So hier die Logs habe mein namen da nicht drin geändert wollte da nicht drin rum schreiben, evtl kann man die logs ja wieder löschen
OTL Logfile: Code:
OTL Extras logfile created on: 24.01.2013 17:02:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pierce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 82,44% Memory free
8,00 Gb Paging File | 7,32 Gb Available in Paging File | 91,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 1,33 Gb Free Space | 1,79% Space Free | Partition Type: NTFS
Drive D: | 7,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 74,53 Gb Total Space | 1,95 Gb Free Space | 2,62% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 306,38 Gb Free Space | 65,78% Space Free | Partition Type: NTFS
Computer Name: PIERCE-PC | User Name: Pierce | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{139F78A3-D2BD-4EE3-BAD1-DEEE355E250F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C62CBE9-32A7-4FA9-BBCE-DF7FA3D5F913}" = lport=137 | protocol=17 | dir=in | app=system |
"{2DF023C3-3582-4B95-BFF6-B8909F7E592F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2F5CFF07-6687-44CD-A5BE-E2AC6C5D035C}" = lport=445 | protocol=6 | dir=in | app=system |
"{3B50607C-DF3A-436A-9A46-E585F5428DFE}" = rport=139 | protocol=6 | dir=out | app=system |
"{419A1ACF-9ED2-49C6-A15B-AD1FD640BE0A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4ADAA2A6-3BA6-4CD2-98A9-7E245745CA17}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61CF8174-1465-44A7-AE64-DBB235767A8D}" = rport=137 | protocol=17 | dir=out | app=system |
"{883CC362-74AF-4A18-A408-6A10FDEA5AE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A251CA62-F4EF-4174-9631-E14EC31B5F73}" = rport=445 | protocol=6 | dir=out | app=system |
"{A7335B2B-536A-44A2-B7F3-A1E86038E640}" = lport=139 | protocol=6 | dir=in | app=system |
"{AFCC71E5-8EB0-4B2F-B30D-48FCC148A061}" = rport=138 | protocol=17 | dir=out | app=system |
"{B30B2F3B-F795-4674-A97B-5118392AE1F2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1616ACE-159C-4706-8F68-452B5CB3E052}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF073729-EF52-4D68-B58B-D36A3F07A07D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E280B208-40CE-4900-8E7D-EEBDF516F985}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E3ACCDC5-4ADD-4471-AAE2-0A990F863B51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E767E4BC-850B-4EA8-89BF-1BFCFEB90F0E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4B8B32A-C8AD-493F-9AE4-7982E535A2A5}" = lport=138 | protocol=17 | dir=in | app=system |
"{F6BB4128-8AC5-4D5F-98FA-0D9A4CE53786}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDACD1EC-7555-4227-9422-EB305B24DF3D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08A9BFDE-0679-49D8-9472-71F359B29688}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{08FC2ECE-4281-4B3B-86E3-9AC37FB6CD28}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0BB3A01C-1857-4EC0-8A56-C18DD8418F0A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0F99D00E-B418-4052-82F9-E499A1C2F13C}" = protocol=6 | dir=in | app=f:\eve online\bin\exefile.exe |
"{136A9FEB-85FD-46D6-B0CE-5875F499C567}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\port royale 3\portroyale3.exe |
"{13996990-E216-4833-87C7-F1FA6F1C66F0}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war 2 africa 1943\africa1943.exe |
"{13DD0DB7-3536-4252-B8DC-ADC7F8F0B651}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war\tow.exe |
"{153F667D-8F98-4A53-AB81-C30B99662DA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1554F6B7-EFFD-474F-8A8D-0FC3F8EC723B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{16BE248E-C876-4C6D-BA5F-4BFBE9801692}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1954F571-C1A6-43D6-9F2E-F1C68D115853}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1B347EC9-0F1D-4976-A144-657DA861668A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{1EC2C1FD-386B-4C1D-9B1E-279B2B514380}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{23E3F041-96E2-4482-8D08-6C426EB345E3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war\missioneditor\editor.exe |
"{243E59F2-3933-4F30-BA24-3C61C941098A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{266FB3AB-A7F5-440F-8DAB-247571FC5E56}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{273B5475-11A5-42CE-A7A6-BBDC42B93768}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\planetside 2\launchpad.exe |
"{2ED81BB3-2D49-45EF-B5BA-3884519743FF}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war\missioneditor\missiongen.exe |
"{3760A398-A872-435E-9BFC-BD7EF7AF7516}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\planetside 2\launchpad.exe |
"{38878D4A-0039-4662-9B70-8D7DF74509C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3896F4F1-7C49-423B-9864-5D757E073359}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{3ADF36EB-EB2E-411A-A9BC-E49D54B0BD84}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{3BB83ED7-659D-4A0A-8F15-0800F5547FE4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{3D050C5D-6F8A-4829-AB7B-A892AD8AA668}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{3F610F2A-E26A-4904-A078-7B86B869D2AF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\port royale 3\portroyale3.exe |
