So, hier erstmal das Log vom adwCleaner: Code:
# AdwCleaner v2.105 - Datei am 11/01/2013 um 21:15:09 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Klangfarben - KLANGFARBEN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Klangfarben\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Klangfarben\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Klangfarben\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19393
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [3139 octets] - [11/01/2013 20:10:54]
AdwCleaner[S1].txt - [2911 octets] - [11/01/2013 21:15:09]
########## EOF - C:\AdwCleaner[S1].txt - [2971 octets] ##########
OTL Logs: Code:
OTL logfile created on: 11.01.2013 21:23:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Klangfarben\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,03% Memory free
6,19 Gb Paging File | 5,31 Gb Available in Paging File | 85,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 583,49 Gb Total Space | 8,62 Gb Free Space | 1,48% Space Free | Partition Type: NTFS
Drive D: | 12,67 Gb Total Space | 1,79 Gb Free Space | 14,10% Space Free | Partition Type: NTFS
Computer Name: KLANGFARBEN-PC | User Name: Klangfarben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Klangfarben\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Hauptprogramme\Programme\Avast!\AvastUI.exe (AVAST Software)
PRC - C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Klangfarben\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Hauptprogramme\Programme\CPUCooL\CooLSRV.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Hauptprogramme\Programme\WinRAR\RarExt.dll ()
MOD - C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\ContextHandler.dll ()
========== Services (SafeList) ==========
SRV - (MBAMService) -- G:\Hauptprogramme\Programme\Malwarebytes' Anti-Malware\Installed\mbamservice.exe File not found
SRV - (MBAMScheduler) -- G:\Hauptprogramme\Programme\Malwarebytes' Anti-Malware\Installed\mbamscheduler.exe File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (avast! Antivirus) -- C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CPUCooLServer) -- C:\Hauptprogramme\Programme\CPUCooL\CooLSRV.exe ()
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (DfSdkS) -- C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\DfSdkS.exe (mst software GmbH, Germany)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (XDva401) -- C:\Windows\system32\XDva401.sys File not found
DRV - (XDva400) -- C:\Windows\system32\XDva400.sys File not found
DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found
DRV - (XDva394) -- C:\Windows\system32\XDva394.sys File not found
DRV - (XDva393) -- C:\Windows\system32\XDva393.sys File not found
DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVENG.SYS File not found
DRV - (MSICDSetup) -- E:\CDriver.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (FXDRV) -- E:\Fxdrv.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (catchme) -- C:\Users\KLANGF~1\AppData\Local\Temp\catchme.sys File not found
DRV - (AtiHDAudioService) -- system32\drivers\AtihdLH3.sys File not found
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (ntiopnp) -- C:\Windows\System32\drivers\ntiopnp.sys ()
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (ISODrive) -- C:\Hauptprogramme\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (PCDSRVC{4F253FFC-7957E8FC-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\..\SearchScopes\{64CA87F3-9734-4C0D-935A-715D2ED6DECE}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{927F84E5-58F8-4225-ADE9-0849A99714D7}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes,DefaultScope = {5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2}
IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes\{5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Klangfarben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
[2012.07.26 15:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Extensions
[2012.05.06 12:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Firefox\extensions
[2012.05.06 12:48:50 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
O1 HOSTS File: ([2013.01.11 18:04:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Hauptprogramme\Programme\Avast!\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Hauptprogramme\Programme\Avast!\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Hauptprogramme\Programme\Avast!\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000..\Run: [Akamai NetSession Interface] C:\Users\Klangfarben\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC163D2A-1E09-4DE4-8A23-D31D3EA68631}: NameServer = 62.109.123.6 213.191.92.87
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Hauptprogramme\Pics\the_daydreamer_by_realitydream-d4ofaaa E.jpg
O24 - Desktop BackupWallPaper: C:\Hauptprogramme\Pics\the_daydreamer_by_realitydream-d4ofaaa E.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.10.07 16:45:43 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.11 21:21:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Klangfarben\Desktop\OTL.exe
[2013.01.11 18:07:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.11 18:07:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.01.11 18:07:44 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Local\temp
[2013.01.11 17:57:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.11 17:57:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.11 17:57:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.11 17:56:58 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.01.11 17:56:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.11 17:56:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.11 17:54:45 | 005,020,603 | R--- | C] (Swearware) -- C:\Users\Klangfarben\Desktop\ComboFix.exe
