| |  Mal wieder "Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert"
 Hallo,
leider hat es mich auch erwischt und ich habe mir beim Surfen den ""Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert" Trojaner eingefangen. Er blockiert alles,wenn ich mich normal anmelde (ich bin gerade im abgesicherten Modus unterwegs).
Malwarebytes spuckt folgendes aus: PHP-Code: Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.14.03
Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
***:: ***[Administrator]
14.08.2012 17:25:01
mbam-log-2012-08-14 (17-43-31).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210109
Laufzeit: 2 Minute(n), 8 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|verclsid (Spyware.Zbot) -> Daten: C:\Users\***\AppData\Local\Microsoft\Windows\2743\verclsid.exe -> Keine Aktion durchgeführt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 4
C:\Users\***\AppData\Local\Microsoft\Windows\2743\verclsid.exe (Spyware.Zbot) -> Keine Aktion durchgeführt.
C:\ProgramData\9sKAWokw.exe (Heuristics.Shuriken) -> Keine Aktion durchgeführt.
C:\ProgramData\aG6v1W73.exe (Trojan.Buzus) -> Keine Aktion durchgeführt.
C:\Users\***\AppData\Roaming\rundll32.exe (Trojan.Agent.Gen) -> Keine Aktion durchgeführt.
(Ende)
Danach habe ich OTL benutzt und es kommt: PHP-Code: OTL logfile created on: 14.08.2012 17:42:34 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\***\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 70,66% Memory free
7,73 Gb Paging File | 6,76 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 461,80 Gb Total Space | 318,10 Gb Free Space | 68,88% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:[b]64bit:[/b] - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:[b]64bit:[/b] - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 13:09:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.30 16:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 13:09:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.06.12 19:27:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.08.11 00:44:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***AppData\Roaming\mozilla\Firefox\Profiles\kgefnaph.default\extensions
[2012.06.12 19:09:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.08.11 00:44:39 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KGEFNAPH.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012.06.30 17:35:47 | 000,026,136 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KGEFNAPH.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI
[2012.06.12 19:43:12 | 000,140,964 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KGEFNAPH.DEFAULT\EXTENSIONS\FIREGESTURES@XULDEV.ORG.XPI
[2012.07.18 13:09:44 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000..\Run: [verclsid] C:\Users\***\AppData\Local\Microsoft\Windows\2743\verclsid.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2163182966-2767165490-3795028801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:[b]64bit:[/b] - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA004678-B2ED-4765-9E98-A4E67B5A61F7}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2DC6FAF-772C-483C-97F3-D7B22617EC3E}: DhcpNameServer = 192.168.178.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a32faa70-b4af-11e1-9b09-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a32faa70-b4af-11e1-9b09-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{a32faa70-b4af-11e1-9b09-806e6f6e6963}\Shell\dinstall\command - "" = D:\Directx\dxsetup.exe
O33 - MountPoints2\{af99f185-c35a-11e1-ba6c-aeebc213b0fe}\Shell - "" = AutoRun
O33 - MountPoints2\{af99f185-c35a-11e1-ba6c-aeebc213b0fe}\Shell\AutoRun\command - "" = E:\CD_Start.exe
O33 - MountPoints2\{dc327489-b85e-11e1-a64e-98674fde59f6}\Shell - "" = AutoRun
O33 - MountPoints2\{dc327489-b85e-11e1-a64e-98674fde59f6}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{f16296cb-d5b0-11e1-a775-ccb011f25af5}\Shell - "" = AutoRun
O33 - MountPoints2\{f16296cb-d5b0-11e1-a775-ccb011f25af5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.08.14 17:24:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.08.14 17:23:59 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.14 17:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 17:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.14 17:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.14 16:55:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\hellomoto
[2012.08.14 14:32:14 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.08.14 14:30:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google
[2012.08.14 14:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.14 14:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.11 20:42:47 | 000,000,000 | ---D | C] -- C:\Sc2gears Mouse prints
[2012.08.11 16:10:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\LolClient
[2012.08.11 14:15:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.08.11 14:15:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.08.11 14:15:53 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.08.11 14:09:56 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.08.11 12:21:49 | 000,000,000 | ---D | C] -- C:\Lol
[2012.08.11 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\**\AppData\Local\PMB Files
[2012.08.11 12:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.08.11 12:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.08.10 10:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.08.02 12:12:41 | 000,000,000 | ---D | C] -- C:\Windows\wirz
[2012.08.01 21:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.08.01 21:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.08.01 01:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012.08.01 01:44:23 | 000,000,000 | ---D | C] -- C:\Users\***\SystemRequirementsLab
[2012.07.31 22:11:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warkeys
[2012.07.31 22:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warkeys
[2012.07.31 22:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warkeys
[2012.07.31 21:28:03 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012.07.31 21:28:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.07.31 21:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.07.31 21:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2012.07.31 15:19:36 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Tunngle
[2012.07.31 15:19:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Tunngle