"{4300E751-42DF-418B-8A22-61017875700D}" = protocol=6 | dir=in | app=e:\civ 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{43296787-5F79-4D49-B88D-2B1080F4E1FA}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{4496CA7A-4202-47BD-809A-634F7E42C8A2}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{4589C2FD-E257-4DDF-B5C9-A38D5D7C7943}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war 2 africa 1943\options.exe |
"{460C7E10-988D-446F-80ED-D82CEB21E7AA}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\tropico 4\tropico4.exe |
"{4829A766-5229-46EA-BE3D-7CBA1D2EB95D}" = protocol=6 | dir=in | app=e:\civ 4\civilization4.exe |
"{4867FB36-2898-4142-A39B-A8079307457D}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dead island\deadislandgame.exe |
"{49655377-0BAB-4BA5-A19A-A911C4276043}" = protocol=6 | dir=in | app=e:\arma 2\arma2oa.exe |
"{4A8CDC66-3B7C-4561-863D-CB1406BE0A66}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{4B7E2D7F-F700-42E6-ACC5-DE19C617E6A2}" = protocol=17 | dir=in | app=c:\spiele\bf2\bf2.exe |
"{4BFF976D-62AD-459B-9461-595ABCA5E099}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war 2 africa 1943\options.exe |
"{4E5349F4-EF9B-460E-8BA5-FC83FF70E4E4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war\tow.exe |
"{503ECACA-7531-4EF5-920D-F023E7C8B30B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{51B9E7B7-2E1C-44DC-8C59-F5BC4146F4A0}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{54460D41-6959-4B73-AEC7-83C355CCFA37}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\terraria\terraria.exe |
"{54A2FBF1-D4B5-4638-AE5A-5B60B1FBF396}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.exe |
"{560A0C0E-74A5-4A99-8706-6D16EBEBBF39}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war\towsetup.exe |
"{57569D64-DEFE-40B0-A985-0D5FFF3EACF8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{57E93041-D3BD-4174-8133-2686164BD7BE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war\towsetup.exe |
"{599CC9AA-FD57-4EDC-A3B8-4FAB27D5E853}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{59FBD013-D725-4C23-B93E-62E22278C321}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{5B3A6FB1-C7F6-4D6A-ADC3-C354D4274D0B}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{5B75F581-2CF9-45CC-9ED1-97355222CC1A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{630D02D6-9849-45C9-8F9F-194A30663DCE}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{658A7110-06E1-44AD-874B-EAB78F020ABB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{6D568D21-8A5B-4852-9166-8904C5D45132}" = protocol=17 | dir=in | app=e:\arma 2\arma2oa.exe |
"{6DE6E7E8-0323-4371-9CB7-BB204906BCBF}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dead island\deadislandgame.exe |
"{6EB597AA-C763-45B9-801B-E43356AA3F44}" = protocol=17 | dir=in | app=e:\civ 4\beyond the sword\civ4beyondsword.exe |
"{73C08667-3533-4FFC-95C8-7DE60183A4CC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{754B692B-EA43-4AFA-8FE2-12992F67AC6B}" = protocol=6 | dir=in | app=e:\coh\reliccoh.exe |
"{77343666-791D-4BCB-BB03-89DE86CDEC10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{775828F7-CF91-4F2D-BE8D-4F83736BE2E8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dead island\deadislandgame.exe |
"{78EFE8DA-3609-4A7E-936B-2D82E4D87430}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{7DFED31F-1DFA-4CC3-8D36-47CEC4511852}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war 2 africa 1943\africa1943.exe |
"{8075B66C-FA3C-44C3-8E47-9546881288C7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{81EA2F37-8B69-4105-87EF-447764EDECEE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{83BE40A6-8075-4779-B8EB-954D0301BF59}" = protocol=6 | dir=in | app=c:\spiele\bf2\bf2.exe |
"{84F116F8-8608-4133-ACE7-B5DDB48CD9D4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\endless space\endlessspace.exe |
"{86FE9660-6348-43B2-BC85-35C2F08E4FA9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{8A058070-33A3-4E84-9EC7-6E277C8412AF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C303989-3975-4A49-91AA-98DFE5032C8E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{8C3E65E3-FE4B-4359-A6B5-761269CCA418}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{8EEC9FE5-9F89-4E8E-B2E8-D55823B0B2DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F268563-AE64-482B-819F-8CB94855CE55}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{902E8B7E-EF44-4EFE-A023-CEDB954D6A65}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{90930351-A6AE-4371-A492-4EF4B9BC6161}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{90A91AE0-6827-48AF-9863-EB586D66D23C}" = protocol=17 | dir=in | app=c:\spiele\mass effect 2\binaries\masseffect2.exe |
"{93DCB4FD-ADCB-40DE-ABA9-AAE5FBD6EFDB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{95902940-C006-4713-95B7-BC3E263D6DF9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{974FB648-CAA6-4946-BE2E-455FD4506D0B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{97FC5D22-35F5-46F7-AA43-62378B325D94}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{9DC842DB-69BE-4A2A-97AE-FADA4CA6025D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dead island\deadislandgame.exe |