[2013.01.10 22:01:21 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Klangfarben\Desktop\tdsskiller.exe
[2013.01.10 22:00:32 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Klangfarben\Desktop\aswMBR.exe
[2013.01.09 20:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.01.09 20:06:21 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.09 20:05:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.08 18:54:59 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NE Beta
[2013.01.07 00:31:30 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.01.06 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Summer Athletics 2009
[2013.01.06 23:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages
[2013.01.06 22:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainer eXperience
[2013.01.06 22:03:52 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Endless Space
[2013.01.01 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\LucasArts
[2013.01.01 21:37:58 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Local\LucasArts
[2013.01.01 17:31:06 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Commander
[2012.12.31 15:53:19 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012.12.31 15:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012.12.31 15:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2012.12.31 14:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012.12.31 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2012.12.30 20:22:36 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Command & Conquer 3 Kane's Wrath
[2012.12.30 20:04:43 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2012.12.28 23:40:03 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Red Alert 3
[2012.12.28 23:31:05 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Red Alert 3
[2012.12.27 15:34:18 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\FairyBloomRe
[2012.12.26 22:22:34 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\AlienShooter2 Conscription Saves
[2012.12.26 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Giana Sisters - Twisted Dreams
[2012.12.21 13:44:48 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 13:44:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.13 21:12:37 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Zombie Shooter 2 Saves
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.11 21:21:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Klangfarben\Desktop\OTL.exe
[2013.01.11 21:16:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 21:16:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.11 21:16:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.11 21:16:49 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.11 20:08:38 | 000,554,087 | ---- | M] () -- C:\Users\Klangfarben\Desktop\adwcleaner.exe
[2013.01.11 18:04:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.11 17:54:58 | 005,020,603 | R--- | M] (Swearware) -- C:\Users\Klangfarben\Desktop\ComboFix.exe
[2013.01.11 16:41:11 | 000,188,928 | ---- | M] () -- C:\Users\Klangfarben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.10 22:01:27 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Klangfarben\Desktop\tdsskiller.exe
[2013.01.10 22:00:32 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Klangfarben\Desktop\aswMBR.exe
[2013.01.10 21:07:05 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FC58CDD2-DB46-4A93-85AF-241A8A72AB49}.job
[2013.01.09 22:47:34 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.09 22:47:34 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.09 22:38:52 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.01.09 20:27:38 | 000,293,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.09 20:21:24 | 000,671,212 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.09 20:21:24 | 000,631,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.09 20:21:24 | 000,144,380 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.09 20:21:24 | 000,118,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.08 18:15:13 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013.01.06 23:17:36 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2013.01.06 23:17:34 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[2013.01.06 22:24:30 | 000,001,744 | ---- | M] () -- C:\Users\Klangfarben\Desktop\MegaTrainer eXperience.lnk
[2013.01.06 20:53:16 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Endless Space.url
[2013.01.04 19:13:12 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Star Wars Knights of the Old Republic II.url
[2013.01.01 18:42:26 | 000,000,226 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Star Wars The Force Unleashed II.url
[2012.12.31 14:49:02 | 000,000,226 | ---- | M] () -- C:\Users\Klangfarben\Desktop\The Guild II Renaissance.url
[2012.12.28 23:31:01 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini
[2012.12.27 14:59:12 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Fairy Bloom Freesia.url
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.11 20:08:35 | 000,554,087 | ---- | C] () -- C:\Users\Klangfarben\Desktop\adwcleaner.exe
[2013.01.11 17:57:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.11 17:57:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.11 17:57:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.11 17:57:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.11 17:57:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.10 02:16:14 | 3219,316,736 | -HS- | C] () -- C:\hiberfil.sys
[2013.01.08 18:15:13 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2013.01.06 23:17:36 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2013.01.06 23:17:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2013.01.06 22:24:30 | 000,001,744 | ---- | C] () -- C:\Users\Klangfarben\Desktop\MegaTrainer eXperience.lnk
