429-8C2D-7E9CC3DAC59C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6BF10514-1C09-4E21-A055-422AFEE07153}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CBB79EA-00DD-4719-B33A-7DB0273DE797}" = rport=138 | protocol=17 | dir=out | app=system |
"{889DEE50-C35F-4370-965F-B771BF58634E}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C97C5DE-41FD-4AC4-BFEA-55194DE5C850}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91475F23-CA2B-4D0C-AD37-B4F816FA90DC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{922E89A4-51AC-4081-9BD0-BCA89AA5CF0B}" = rport=137 | protocol=17 | dir=out | app=system |
"{9ECB036D-D620-4C8F-BB28-F2B54FFABC1F}" = rport=445 | protocol=6 | dir=out | app=system |
"{AA36FA3F-2450-4A49-B24B-090CAAFD5D68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B153BA92-ABC9-410C-AFD3-D2FE16A37D78}" = lport=137 | protocol=17 | dir=in | app=system |
"{B267E35D-29C8-4400-96BF-84694837293A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C004462E-C9B0-4646-9F44-870652E8020D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C8F86B34-E8E9-4EB1-B4A7-84E1C65BEE22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CD5A61ED-B76C-4EB6-B168-CAAE7330751D}" = lport=138 | protocol=17 | dir=in | app=system |
"{CDFE3B9C-0343-4712-99C3-BADE81BA8EAB}" = rport=139 | protocol=6 | dir=out | app=system |
"{FC873D31-CB79-475A-8B04-F9DB2F50BA44}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000C775A-39F1-49F3-A339-925DC9DE0BEC}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{00489BB2-0E58-4CC5-A128-9AD36BFAB5EC}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{01644629-2AB7-4814-A20B-91A167C8CE51}" = protocol=6 | dir=in | app=c:\games\starcraft ii\starcraft ii.exe |
"{09319E4E-0396-49C6-AA8C-2D9244EDE917}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{1576DBAC-50D8-4063-81D8-3B3288FD1BA8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1ADB7F54-15D5-41E3-A93C-7C1B6BE2C650}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{2349AB72-F858-40F5-8652-D69F7234A239}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{23DA437A-09D3-47D6-B24A-A3B4CD07707B}" = protocol=17 | dir=in | app=c:\games\diablo iii\diablo iii.exe |
"{285B2203-6644-4DFA-B2F7-F8F081BD1520}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DB8B115-3C25-4E13-A649-74D48364DE0E}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\tolles\half-life\hl.exe |
"{2F68457D-1CDB-4B0F-9B7D-AE2E16B29AC4}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{41AA9EBF-413D-4F6B-92BF-1EDED2760243}" = protocol=6 | dir=out | app=system |
"{489D3395-33C6-454F-A3A0-6C6967551D9E}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\tolles\counter-strike\hl.exe |
"{565009BE-9AF3-4790-8C78-ACF01E063C61}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{5E2C1C6D-A9F2-4764-B788-A0C9C7A1AC5D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{6C8EFC3F-B458-4D09-B56A-5631DAC95759}" = protocol=17 | dir=in | app=c:\games\diablo iii beta\diablo iii.exe |
"{73738F8B-2380-487B-ACAF-EB9F865F804E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{77C888BF-CBBD-4F99-89D5-64B63A6B7DAA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7B10EEF6-F686-4F6D-931F-AA20010F39A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8360826E-FC9A-4321-A9C9-4ECE4C78AFA2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{896412BF-8894-4772-9F6B-A39731677CF9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8D9B2D9E-1784-4930-B801-73AEC0E28C1D}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{8E1A1EEE-A880-413F-A75B-0FB2C2AA65C3}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{8E5354E3-900E-4E9B-B17F-0593C1823005}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9080ED01-4BCD-4661-B573-E7D80D84A049}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{924D75ED-9030-4883-AADC-02888A406CF3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{9488C561-0648-482B-BC04-E4134372156E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{97C01882-7C61-474B-8764-31B5911A96AB}" = protocol=6 | dir=in | app=c:\games\diablo iii beta\diablo iii.exe |
"{98AE0001-CB28-42D1-B46F-973E2D03850A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D2C5C77-152C-4D34-9334-959C8D53B64C}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{A57C67FA-7376-4983-8D68-1DDA31F74EBC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC1D962D-101B-4374-9DCA-8EE5693C25FB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ADF3E0F7-C0C1-45CF-88ED-5CEB8B83F4A3}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{B5B07BD9-4C4E-4B5B-9FDC-0B53BF3E97C1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{BCABE1C0-0A65-49E9-83B7-C52B7895D3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD32E587-8909-4308-B198-DE9BCE8D9121}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\tolles\half-life\hl.exe |