"{9DE3516E-F201-40B9-BDF7-713232FB75EE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9DF87F72-FBF1-487A-AEE7-D6BA0D7C1083}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{9E828F32-D3E4-4466-9588-9407CAB14E19}" = protocol=17 | dir=in | app=c:\spiele\mass effect 2\masseffect2launcher.exe |
"{A1535A48-62FE-42A7-99FC-35B80763AD9D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{A2AB3BE4-98CC-4FC1-87F1-F7A197FDEFBD}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\endless space\endlessspace.exe |
"{A2B2D3A8-8EA6-4884-B495-BEACA937C17B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\tropico 4\tropico4.exe |
"{A4CBFB12-8A3F-4406-A978-B6BFE998D96E}" = protocol=6 | dir=in | app=e:\coh\relicdownloader\relicdownloader.exe |
"{A55174C2-3CDF-4C98-A22D-F6886C2EE164}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A5966CDC-CC4C-4CC7-917D-F1E5386B7AAA}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{A7022298-E07E-4B65-AF6B-25499A46E902}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war\missioneditor\missiongen.exe |
"{A7980DE4-7419-4DE2-B113-D40AB9C2F3DD}" = protocol=17 | dir=in | app=e:\civ 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{A7FF47A7-737A-4B6B-8466-46EAE38DB3A2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A8CBE96F-8530-4A88-86FE-A45D8407CD89}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A93BA15A-4336-4824-A683-432B11E0723D}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A9AA580D-278F-42B9-961B-A50F4559B155}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AA693B6A-6B6B-4804-98DF-6990232489B4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\endless space\endlessspace.exe |
"{B1DEC078-6478-489F-B641-CA5DAA7F43A4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\endless space\endlessspace.exe |
"{B2BDE698-F4A9-4EBA-9239-642859C46EEE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B505BAFC-4CF2-459C-BA5D-277B66A8729C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8C88A02-BB6C-49BD-AD15-912809346FC3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.exe |
"{BBC73C44-9FDB-4646-905F-B2E3E068CC88}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{BDDF5222-54A1-471A-96CD-F52973C8FFAA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BFA0CA62-7D16-4628-B878-9462075D185C}" = protocol=6 | dir=in | app=e:\civ 4\beyond the sword\civ4beyondsword.exe |
"{BFA51A14-92CC-4597-BE18-D22E6C1384A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C34C709C-7B99-46BC-9B60-E4050A65E3F9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\wargame european escalation\wargame.exe |
"{C484F089-6390-43F5-AD9B-EA3380176DD4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{CA2010CA-169F-4CFC-86BF-A21A07BE3907}" = protocol=6 | dir=out | app=system |
"{CF2553B2-C08D-4310-BB77-028EDFB293E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF3DB441-0E76-4AF7-B084-72C8023B796C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\tropico 4\tropico4.exe |
"{CF477DB8-B223-4D3C-A3F0-EB864974A7B2}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{D18A296F-5268-412F-ADC9-5F8E53794463}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war\missioneditor\editor.exe |
"{D290A896-0F6D-4D36-BDB4-D97AE3D2928E}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{D454CDF0-D101-4F17-8E74-F6245C13E672}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4655629-72B3-4C3F-BFEA-924FE57A03B9}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{D6129173-D4B7-4BCD-83A8-EEFFC5ECC661}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\port royale 3\portroyale3.exe |
"{D7ACD0F6-8CB2-4066-A722-9B76F5705E61}" = protocol=6 | dir=in | app=c:\spiele\mass effect 2\masseffect2launcher.exe |
"{D7CC652C-1E0F-40E2-8965-EACCC85A983B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{DD505DB3-A4A6-4B87-B4A1-453EB579438B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\terraria\terraria.exe |
"{DDCE6D7E-8102-4A62-B68F-AFCE6FFA5E89}" = protocol=17 | dir=in | app=e:\coh\reliccoh.exe |
"{E105CF09-1CCA-44D2-BA48-FD73EE21A5CC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\tropico 4\tropico4.exe |
"{E2A15A13-6D55-45A8-A9DF-09F7DCCE633B}" = protocol=17 | dir=in | app=f:\eve online\bin\exefile.exe |
"{E2EC47C1-DF4D-471C-B86E-136108ECFBB5}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{E4B13330-D71B-42FB-925E-1EE289D01907}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5075295-552E-47B6-A6DC-7114CBC74EF1}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{E9BE0227-02FD-4A85-B5F2-589312FB4F10}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9CE8A9C-A7D0-4828-9687-AFCCFDC1EBE3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{EB4EA075-AAAE-4CC9-B543-FF4E2D0E78B7}" = protocol=6 | dir=in | app=c:\spiele\mass effect 2\binaries\masseffect2.exe |
"{EC8347D4-C296-434B-82E6-611AFE762833}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{EE2F4786-787C-4A1C-BC29-D0AC2AAEE9A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F42738A7-BA8B-4768-882C-EB9DF4088907}" = protocol=17 | dir=in | app=e:\civ 4\civilization4.exe |
"{F67FB88F-AB43-4A24-894F-4262381C7832}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\port royale 3\portroyale3.exe |
"{F7F838A9-55F6-4CE1-92FA-6AD52FE35FEB}" = protocol=58 | dir=in | app=system |
"{F7F9C1BC-9DDF-46AC-8AF6-F9C336B7D7AE}" = protocol=17 | dir=in | app=e:\coh\relicdownloader\relicdownloader.exe |