[2013.01.06 20:53:15 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Endless Space.url
[2013.01.04 19:13:12 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Star Wars Knights of the Old Republic II.url
[2013.01.01 18:42:26 | 000,000,226 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Star Wars The Force Unleashed II.url
[2012.12.31 14:49:02 | 000,000,226 | ---- | C] () -- C:\Users\Klangfarben\Desktop\The Guild II Renaissance.url
[2012.12.31 14:31:52 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2012.12.28 23:31:01 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012.12.27 14:59:12 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Fairy Bloom Freesia.url
[2012.08.20 01:48:27 | 000,036,697 | ---- | C] () -- C:\Windows\System32\OggDSuninst.exe
[2012.07.29 03:13:09 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.07.29 03:13:09 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2012.07.29 03:13:09 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.07.29 03:13:05 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.07.19 12:43:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.19 12:42:21 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012.07.19 12:34:56 | 000,000,680 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\d3d9caps.dat
[2012.07.18 19:37:03 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.06.26 13:12:37 | 000,000,234 | ---- | C] () -- C:\Users\Klangfarben\.swfinfo
[2012.05.29 10:09:24 | 000,000,393 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\HamsterVideoConverterSettings.cfg
[2012.04.24 13:59:52 | 000,000,160 | ---- | C] () -- C:\Users\Klangfarben\AppData\Roaming\wklnhst.dat
[2012.04.09 19:51:56 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012.03.31 20:48:12 | 000,001,224 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Wave64 Codec.dat
[2012.03.31 20:47:21 | 000,003,283 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Musepack Codec.dat
[2012.03.31 20:46:41 | 000,003,153 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
[2012.03.31 20:45:46 | 000,002,649 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Midi Decoder.dat
[2012.03.31 20:45:06 | 000,001,219 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Dalet Codec.dat
[2012.03.31 20:44:17 | 000,001,739 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.dat
[2012.03.31 20:43:41 | 000,003,226 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp m4a Codec.dat
[2012.03.31 20:42:50 | 000,003,184 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2012.03.31 20:41:15 | 000,003,012 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp WavPack Codec.dat
[2012.03.31 20:40:19 | 000,003,417 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp TTA Codec.dat
[2012.03.31 20:37:43 | 000,003,411 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Shorten Codec.dat
[2012.03.31 20:37:08 | 000,011,406 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.dat
[2012.03.31 20:35:55 | 000,088,576 | ---- | C] () -- C:\Windows\System32\OptimFROG.dll
[2012.03.31 20:35:55 | 000,003,467 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp OptimFROG Codec.dat
[2012.03.31 20:33:08 | 000,003,143 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
[2012.03.31 20:30:54 | 000,408,440 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2012.03.31 20:30:54 | 000,017,680 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2012.03.29 21:59:36 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.03.29 20:42:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.03.29 20:42:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.03.29 17:59:17 | 000,188,928 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011.01.26 23:11:58 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2012.12.20 23:53:38 | 000,000,000 | ---D | C](C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????) -- C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\こどものこえ
========== Alternate Data Streams ==========
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:123EB6EA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:14750D76
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86
< End of report >
Code:
OTL Extras logfile created on: 11.01.2013 21:23:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Klangfarben\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,03% Memory free
6,19 Gb Paging File | 5,31 Gb Available in Paging File | 85,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 583,49 Gb Total Space | 8,62 Gb Free Space | 1,48% Space Free | Partition Type: NTFS
Drive D: | 12,67 Gb Total Space | 1,79 Gb Free Space | 14,10% Space Free | Partition Type: NTFS
Computer Name: KLANGFARBEN-PC | User Name: Klangfarben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 14.Manage] -- "C:\Hauptprogramme\Programme\ACDSee\ACDSee\14.0\ACDSeeQV14.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022C92D4-1517-464A-B2F1-615399554839}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{324623BE-37BA-4CBF-AB18-1B6562D8FE30}" = lport=445 | protocol=6 | dir=in | app=system |
"{36BAC41E-1D18-4B3B-B13F-7EBFA112CA11}" = rport=139 | protocol=6 | dir=out | app=system |
"{46029841-B8CB-4F23-B038-F94806451D6A}" = lport=138 | protocol=17 | dir=in | app=system |
"{47BC26F3-C469-43DE-831B-8472998C4DC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{57F20F23-18F8-4562-834B-7B5E121EF9CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{5F60E9FF-C638-4865-9C14-A44481304356}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E20BED1-D2A7-40FF-9EC2-5CCF1D2FDDA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{9CF91ACB-DAD2-456B-90C9-1527F5D863C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{F409964C-F6CD-4E34-90E4-9CF61FF7E015}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0321CEE3-923B-4C29-BE86-4A1FFECB4DD3}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{0649D5A9-5868-4E51-BD22-CA7C0A29471D}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\monopoly\monopolywin.exe |