"{BD3C5031-D8C1-407F-AB15-77F24ADF42A0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BF7AB4B1-EFE5-4E9B-9907-242D37A9F765}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\tolles\counter-strike\hl.exe |
"{C26C01B2-AC83-45BB-89FE-64B8D819F526}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C74E4266-49FD-48EA-9E55-E3F9533209EB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C81F8AB1-15D0-48A0-BF83-03F5E590C9F0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{CAC3BC0D-FCC2-4887-9CBC-02A6E105213B}" = protocol=6 | dir=in | app=c:\games\diablo iii\diablo iii.exe |
"{CD93003E-01C4-4A33-A42C-AB87188AFBC1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{D3BFD206-C3F9-4428-B4B5-5D5B09981E3B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D5A8D773-D1CC-45B6-81C3-A3F1AB5DE702}" = protocol=17 | dir=in | app=c:\users\sren\appdata\roaming\dropbox\bin\dropbox.exe |
"{DD8B9311-2FEB-40C1-A9B4-55E0E4F50B79}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DD9C7453-C2F0-47BF-AD57-1DE85B590368}" = protocol=17 | dir=in | app=c:\games\starcraft ii\starcraft ii.exe |
"{DE80D269-76A9-45C0-881A-4E1908B9A28D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E533EBA5-5EAE-49D5-A531-A9973CF44335}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{E80E95B8-D4AA-418B-8107-4D34825B3686}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8DD8413-DF6E-4199-BEF4-715AEBBB51EC}" = protocol=6 | dir=in | app=c:\games\steam\steam.exe |
"{F4F2EC7D-9782-434D-92AB-C1F192975CC5}" = protocol=6 | dir=in | app=c:\users\sren\appdata\roaming\dropbox\bin\dropbox.exe |
"{F55EC3D5-F4A6-48BF-94B9-54870C804890}" = protocol=17 | dir=in | app=c:\games\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{F68DC9DA-B11C-4DA6-970C-471EBAD7BF16}" = protocol=6 | dir=in | app=c:\games\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{F7A55AD0-FEC4-4AA4-96EF-CAE797643467}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FC1545CB-D6F4-4FF2-BFD0-84674A70234B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{FC6A7424-A430-4D24-A388-E4200199BF97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FD010C24-E1BA-4760-B753-2E9E64F06E07}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FDBDB10C-41BE-4CDA-BAF9-E4A39144CA41}" = protocol=17 | dir=in | app=c:\games\steam\steam.exe |
"TCP Query User{06D08A8F-FAA5-45AB-BEE5-F781F61951CE}C:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\games\warcraft iii\war3.exe |
"TCP Query User{0C70E36D-EFCA-4413-B7DA-B25BE364EBF2}D:\backup\games\wtv\wtvclient.exe" = protocol=6 | dir=in | app=d:\backup\games\wtv\wtvclient.exe |
"TCP Query User{2DE9CB6C-6899-486B-B45F-76A39B82728A}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{39EC06EE-4D9C-4E85-90AB-15477D411DFF}C:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_full.exe" = protocol=6 | dir=in | app=c:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_full.exe |
"TCP Query User{4C59C82E-9B2E-41A6-9D58-C310F8B2C38F}C:\download\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=c:\download\diablo-iii-setup-engb.exe |
"TCP Query User{4F8A0FA6-AE80-4D99-831A-39F411F60A28}C:\download\diablo-iii-8370-engb-installer-downloader.exe" = protocol=6 | dir=in | app=c:\download\diablo-iii-8370-engb-installer-downloader.exe |
"TCP Query User{672AE9F7-0EBD-46A9-96F8-7A161FC93FB9}C:\games\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\games\runes of magic\client.exe |
"TCP Query User{725E841B-22D7-4458-9F32-0BA67B59F04E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{78707870-F13B-47D1-ADAD-41693B43F07F}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"TCP Query User{8AE1B04D-0144-4EB8-9866-C720DF35E440}C:\games\audiosurf\engine\questviewer.exe" = protocol=6 | dir=in | app=c:\games\audiosurf\engine\questviewer.exe |
"TCP Query User{996736C5-E5FD-4BFB-96A6-C4D435024E34}D:\backup\programme\qip\qip.exe" = protocol=6 | dir=in | app=d:\backup\programme\qip\qip.exe |
"TCP Query User{9EFCFA98-3EF9-469B-BFE0-72109303D4C3}C:\games\fifa11\game\fifa.exe" = protocol=6 | dir=in | app=c:\games\fifa11\game\fifa.exe |
"TCP Query User{BC621D78-E9A4-4777-9B75-67C9103BA1D2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{CE76BD48-3FA3-46CC-B2F4-F7A9CC2060F2}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{D41CF35C-0A96-4040-9E90-56C3CCD1F41B}C:\games\warsow 1.0\warsow_x64.exe" = protocol=6 | dir=in | app=c:\games\warsow 1.0\warsow_x64.exe |
"TCP Query User{F8AA2511-7954-44B4-9BF4-6F616410AA0C}C:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_slim.exe" = protocol=6 | dir=in | app=c:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_slim.exe |
"UDP Query User{0BC22D47-10F0-4CB5-8175-4C6440688E47}D:\backup\programme\qip\qip.exe" = protocol=17 | dir=in | app=d:\backup\programme\qip\qip.exe |
"UDP Query User{12F011D9-530D-480C-A63A-951CAED0D74F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{1D5BB2A3-1887-4DA2-8F77-55BF57AECEDB}C:\games\audiosurf\engine\questviewer.exe" = protocol=17 | dir=in | app=c:\games\audiosurf\engine\questviewer.exe |