"{F8835270-5FE8-410A-A028-020B2328CE55}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{F8DF4F1D-FBF2-42AF-9D5D-73713FB5CDBC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{FE47FD2D-55BA-4DE0-9BDC-F0248C0157EE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"TCP Query User{201A8364-C761-4204-9F09-456CA9789EB2}C:\spiele\bf1942\bf1942.exe" = protocol=6 | dir=in | app=c:\spiele\bf1942\bf1942.exe |
"TCP Query User{42DEABBE-6FE8-410C-AC63-2BB22465E2B8}E:\arma 2\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=e:\arma 2\expansion\beta\arma2oa.exe |
"TCP Query User{48705D98-F303-42DE-9BD4-14C8DBB4799A}C:\spiele\bf2\forgottenhope2.exe" = protocol=6 | dir=in | app=c:\spiele\bf2\forgottenhope2.exe |
"TCP Query User{4AF8AAA4-F95F-424E-AB51-7128405236B5}F:\steam\steam.exe" = protocol=6 | dir=in | app=f:\steam\steam.exe |
"TCP Query User{4FB1EC24-CBD9-4FFF-9503-5125D38FF7A5}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{54F6B0F5-E4DF-49B7-BBF0-E82490D15221}C:\spiele\eu3 complete\eu3game.exe" = protocol=6 | dir=in | app=c:\spiele\eu3 complete\eu3game.exe |
"TCP Query User{5546CEB4-D9B8-4DC6-997C-3BC5800F8967}E:\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=e:\eve online\bin\exefile.exe |
"TCP Query User{5A82F9E7-E604-4F02-B206-77A4A268FC5B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{691AFC1E-06F7-41CF-8CD8-E8BF7DC28295}F:\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=f:\eve online\bin\exefile.exe |
"TCP Query User{91171CAE-DCAA-40B3-9997-BBD5ACA302FF}E:\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\wotlauncher.exe |
"TCP Query User{91B9AB42-FD42-407E-A9A4-510E37BF459F}F:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.bin" = protocol=6 | dir=in | app=f:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.bin |
"TCP Query User{9FA74E56-F56F-4C6E-84FD-044002C20BA8}C:\users\pierce\appdata\local\temp\d6b1c34127c0425097a1b6f12c6f7665\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pierce\appdata\local\temp\d6b1c34127c0425097a1b6f12c6f7665\relicdownloader.exe |
"TCP Query User{B1B69B7D-3AFA-4D02-97AE-294DC4D1C285}E:\hoi3 neu\hoi3_sf_ftm305_tfh402\hoi3_tfh.exe" = protocol=6 | dir=in | app=e:\hoi3 neu\hoi3_sf_ftm305_tfh402\hoi3_tfh.exe |
"TCP Query User{D95521E2-5381-472D-8955-5B241D5EFCA9}E:\arma 2\@dayz\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=e:\arma 2\@dayz\expansion\beta\arma2oa.exe |
"TCP Query User{E82C95A9-19C2-45C9-ABD5-6536288F3AFF}E:\arma 2\arma2.exe" = protocol=6 | dir=in | app=e:\arma 2\arma2.exe |
"TCP Query User{EC371077-F772-453B-9F43-347E06DA3FDA}F:\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=f:\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{F079665A-CFAF-46FD-875B-7C9D5D05951E}E:\hoi3 new\hoi3_sf_ftm305_tfh402 - francesco\hoi3_tfh.exe" = protocol=6 | dir=in | app=e:\hoi3 new\hoi3_sf_ftm305_tfh402 - francesco\hoi3_tfh.exe |
"TCP Query User{F0A64BA1-AE06-4E55-BDCF-28CC3857003C}E:\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=e:\world_of_tanks\worldoftanks.exe |
"TCP Query User{F23E5729-3A96-46F3-A0F1-6E1F721FC456}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe |
"UDP Query User{0D22E7E4-2647-446E-8466-8D16D5906677}E:\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=e:\eve online\bin\exefile.exe |
"UDP Query User{14168602-1EAD-41D2-B68C-ABF687F3FCC2}F:\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=f:\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{2408E727-4B94-4EB4-B715-91A098B62586}E:\arma 2\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=e:\arma 2\expansion\beta\arma2oa.exe |
"UDP Query User{4D0558C3-937F-4461-B61B-8040DB210FBA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8E09BE51-0A63-4CA1-8E28-5BA7B4E97ADF}F:\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=f:\eve online\bin\exefile.exe |
"UDP Query User{900394C1-6ECD-47FA-A110-79B9B70C82D5}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{98051E54-01FA-4E8E-B695-E742CC7338AD}E:\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\worldoftanks.exe |
"UDP Query User{B32DDDC4-4CF0-4FF2-A6B7-E79FCC9D90DC}C:\users\pierce\appdata\local\temp\d6b1c34127c0425097a1b6f12c6f7665\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pierce\appdata\local\temp\d6b1c34127c0425097a1b6f12c6f7665\relicdownloader.exe |
"UDP Query User{C30D7B86-1C6F-4B7E-9FF4-79696B98869C}E:\hoi3 new\hoi3_sf_ftm305_tfh402 - francesco\hoi3_tfh.exe" = protocol=17 | dir=in | app=e:\hoi3 new\hoi3_sf_ftm305_tfh402 - francesco\hoi3_tfh.exe |
"UDP Query User{C555B734-926C-452D-8A62-2E4AC2835D83}E:\arma 2\arma2.exe" = protocol=17 | dir=in | app=e:\arma 2\arma2.exe |
"UDP Query User{C8DC8538-7511-495C-B192-73C778B0761F}E:\arma 2\@dayz\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=e:\arma 2\@dayz\expansion\beta\arma2oa.exe |
"UDP Query User{D2B46F80-EE19-459C-9042-A8F32F8ADF0E}C:\spiele\bf2\forgottenhope2.exe" = protocol=17 | dir=in | app=c:\spiele\bf2\forgottenhope2.exe |
"UDP Query User{D8791B0E-493D-4A25-823B-3DF60AE9B551}C:\spiele\eu3 complete\eu3game.exe" = protocol=17 | dir=in | app=c:\spiele\eu3 complete\eu3game.exe |
"UDP Query User{DDA136A9-8261-40BE-B06B-0A627CE05754}E:\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=e:\world_of_tanks\wotlauncher.exe |