"{06D31AEF-370C-485A-B0B1-EAF68C378C16}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1F96F2D1-8989-47AB-8E49-3950C1464ECD}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{20D2F8D1-ECF9-470D-8C29-4C05C414C037}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcherloader.exe |
"{23295D20-C543-4C7B-88AE-97F383E11F7D}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{2931FF10-CBBD-4673-923F-B516A197B400}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcherloader.exe |
"{2B6D8F8C-38F2-46ED-A495-337485363EAA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2D1E56EE-E503-4FD1-9D41-B2AAC55BBF80}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2EBED1D8-23DD-4BFE-B450-072113E709BC}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\fairy bloom freesia\fairybloomfreesia.exe |
"{3049D571-627B-4F79-95FA-29200E19E535}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{3B6BA463-7D84-4059-8E51-084E151E9B8A}" = protocol=6 | dir=in | app=c:\users\klangfarben\appdata\local\akamai\netsession_win.exe |
"{3FCC2A49-A276-489A-917E-8CA96665F063}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\utorrent\utorrent.exe |
"{42ABBBDD-4DEC-48A4-BFF3-A6436818E506}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\cherry tree high comedy club\game.exe |
"{52C000E3-EB80-46E9-8D43-51D7D08E84F7}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6A019DFC-81B4-4D75-B029-7612D7B72117}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F05B75F-4AFB-4FD6-B502-11124D3182BE}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\endless space\endlessspace.exe |
"{75676D09-77BB-49E5-8065-A8AC8B8902EA}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{78ADE2FD-A273-43F1-94F7-13D1BC04594E}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\utorrent\utorrent.exe |
"{78ED2C14-B636-4B78-B747-FD0DB0C33CF0}" = protocol=17 | dir=in | app=c:\users\klangfarben\appdata\local\akamai\netsession_win.exe |
"{7EE93292-CCD9-40FC-998A-36E4479A202B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{888F90BA-02AF-4DD2-A47E-F73811AE287C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{8D85C1DA-3ED5-49A9-82EB-5B358658B8D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8DB63E41-5EEB-4B19-AE86-444A83D10474}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\vindictus\vindictus eu\en-eu\nmservice.exe |
"{93D445B3-E431-4335-B23E-4838961581BD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9695D7D8-8B15-461C-A7D2-377A571721F7}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\fairy bloom freesia\fairybloomfreesia.exe |
"{9A0CECDF-93E0-41CB-B1CF-25E8A467A0DE}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\endless space\endlessspace.exe |
"{9B0338B7-939B-4EB7-B7F3-B266BED604C9}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\age of empires online\aoeonline.exe |
"{A12EA120-4CF7-4A3D-846D-F86D50FD019E}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{A5DE0E09-3010-4DB7-BF92-36E1918C0E57}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\monopoly\monopolywin.exe |
"{A792459B-12B2-4837-BEE8-612F38A76372}" = protocol=6 | dir=in | app=c:\hauptprogramme\spiele\age of empires iii\age3y.exe |
"{AAE9E0BF-F785-4846-B3A0-B6E9F9E7338C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{B2CA2BE7-D31B-46AD-B240-95BF18725317}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{B638896C-EE18-4E15-B317-411B882EC004}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstar.exe |
"{B97444A3-7568-4C5A-9589-E21148EB7338}" = protocol=17 | dir=in | app=c:\hauptprogramme\spiele\age of empires iii\age3y.exe |
"{BA28C643-33AF-483D-A6C0-B988D91509C5}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{C054D5E5-1D77-4AB3-AA0B-4E29D0EEDC9A}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{C471F30F-C173-444B-B460-D0E55C15796F}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\vindictus\vindictus eu\en-eu\nmservice.exe |
"{CDF6BCE2-596F-4F5D-A746-6BB43DE56D5A}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstar.exe |
"{D1C579F6-7F6A-44C3-AF4F-4204801A5561}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\cherry tree high comedy club\game.exe |
"{D8783578-B9AE-4A1F-891D-A51B3B9D4866}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcher.exe |
"{D9AD8783-1F40-4B78-993C-9D2CDAE5BD38}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DF1C798F-5F94-4D42-A989-4EAE1DC2B443}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcher.exe |
"{DFEE809B-5DB4-449D-95FB-7E26CB8126EA}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{EFC1AD8F-C391-44AD-8C2D-EDE8D6AC0238}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F92EF2F4-BB32-41E2-95FA-61224D4EF99C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\age of empires online\aoeonline.exe |
"TCP Query User{3F2CFA7F-194C-4A7E-B35E-29B9A9BB8940}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{34587256-180C-4D86-A44E-12CD9EE11A65}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{417E8AF0-DAED-4807-82CD-0E4232EFA559}" = Rusty Hearts PWE
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{6DF6A7ED-3B51-8E41-B1C9-41DAD97CC08A}" = Catalyst Control Center InstallProxy
"{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}" = ACDSee 14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7EE9145D-C430-44E6-B5ED-61FF9C332100}_is1" = Battle of the Immortals
"{7EE9145D-C430-44E6-B5ED-61FF9C332101}_is1" = War of the Immortals
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B76DFCA6-5DEF-4083-B157-8982C176D83C}" = 3DDreamBowl
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CCB32E0F-8951-4E73-A521-069FD1260524}" = スマイルプリチュパ!