"UDP Query User{1F0F3D2C-2C99-4E0B-9549-08A8C4E4250A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{4975EC76-2B33-4E5E-87FE-40A37C73AB11}C:\games\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\games\runes of magic\client.exe |
"UDP Query User{570539C2-9373-4DDF-8343-AC69ABB35327}C:\games\fifa11\game\fifa.exe" = protocol=17 | dir=in | app=c:\games\fifa11\game\fifa.exe |
"UDP Query User{64B5CB2A-99AE-4F32-B173-5DEC0F08C0DD}C:\download\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=c:\download\diablo-iii-setup-engb.exe |
"UDP Query User{724ED587-1781-455A-8BA0-238891F1B23E}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe |
"UDP Query User{7B419281-D2BC-4D3B-8713-B2B29E9C04A2}C:\games\warsow 1.0\warsow_x64.exe" = protocol=17 | dir=in | app=c:\games\warsow 1.0\warsow_x64.exe |
"UDP Query User{8A4C9EA8-2B8B-449E-B5D4-E4E9E7372664}C:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\games\warcraft iii\war3.exe |
"UDP Query User{92FED5EF-8D50-4E1E-A960-B245C7BE3703}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{9756593D-7671-4DA3-AC8A-5BECB27B0C22}C:\download\diablo-iii-8370-engb-installer-downloader.exe" = protocol=17 | dir=in | app=c:\download\diablo-iii-8370-engb-installer-downloader.exe |
"UDP Query User{A7648356-DF33-4334-88E4-7243B1B35828}C:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_full.exe" = protocol=17 | dir=in | app=c:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_full.exe |
"UDP Query User{AD118BBA-E0D7-43A1-9647-D838556DE8E0}D:\backup\games\wtv\wtvclient.exe" = protocol=17 | dir=in | app=d:\backup\games\wtv\wtvclient.exe |
"UDP Query User{AD6E2E5B-620B-45F1-A121-8496991474ED}C:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_slim.exe" = protocol=17 | dir=in | app=c:\download\neuer ordner (5)\runes_of_magic_5_0_0_2535_slim.exe |
"UDP Query User{B14BDBBE-CD3A-4413-9929-53F480E3ABD5}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java(TM) 6 Update 31 (64-bit)
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{64A3A4F4-B792-11D6-A78A-00B0D0160310}" = Java(TM) SE Development Kit 6 Update 31 (64-bit)
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GSview 5.0" = GSview 5.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"MiKTeX 2.9" = MiKTeX 2.9
"REAPER" = REAPER (x64)
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 1.0
"{25B69FD9-E2FB-41CE-BB5F-22C418FF5FDB}" = Quake Live Internet Explorer Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A24FE5DA-BA15-47A8-B69F-BDA0A4AA7765}" = Path of Exile
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}" = GIGABYTE VGA @BIOS
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{D801B39E-CE01-409F-8E7C-B7976EA3C9DC}_is1" = Audiosurf
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DF888BA9-C5F7-46A6-974F-DF53CBB8FAE4}" = Overwolf
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AD071E-2E86-4E8A-AA66-E8E222F84CDE}_is1" = Replay Explorer 3.0.2
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"0630-0716-3135-7887" = JDownloader 2
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0
"Aurora 16.0a2 (x86 de)" = Aurora 16.0a2 (x86 de)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AWC" = Advanced WarCraft3 Configurator (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Juke_is1" = WoLoSoft Juke 4.0.2
"LAME_is1" = LAME v3.99.3 (for Windows)
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0 (x86 de)" = Mozilla Firefox 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PartyPoker" = PartyPoker
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SopCast" = SopCast 3.5.0
"StarCraft II" = StarCraft II
"Steam App 12910" = Audiosurf Demo
"Steam App 24240" = PAYDAY: The Heist
"Steam App 57310" = Amnesia: The Dark Descent Demo
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"VLC media player" = VLC media player 2.0.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.07.2012 06:50:00 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.07.2012 05:54:26 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.07.2012 06:35:19 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.08.2012 07:55:42 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.08.2012 19:23:16 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.08.2012 19:32:03 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.08.2012 19:39:16 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.08.2012 03:47:47 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.08.2012 03:51:49 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.08.2012 08:07:26 | Computer Name = Sren-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
nicht initialisiert werden. Details: Could not query the status of the EventSystem
service. System Error: Der Computer wird heruntergefahren. .