"UDP Query User{E2B1F8B4-FCA1-43BA-BA48-D1242D7F281E}E:\hoi3 neu\hoi3_sf_ftm305_tfh402\hoi3_tfh.exe" = protocol=17 | dir=in | app=e:\hoi3 neu\hoi3_sf_ftm305_tfh402\hoi3_tfh.exe |
"UDP Query User{EE64EE35-B976-4A74-9234-1E5C73A99475}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe |
"UDP Query User{EEAC2883-6CC3-4C9B-9B8B-DADB3686371D}C:\spiele\bf1942\bf1942.exe" = protocol=17 | dir=in | app=c:\spiele\bf1942\bf1942.exe |
"UDP Query User{F9CF49A0-4303-424F-BFEF-2458F8984609}F:\steam\steam.exe" = protocol=17 | dir=in | app=f:\steam\steam.exe |
"UDP Query User{FAD552E5-6B83-4FDD-A943-9A90F262D3EA}F:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.bin" = protocol=17 | dir=in | app=f:\steam\steamapps\common\theatre of war ii kursk 1943\kursk1943.bin |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{68CA3A47-3F7E-0E92-DC0D-5B0C02D9AFAD}" = ccc-utility64
"{6BB150E8-6CBB-5F8F-CAE7-BE21B2C92D31}" = AMD Accelerated Video Transcoding
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8424B163-D1E0-48B7-88A2-C7A61767B3D7}" = Microsoft SQL Server Compact 4.0 x64 ENU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{914F7627-B645-9895-F723-BAEAAC865E75}" = AMD Catalyst Install Manager
"{99720953-c1d6-4b90-8012-b7c3337f4efe}.sdb" = Battlefield 1942 Windows Vista/7 Compatibility Fix
"{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding
"{DA3372D5-F228-5C71-3FAC-177D4AEE8659}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"sp6" = Logitech SetPoint 6.30
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TS3 Overlay" = TS3 Overlay
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D45A4B-D7F5-C03E-1650-885756303D13}" = CCC Help Norwegian
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0613D880-939E-4C9D-AD7C-A10DF7D7D5E9}" = EveHQ
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1AAA38A8-5E6E-4F4E-A84B-F1EE589E93E9}" = Pixel-Fighter.com Toolbox
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{284E9E9A-D8BE-3588-D0BA-E9BB61970A1D}" = CCC Help Hungarian
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{30E18A93-982E-AF1B-D646-E8C5DAECA390}" = CCC Help French
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4021F8B5-E8BB-D0F9-AF28-4970013FAE3D}" = Catalyst Control Center
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{470D66DF-B597-124E-EDCE-8B966AA5F230}" = CCC Help Portuguese
"{483924A6-52C5-9169-0280-14272D5FBA70}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E3AA543-09D7-401E-9DF2-2591D24C7C49}" = Addon Sync 2009
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{52F7EC17-C7D9-4254-BBC5-404A67844ED1}" = EveMeepV3
"{57AE1BE1-24E8-4169-D52C-ABE31BD91562}" = CCC Help Finnish
"{5B5745F7-23EF-9E5E-6689-512C9FA08222}" = CCC Help English
"{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier
"{625031C9-E249-2A53-C282-C1E9872B211E}" = CCC Help Turkish
"{655E0B5A-7ADF-A052-587F-64F0E59B58E7}" = CCC Help Dutch
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74437563-D720-0307-90FC-1C351B1041D7}" = Catalyst Control Center Localization All
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A4D10-821B-3FA5-52B0-F0FAEEDED9F4}" = CCC Help Czech
"{7BA14A92-C229-5E00-3ADE-8D22F81B849E}" = CCC Help German
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80A5B901-C7BD-D300-17BA-9E02F18EAB77}" = CCC Help Danish
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{82F505E6-5879-B30A-12B7-7795969D3BBB}" = CCC Help Polish
"{8476003F-6927-8393-C6F4-FAF47D61D00B}" = CCC Help Korean
"{89A2D79E-B3AD-A83A-795F-5645EFF922D3}" = CCC Help Greek
"{89C0F58F-9E5B-2B45-D9DF-7988A54BECA8}" = CCC Help Italian
"{8B91D776-792D-F02B-DE43-BF398549C729}" = CCC Help Spanish
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8F272838-BDD6-B433-D650-25E231AEFA8A}" = Catalyst Control Center InstallProxy
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{983BE967-28E9-5C78-8851-638DAC4AF66E}" = CCC Help Swedish
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A707240D-18D3-07F4-AE2E-6AE76C220192}" = CCC Help Japanese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{B95AC87D-630B-603F-3F12-AA22B3BBA69C}" = CCC Help Chinese Traditional
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C3E9887A-23BA-4777-8080-191A5AFCAB74}" = Mumble 1.2.3
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB1C554C-5343-9A69-1B8C-666AF192CA19}" = CCC Help Russian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F32D24DD-D787-10F9-D21E-BC3FAB3064CB}" = Catalyst Control Center Graphics Previews Common
"{F8D90583-7BB5-75A9-B23F-A353AD4674BC}" = CCC Help Thai
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"ArmA2" = ArmA2 Uninstall
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye" = BattlEye Uninstall
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Blitzkrieg" = Blitzkrieg Mod
"CMFI_is1" = Combat Mission Fortress Italy
"CoH Community Mappack" = CoH Community Mappack
"Company of Heroes" = Company of Heroes
"CPU-Control_is1" = CPU-Control
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"EVE" = EVE Online (remove only)
"EVEMon" = EVEMon
"Forgotten Hope" = Forgotten Hope 0.70
"Fraps" = Fraps (remove only)
"Hamachi" = Hamachi 1.0.3.0
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"Steam App 105600" = Terraria
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 203770" = Crusader Kings II