[2012.07.31 15:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012.07.31 15:19:33 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2012.07.31 15:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.07.31 15:19:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.07.31 15:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012.07.26 19:38:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.25 19:45:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2012.07.24 19:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2012.07.24 19:21:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Diagnostics
[2012.07.24 14:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2012.07.24 14:40:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike Source
[2012.07.22 17:13:58 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Papercrafts
[2012.07.22 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
[2012.07.22 13:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascaron Entertainment
[2012.07.21 15:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo 2
[2012.07.17 21:43:20 | 000,000,000 | ---D | C] -- C:\Users\***AppData\Local\PunkBuster
[2012.07.17 21:11:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2012.07.17 21:11:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.07.17 21:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.07.17 21:10:48 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.07.17 21:10:48 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.07.17 21:10:48 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.07.17 21:10:48 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.07.17 21:10:48 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.07.17 21:10:47 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.07.17 21:10:46 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.07.17 21:10:46 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.07.17 21:10:46 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.07.17 21:10:46 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.07.17 21:10:46 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.07.17 21:10:46 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.07.17 21:10:46 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.07.17 21:10:44 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.07.17 21:10:44 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.07.17 21:10:44 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.07.17 21:10:44 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.07.17 21:10:44 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.07.17 21:10:44 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.07.17 21:10:44 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.07.17 21:10:44 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.07.17 21:10:44 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.07.17 21:10:43 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.07.17 21:10:43 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.07.17 21:10:42 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.07.17 21:10:42 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.07.17 21:10:41 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.07.17 21:10:41 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.07.17 21:10:41 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.07.17 21:10:41 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.07.17 21:10:41 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.07.17 21:10:40 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.07.17 21:10:40 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.07.17 21:10:40 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.07.17 21:10:40 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.07.17 21:10:39 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.07.17 21:10:39 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.07.17 21:10:39 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.07.17 21:10:39 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.07.17 21:10:39 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.07.17 21:10:38 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.07.17 21:10:38 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.07.17 21:10:38 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.07.17 21:10:38 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.07.17 21:10:38 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.07.17 21:10:38 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.07.17 21:10:38 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.07.17 21:10:38 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.07.17 21:10:38 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.07.17 21:10:38 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.07.17 21:10:38 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.07.17 21:10:37 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.07.17 21:10:37 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.07.17 21:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.07.17 21:10:34 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.07.17 19:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012.07.17 18:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012.06.28 16:47:26 | 000,031,744 | ---- | C] (xZYgBmewYZOXazMSehtqPY) -- C:\ProgramData\9sKAWokw.exe
[2012.06.28 16:47:19 | 028,089,449 | ---- | C] (Nrsft) -- C:\ProgramData\aG6v1W73.exe
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012.08.14 17:23:59 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.14 17:20:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.14 17:19:55 | 3111,555,072 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.14 17:18:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.14 16:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.14 16:43:52 | 000,014,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 16:43:52 | 000,014,592 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 14:30:05 | 000,002,251 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.08.14 14:29:37 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.14 13:24:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.13 11:07:12 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.13 11:07:12 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.13 11:07:12 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.13 11:07:12 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.13 11:07:12 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.11 14:15:56 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.08.10 10:03:18 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.10 00:23:53 | 000,607,431 | ---- | M] () -- C:\Users\***\AppData\Roaming\rundll32.exe