Error - 02.08.2012 08:09:53 | Computer Name = Sren-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 02.08.2012 03:50:30 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 02.08.2012 03:50:30 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 02.08.2012 03:50:30 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 02.08.2012 03:52:12 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 02.08.2012 08:09:14 | Computer Name = Sren-PC | Source = DCOM | ID = 10016
Description =
Error - 02.08.2012 08:10:51 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 02.08.2012 08:10:51 | Computer Name = Sren-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 02.08.2012 09:05:42 | Computer Name = Sren-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 02.08.2012 09:05:43 | Computer Name = Sren-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 02.08.2012 09:05:43 | Computer Name = Sren-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 02.08.2012 15:06:47 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Sren\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,95 Gb Available Physical Memory | 73,74% Memory free
8,00 Gb Paging File | 6,79 Gb Available in Paging File | 84,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 63,03 Gb Free Space | 27,07% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 57,22 Gb Free Space | 12,28% Space Free | Partition Type: NTFS
Drive G: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,74 Gb Total Space | 3,35 Gb Free Space | 89,56% Space Free | Partition Type: FAT32
Computer Name: SREN-PC | User Name: Sren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sren\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV:64bit: - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (OverwolfUpdaterService) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe (Overwolf Ltd)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TEAM) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek )
DRV:64bit: - (RTVLANPT) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 4C 9B A6 3B 70 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://startsear.ch/?aff=1&src=sp&cf=4573c19e-43a1-11e1-8dd7-6cf049070cf0&q="
FF - prefs.js..network.proxy.http: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 16.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012.07.22 15:04:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 16.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Sren\AppData\Roaming\14001.002 [2012.07.23 02:18:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.06 16:30:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Sren\AppData\Roaming\14001.002 [2012.07.23 02:18:49 | 000,000,000 | ---D | M]
[2012.03.28 21:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sren\AppData\Roaming\mozilla\Extensions
[2012.07.22 13:30:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions
[2012.03.28 21:20:57 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2012.05.23 00:16:29 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\foxyproxy@eric.h.jung
[2012.07.03 21:58:31 | 000,000,000 | ---D | M] (Grooveshark Proxy) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\groovesharkProxy@DannieDarko
[2012.05.17 12:10:09 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\ich@maltegoetz.de
[2012.07.14 01:35:32 | 000,000,000 | ---D | M] (Real-Debrid - Plugin) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\real@debrid
[2012.03.28 21:20:57 | 000,000,000 | ---D | M] (Stratiform) -- C:\Users\Sren\AppData\Roaming\mozilla\Firefox\Profiles\aaurjcg1.default\extensions\Stratiform@SoapySpew
[2012.01.20 21:59:50 | 000,000,792 | ---- | M] () -- C:\Users\Sren\AppData\Roaming\Mozilla\Firefox\Profiles\aaurjcg1.default\searchplugins\startsear.xml
[2012.07.06 16:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.06 16:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2012.07.22 13:30:19 | 000,702,524 | ---- | M] () (No name found) -- C:\USERS\SREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAURJCG1.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.02.02 15:15:26 | 000,226,493 | ---- | M] () (No name found) -- C:\USERS\SREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAURJCG1.DEFAULT\EXTENSIONS\SCRIPTISH@ERIKVOLD.COM.XPI
[2012.07.07 16:25:43 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\SREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AAURJCG1.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.07.04 21:46:53 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.04 22:25:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.04 22:25:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.04 22:25:05 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.04 22:25:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.04 22:25:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.04 22:25:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sren\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sren\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sren\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - Extension: YouTube = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig
CHR - Extension: AdBlock = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: Ad Remover for Grooveshark = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\habolnmhiklofmgbkkbbpihdaceokicf\1.5_0\
CHR - Extension: Google Mail = C:\Users\Sren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DF686C7-5DA9-4437-AF71-E4FC326C6E02}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.06 14:26:23 | 000,000,309 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{c5170c5c-cb41-11e1-a90f-6cf049070cf0}\Shell - "" = AutoRun
O33 - MountPoints2\{c5170c5c-cb41-11e1-a90f-6cf049070cf0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- [2007.10.23 09:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.02 15:05:51 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Sren\Desktop\OTL.exe
[2012.08.02 02:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.08.02 02:32:55 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Canneverbe Limited
[2012.08.02 02:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2012.08.02 02:22:56 | 000,000,000 | ---D | C] -- C:\Users\Sren\Desktop\usbstick
[2012.07.31 13:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warsow 1.0
[2012.07.31 13:10:53 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Warsow 1.0
[2012.07.23 02:18:49 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\14001.002
[2012.07.23 02:18:23 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\xmldm
[2012.07.23 02:18:22 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\kock
[2012.07.22 15:04:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2012.07.22 14:32:29 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Mozilla-Cache
[2012.07.22 14:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker
[2012.07.22 14:31:49 | 000,000,000 | ---D | C] -- C:\Programs
[2012.07.18 14:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.07.18 14:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.07.16 21:42:47 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Replay Explorer
[2012.07.16 21:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Replay Explorer
[2012.07.16 21:42:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Explorer
[2012.07.14 19:59:05 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.07.14 19:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
[2012.07.14 19:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2012.07.14 00:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.07.13 21:05:14 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Local\PAYDAY
[2012.07.13 21:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.07.11 18:24:37 | 000,000,000 | ---D | C] -- C:\Users\Sren\Documents\FIFA 11
[2012.07.11 18:19:42 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\Leadertech
[2012.07.11 12:31:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.07.11 12:31:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.07.11 12:31:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.07.11 12:31:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.07.11 12:31:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.07.11 12:31:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.07.11 12:31:13 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.07.11 12:31:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.07.11 12:31:12 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.07.11 12:31:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.07.11 12:31:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.07.11 12:31:11 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.07.11 12:31:11 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.07.11 12:30:25 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.11 12:30:25 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.11 12:30:20 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.11 12:30:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.11 12:30:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.08 22:36:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader 2
[2012.07.07 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Sren\Desktop\DasW
[2012.07.06 00:20:27 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\dvdcss
[2012.07.06 00:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.06 00:18:42 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.06 00:18:38 | 000,000,000 | ---D | C] -- C:\Users\Sren\AppData\Roaming\DAEMON Tools Lite