"Steam App 205610" = Port Royale 3
"Steam App 208140" = Endless Space
"Steam App 218230" = PlanetSide 2
"Steam App 22380" = Fallout: New Vegas
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 46290" = Theatre of War
"Steam App 46340" = Theatre of War 2: Africa 1943
"Steam App 46360" = Theatre of War 2: Kursk 1943
"Steam App 57690" = Tropico 4
"Steam App 58610" = Wargame: European Escalation
"Steam App 64000" = Men of War: Assault Squad
"Steam App 65800" = Dungeon Defenders
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 91310" = Dead Island
"VLC media player" = VLC media player 1.1.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1890510484-2314157509-767822104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BASE 5.2" = BASE 5.2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.01.2013 19:22:32 | Computer Name = Pierce-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "f:\Steam\steamapps\common\total
war shogun 2\ModManager.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.01.2013 19:22:33 | Computer Name = Pierce-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "f:\Steam\steamapps\common\total
war shogun 2\benchmarks\benchmark_output.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.01.2013 19:22:34 | Computer Name = Pierce-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "f:\Steam\steamapps\common\total
war shogun 2\redist\flashsecurity.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.01.2013 19:22:34 | Computer Name = Pierce-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "f:\Steam\steamapps\common\total
war shogun 2\redist\flashsecurity1.exe". Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.01.2013 19:59:07 | Computer Name = Pierce-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a2f9e3 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.8112.16457,
Zeitstempel: 0x50a30507 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00921720 ID des fehlerhaften
Prozesses: 0x11d8 Startzeit der fehlerhaften Anwendung: 0x01cdf8edaab4040b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: b475625e-64ef-11e2-8d8b-00261859817f
Error - 22.01.2013 23:48:36 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.01.2013 12:14:06 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2013 06:25:13 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2013 07:37:56 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2013 07:42:04 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2013 10:34:52 | Computer Name = Pierce-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24.01.2013 12:04:03 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:05:45 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:05:45 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:05:45 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.01.2013 12:06:11 | Computer Name = Pierce-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 24.01.2013 17:02:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pierce\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,30 Gb Available Physical Memory | 82,44% Memory free
8,00 Gb Paging File | 7,32 Gb Available in Paging File | 91,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 1,33 Gb Free Space | 1,79% Space Free | Partition Type: NTFS
Drive D: | 7,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 74,53 Gb Total Space | 1,95 Gb Free Space | 2,62% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 306,38 Gb Free Space | 65,78% Space Free | Partition Type: NTFS
Computer Name: PIERCE-PC | User Name: Pierce | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Pierce\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 0D FD F7 60 6D CC 01 [binary data]
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.12 10:51:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.12 10:51:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.09.18 11:41:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pierce\AppData\Roaming\mozilla\Extensions
[2012.05.26 14:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pierce\AppData\Roaming\mozilla\Firefox\Profiles\h6wwgarx.default\extensions
[2011.12.11 22:10:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.12 10:51:28 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.03 20:58:59 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.12 10:51:27 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.03 20:58:59 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.03 20:58:59 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.03 20:58:59 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.03 20:58:59 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001..\Run: [svñhîst] C:\Users\Pierce\wgsdgsdgdsgsd.exe (Softspecialists)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1890510484-2314157509-767822104-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.145.0.cab (Battlefield Heroes Updater)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5C3E0F8-1104-4CA2-92CA-EA220DE1FC9F}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.26 17:45:39 | 000,779,496 | R--- | M] (BioWare) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.10.26 22:21:41 | 000,000,054 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{fbab6cbb-d952-11e0-a7a5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fbab6cbb-d952-11e0-a7a5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009.10.26 17:45:39 | 000,779,496 | R--- | M] (BioWare)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.24 16:52:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pierce\Desktop\OTL.exe