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Age of Vampires" = Age of Vampires 5.0
"Akamai" = Akamai NetSession Interface Service
"Ashampoo Burning Studio 2012 CBE_is1" = Ashampoo Burning Studio 2012 CBE v.11.0.4
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"avast" = avast! Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CPUCooL" = CPUCooL (remove only)
"dBpoweramp Dalet Codec" = dBpoweramp Dalet Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Midi Decoder" = dBpoweramp Midi Decoder
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBPowerAMP Mp2 and BwfMp2 codec" = dBPowerAMP Mp2 and BwfMp2 codec
"dBpoweramp mp3 (Fraunhofer IIS) Codec" = dBpoweramp mp3 (Fraunhofer IIS) Codec
"dBpoweramp Musepack Codec" = dBpoweramp Musepack Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp OptimFROG Codec" = dBpoweramp OptimFROG Codec
"dBPowerAMP Real Audio (Helix) Encoder" = dBPowerAMP Real Audio (Helix) Encoder
"dBpoweramp Shorten Codec" = dBpoweramp Shorten Codec
"dBpoweramp TTA Codec" = dBpoweramp TTA Codec
"dBpoweramp Wave64 Codec" = dBpoweramp Wave64 Codec
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"Dune II_is1" = Dune II
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"Fatal Hearts Strategy Guide_is1" = Fatal Hearts Strategy Guide version 1.1
"Free Studio_is1" = Free Studio version 5.3.5
"Free YouTube Download_is1" = Free YouTube Download version 3.1.38.1005
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"GOGPACKPRIMORDIA_is1" = Primordia
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.1.0
"MediaFire Express 0.13.3.3927" = MediaFire Express
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.5.5
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mp3tag" = Mp3tag v2.52
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"PC-Doctor for Windows" = Hardware Diagnose Tools
"Pirates Pack_is1" = Pirates Pack
"pywin32-py2.6" = Python 2.6 pywin32-212
"Raptor" = Raptor
"sp6" = Logitech SetPoint 6.32
"Steam App 105430" = Age of Empires Online
"Steam App 200170" = Worms Revolution
"Steam App 208140" = Endless Space
"Steam App 208580" = Star Wars: Knights of the Old Republic II
"Steam App 214590" = Fairy Bloom Freesia
"Steam App 214610" = Cherry Tree High Comedy Club
"Steam App 221300" = Monopoly
"Steam App 32500" = Star Wars: The Force Unleashed II
"Steam App 39680" = The Guild II: Renaissance
"SystemRequirementsLab" = System Requirements Lab
"UltraISO_is1" = UltraISO Premium V9.52
"uTorrent" = µTorrent
"Vindictus EU" = Vindictus EU
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"203a975b1d3cc563" = Pcsx2 Cheat converter
"Akamai" = Akamai NetSession Interface
"NE Open Beta" = NE Open Beta
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.01.2013 16:48:57 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 06.01.2013 16:50:34 | Computer Name = Klangfarben-PC | Source = System Restore | ID = 8193
Description =
Error - 06.01.2013 19:32:01 | Computer Name = Klangfarben-PC | Source = EventSystem | ID = 4609
Description =
Error - 06.01.2013 19:35:06 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.01.2013 19:40:25 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.01.2013 13:09:21 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 08.01.2013 13:20:40 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 08.01.2013 23:44:02 | Computer Name = Klangfarben-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000006, Fehleroffset 0x000394c2, Prozess-ID 0xbc, Anwendungsstartzeit
01cdec66fa818b48.
Error - 08.01.2013 23:44:03 | Computer Name = Klangfarben-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit
der gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern;
oder der Datenträger fehlt. Das Programm Windows-Explorer wurde wegen dieses Fehlers
geschlossen. Programm: Windows-Explorer Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche
Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation
ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das
Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen
können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig
in der Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: C000026E Datenträgertyp:
0
Error - 09.01.2013 15:28:24 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 12.05.2012 05:04:37 | Computer Name = Klangfarben-PC | Source = DCOM | ID = 10016
Description =
Error - 12.05.2012 05:04:38 | Computer Name = Klangfarben-PC | Source = DCOM | ID = 10016
Description =
Error - 14.05.2012 08:17:27 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 21.05.2012 03:44:28 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.05.2012 02:30:11 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 28.05.2012 13:57:36 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 29.05.2012 19:19:39 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 31.05.2012 07:16:38 | Computer Name = Klangfarben-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 31.05.2012 um 13:14:40 unerwartet heruntergefahren.
Error - 31.05.2012 07:18:19 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 02.06.2012 08:13:15 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7031
Description =
< End of report >
|