[2012.07.06 00:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.07.06 00:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.07.04 01:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2012.07.03 23:05:50 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.03 23:05:13 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.07.03 23:05:13 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sren\AppData\Roaming\*.tmp files -> C:\Users\Sren\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.02 15:08:01 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.02 15:08:01 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.02 15:08:01 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.02 15:08:01 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.02 15:08:01 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.02 15:06:22 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Sren\Desktop\OTL.exe
[2012.08.02 14:51:10 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.02 14:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.02 14:16:00 | 000,021,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 14:16:00 | 000,021,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.02 14:08:15 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.02 14:08:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.02 14:08:00 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.02 09:47:20 | 004,503,728 | ---- | M] () -- C:\ProgramData\ras_0oed.pad
[2012.08.02 02:32:36 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.08.02 01:16:12 | 000,001,883 | ---- | M] () -- C:\Users\Sren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.31 13:11:46 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk
[2012.07.27 21:29:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.27 21:29:23 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.25 01:33:26 | 001,140,609 | ---- | M] () -- C:\Users\Sren\Desktop\120427 VBT12 Quali (nicht eingereicht weil zu schlecht).mp3
[2012.07.23 02:18:33 | 000,000,034 | ---- | M] () -- C:\Users\Sren\AppData\Roaming\blckdom.res
[2012.07.22 14:32:12 | 000,001,695 | ---- | M] () -- C:\Users\Sren\Desktop\PartyPoker.lnk
[2012.07.16 21:42:44 | 000,000,997 | ---- | M] () -- C:\Users\Sren\Desktop\Replay Explorer.lnk
[2012.07.15 15:38:17 | 000,259,058 | ---- | M] () -- C:\Users\Sren\Desktop\colinlow.jpg
[2012.07.15 15:26:38 | 000,043,571 | ---- | M] () -- C:\Users\Sren\Desktop\cloin bild3.png
[2012.07.14 03:04:54 | 000,017,866 | ---- | M] () -- C:\Users\Sren\Desktop\all.alb
[2012.07.12 13:53:09 | 000,276,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.11 17:56:53 | 000,000,061 | ---- | M] () -- C:\Windows\cdplayer.ini
[2012.07.06 19:32:37 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk
[2012.07.06 00:18:42 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Sren\AppData\Roaming\*.tmp files -> C:\Users\Sren\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.02 02:32:36 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.08.02 02:32:36 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.08.02 01:16:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\ras_0oed.pad
[2012.08.02 01:16:12 | 000,001,883 | ---- | C] () -- C:\Users\Sren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.31 13:11:46 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk
[2012.07.25 01:33:25 | 001,140,609 | ---- | C] () -- C:\Users\Sren\Desktop\120427 VBT12 Quali (nicht eingereicht weil zu schlecht).mp3
[2012.07.23 02:18:33 | 000,000,034 | ---- | C] () -- C:\Users\Sren\AppData\Roaming\blckdom.res
[2012.07.22 14:32:12 | 000,001,695 | ---- | C] () -- C:\Users\Sren\Desktop\PartyPoker.lnk
[2012.07.18 14:39:45 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.18 14:39:45 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.16 21:42:44 | 000,000,997 | ---- | C] () -- C:\Users\Sren\Desktop\Replay Explorer.lnk
[2012.07.15 15:26:38 | 000,043,571 | ---- | C] () -- C:\Users\Sren\Desktop\cloin bild3.png
[2012.07.15 15:16:13 | 000,259,058 | ---- | C] () -- C:\Users\Sren\Desktop\colinlow.jpg
[2012.07.11 17:56:53 | 000,000,061 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.07.08 22:37:36 | 000,001,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader 2.lnk
[2012.07.06 19:32:37 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk
[2012.07.06 19:32:36 | 000,001,081 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2012.07.04 01:22:33 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.07.04 01:22:32 | 000,002,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.07.04 01:22:32 | 000,002,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.04.13 22:28:50 | 000,001,412 | ---- | C] () -- C:\Users\Sren\gsview64.ini
[2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.01.31 01:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 01:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 01:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 01:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 01:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
< End of report >
--- --- --- |