[2013.01.24 12:34:12 | 000,054,784 | RHS- | C] (Softspecialists) -- C:\Users\Pierce\wgsdgsdgdsgsd.exe
[2013.01.22 23:05:14 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Indicium Technologies
[2013.01.22 23:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.01.22 23:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013.01.22 23:02:25 | 000,000,000 | ---D | C] -- C:\Users\Pierce\Documents\EveHQ
[2013.01.22 23:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveHQ
[2013.01.22 23:01:44 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\EveHQ
[2013.01.22 22:46:57 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Local\EveMeep3
[2013.01.22 22:45:27 | 000,000,000 | ---D | C] -- C:\Users\Pierce\Documents\EveMeep
[2013.01.22 22:44:46 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evemeep3
[2013.01.22 22:33:16 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\EVEMon
[2013.01.22 22:33:13 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
[2013.01.22 21:37:20 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom Salem Updater
[2013.01.22 19:49:21 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games
[2013.01.20 18:52:19 | 000,000,000 | ---D | C] -- C:\Users\Pierce\.salem
[2013.01.20 18:51:48 | 000,000,000 | ---D | C] -- C:\Users\Pierce\Salem
[2013.01.14 13:29:46 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoH Community Mappack
[2013.01.11 05:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.01.11 05:13:53 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.11 05:13:50 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.11 05:13:50 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.11 05:13:50 | 000,095,184 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.11 05:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.01.11 00:44:24 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitzkrieg Mod
[2013.01.09 23:32:49 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 23:32:49 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 23:32:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 23:32:39 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.02 00:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012.12.25 19:38:39 | 000,000,000 | ---D | C] -- C:\Users\Pierce\AppData\Local\Programs
========== Files - Modified Within 30 Days ==========
[2013.01.24 16:52:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pierce\Desktop\OTL.exe
[2013.01.24 15:37:14 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.24 15:37:14 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.24 15:37:14 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.24 15:37:14 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.24 15:37:14 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.24 15:33:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.24 15:32:59 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.24 12:47:28 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 12:47:28 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 12:40:20 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.24 12:34:12 | 000,054,784 | RHS- | M] (Softspecialists) -- C:\Users\Pierce\wgsdgsdgdsgsd.exe
[2013.01.24 12:29:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.22 23:01:45 | 000,002,543 | ---- | M] () -- C:\Users\Public\Desktop\EveHQ.lnk
[2013.01.22 22:46:55 | 000,000,963 | ---- | M] () -- C:\Users\Pierce\Desktop\EveMeep3.exe - Verknüpfung.lnk
[2013.01.22 21:37:20 | 000,002,173 | ---- | M] () -- C:\Users\Pierce\Desktop\Custom Salem Updater.lnk
[2013.01.22 19:58:27 | 000,001,132 | ---- | M] () -- C:\Users\Pierce\Desktop\Civ4BeyondSword.exe - Verknüpfung.lnk
[2013.01.22 19:17:51 | 000,000,201 | ---- | M] () -- C:\Users\Pierce\Desktop\Total War SHOGUN 2.url
[2013.01.16 13:42:28 | 000,000,000 | ---- | M] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351504843-2013-01-16 13_42_28.775139.dmp
[2013.01.16 13:30:43 | 000,000,000 | ---- | M] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351504843-2013-01-16 13_30_43.780445.dmp
[2013.01.16 13:07:21 | 000,000,000 | ---- | M] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351090895-2013-01-16 13_07_21.264356.dmp
[2013.01.11 05:13:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.01.11 05:13:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.01.11 05:13:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.11 05:13:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.11 05:13:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.11 05:13:46 | 000,095,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.11 00:50:20 | 000,000,671 | ---- | M] () -- C:\Users\Pierce\Desktop\Blitzkrieg Mod.lnk
[2013.01.10 15:23:39 | 000,294,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 03:07:04 | 001,590,370 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.01 23:18:05 | 000,000,202 | ---- | M] () -- C:\Users\Pierce\Desktop\Terraria.url
[2012.12.30 19:52:05 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.30 19:21:29 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
========== Files Created - No Company Name ==========
[2013.01.22 23:01:45 | 000,002,543 | ---- | C] () -- C:\Users\Public\Desktop\EveHQ.lnk
[2013.01.22 22:46:55 | 000,000,963 | ---- | C] () -- C:\Users\Pierce\Desktop\EveMeep3.exe - Verknüpfung.lnk
[2013.01.22 19:57:25 | 000,001,132 | ---- | C] () -- C:\Users\Pierce\Desktop\Civ4BeyondSword.exe - Verknüpfung.lnk
[2013.01.22 19:17:50 | 000,000,201 | ---- | C] () -- C:\Users\Pierce\Desktop\Total War SHOGUN 2.url
[2013.01.20 18:51:48 | 000,002,173 | ---- | C] () -- C:\Users\Pierce\Desktop\Custom Salem Updater.lnk
[2013.01.16 13:42:28 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351504843-2013-01-16 13_42_28.775139.dmp
[2013.01.16 13:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351504843-2013-01-16 13_30_43.780445.dmp
[2013.01.16 13:07:21 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\Documents\ts3_clientui-win64-1351090895-2013-01-16 13_07_21.264356.dmp
[2013.01.11 00:44:26 | 000,000,671 | ---- | C] () -- C:\Users\Pierce\Desktop\Blitzkrieg Mod.lnk
[2013.01.02 00:04:39 | 001,590,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.01 23:18:05 | 000,000,202 | ---- | C] () -- C:\Users\Pierce\Desktop\Terraria.url
[2012.12.24 01:47:30 | 000,000,218 | ---- | C] () -- C:\Users\Pierce\.recently-used.xbel
[2012.07.04 06:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.04 06:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.06.22 17:09:21 | 000,000,529 | ---- | C] () -- C:\Windows\eReg.dat
[2012.04.18 19:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.17 19:44:28 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.17 19:43:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.28 16:16:14 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\AppData\Local\{09D142B4-77A4-422D-B189-37377C6E1C0C}
[2012.01.26 18:48:17 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\AppData\Local\{FB9017D5-3234-4A21-AF85-B52229339836}
[2011.12.10 14:28:20 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\AppData\Local\{D5F8C78D-0B4F-4534-8DB6-9A0E362D4C55}
[2011.12.10 14:27:19 | 000,000,000 | ---- | C] () -- C:\Users\Pierce\AppData\Local\{08C478D6-61CE-4DA4-96C4-A325A98F0A94}
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.09.07 14:19:46 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.09.07 14:19:46 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.09.07 14:13:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.08.03 19:18:22 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.minecraft
[2012.03.01 22:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.minecraft - Kopie
[2012.03.04 16:16:09 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.minecraft versionen
[2013.01.24 12:01:01 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.purple
[2012.01.20 06:42:09 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.spoutcraft
[2012.01.09 19:05:34 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.spoutcraft - Kopie
[2012.10.12 18:54:16 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\.techniclauncher
[2011.09.11 17:38:55 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\ArmA II Launcher
[2012.01.09 11:29:19 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\bandicraft
[2012.06.22 17:53:52 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\CPUControl
[2011.09.09 19:54:20 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\DAEMON Tools Lite
[2013.01.22 23:07:24 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\EveHQ
[2013.01.22 22:33:21 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\EVEMon
[2012.12.23 19:57:43 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\gtk-2.0
[2013.01.24 12:35:15 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\ICQ
[2013.01.22 23:05:14 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Indicium Technologies
[2012.05.06 15:51:20 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Kalypso Media
[2011.09.11 14:17:03 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Leadertech
[2013.01.23 01:19:35 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Mumble
[2012.01.09 19:05:16 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Neuer Ordner
[2011.10.08 12:06:25 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\OpenOffice.org
[2012.07.13 19:20:57 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\six-updater
[2011.09.11 12:34:27 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\six-zsync
[2012.11.04 18:51:57 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\Tropico 4
[2013.01.24 00:55:18 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\TS3Client
[2012.07.12 09:25:05 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\ts3overlay
[2012.07.12 10:22:13 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\TSNotifier
[2012.07.30 22:39:00 | 000,000,000 | ---D | M] -- C:\Users\Pierce\AppData\Roaming\wargaming.net
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 4096 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 3584 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Pierce\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Pierce\Desktop\desktop.ini:gs5sys
< End of report >
--- --- --- |
Textbox.