[2012.08.05 21:47:02 | 000,001,339 | ---- | M] () -- C:\Users\***\Desktop\Sc2gears - Verknüpfung.lnk
[2012.08.04 23:54:53 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.04 23:54:53 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.03 01:37:10 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.02 23:40:56 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.08.01 22:05:45 | 000,001,152 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.08.01 12:30:13 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.01 00:47:14 | 000,059,666 | ---- | M] () -- C:\Windows\War3Unin.dat
[2012.08.01 00:47:14 | 000,001,960 | ---- | M] () -- C:\Users\***\Desktop\Frozen Throne.lnk
[2012.08.01 00:45:16 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012.08.01 00:45:16 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2012.07.31 22:10:16 | 000,001,953 | ---- | M] () -- C:\Users\***Desktop\Warcraft III.lnk
[2012.07.31 17:50:51 | 000,282,472 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.07.31 15:19:33 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.07.29 21:41:01 | 000,001,313 | ---- | M] () -- C:\Users\***\Desktop\Standarternährung.klf
[2012.07.28 21:20:29 | 000,001,446 | ---- | M] () -- C:\Users\***\Desktop\Starcraft BW.lnk
[2012.07.25 19:45:19 | 000,002,027 | ---- | M] () -- C:\Users\***\Desktop\Counter-Strike Source.lnk
[2012.07.24 20:10:12 | 000,000,680 | RHS- | M] () -- C:\Users\***\ntuser.pol
[2012.07.22 17:46:53 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.22 13:07:15 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\0000003B.LCS
[2012.07.21 15:28:39 | 000,001,896 | ---- | M] () -- C:\Users\***\Desktop\Diablo II - Lord of Destruction.lnk
[2012.07.17 19:13:26 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2012.07.17 19:12:31 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012.08.14 17:23:59 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.14 14:30:05 | 000,002,251 | ---- | C] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.08.14 14:29:37 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.11 14:15:56 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.08.10 00:23:45 | 000,607,431 | ---- | C] () -- C:\Users\***\AppData\Roaming\rundll32.exe
[2012.08.05 21:47:02 | 000,001,339 | ---- | C] () -- C:\Users\***\Desktop\Sc2gears - Verknüpfung.lnk
[2012.08.01 00:47:14 | 000,001,960 | ---- | C] () -- C:\Users\***\Desktop\Frozen Throne.lnk
[2012.07.31 22:10:16 | 000,001,953 | ---- | C] () -- C:\Users\***\Desktop\Warcraft III.lnk
[2012.07.31 21:28:03 | 000,059,666 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012.07.31 21:28:03 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2012.07.31 17:50:51 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.07.31 15:19:33 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.07.29 21:41:01 | 000,001,313 | ---- | C] () -- C:\Users\***\Desktop\Standarternährung.klf
[2012.07.28 21:20:29 | 000,001,446 | ---- | C] () -- C:\Users\***\Desktop\Starcraft BW.lnk
[2012.07.25 19:45:19 | 000,002,027 | ---- | C] () -- C:\Users\***\Desktop\Counter-Strike Source.lnk
[2012.07.22 13:07:15 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\0000003B.LCS
[2012.07.21 15:26:08 | 000,001,896 | ---- | C] () -- C:\Users\***\Desktop\Diablo II - Lord of Destruction.lnk
[2012.07.17 21:10:43 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.07.17 19:13:26 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
[2012.07.17 19:12:36 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.17 19:12:36 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.07.17 19:12:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.17 19:12:31 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.07.08 14:26:08 | 000,000,680 | RHS- | C] () -- C:\Users\***\ntuser.pol
[2012.06.17 22:22:07 | 000,000,218 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[color=#E56717]========== LOP Check ==========[/color]
[2012.08.13 21:31:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.07.07 14:47:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.Nitrous
[2012.08.14 00:09:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.purple
[2012.08.14 14:31:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2012.07.08 10:08:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.06.28 14:24:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Foxit Software
[2012.06.17 18:37:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2012.08.14 16:55:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\hellomoto
[2012.08.11 16:10:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2012.06.30 22:58:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\My Games
[2012.06.12 19:37:53 | 000,000,000 | ---D | M] -- C:\Users\***AppData\Roaming\Thunderbird
[2012.07.31 15:42:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tunngle
[2012.08.06 17:12:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 872 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Reloaded: Game of the Year Edition.lnk
< End of report >
Und in der Extras: PHP-Code: OTL Extras logfile created on: 14.08.2012 17:42:34 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\***\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 70,66% Memory free
7,73 Gb Paging File | 6,76 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 461,80 Gb Total Space | 318,10 Gb Free Space | 68,88% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2163182966-2767165490-3795028801-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FD155C-9F38-4AD2-A74C-BFDE681CBA6D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0AF983DF-843B-4581-9DE4-7BF80D7DA7AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DCEFF65-EB26-441D-A23D-EB592EA5790B}" = lport=445 | protocol=6 | dir=in | app=system |
"{1EBE2A00-E5A2-46EC-AFC8-546B51F1A353}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27160B5B-851C-4992-A01E-23B13FD7CD76}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27F5ACBB-D581-4301-9CF9-BB96B7E8BE6B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{310E3D17-2334-4085-9BBC-245BCE4B7D99}" = lport=137 | protocol=17 | dir=in | app=system |
"{3BA4C803-4B60-4FA2-B5A6-23781303414C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3C7F3760-3EFA-4107-B214-647F9D17303F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3D8622E0-EB8D-4B58-8553-A24057F59956}" = rport=137 | protocol=17 | dir=out | app=system |
"{3E304BF2-CC24-4E27-A711-DB58391FE029}" = rport=10243 | protocol=6 | dir=out | app=system |
"{423CA64C-299F-41FF-9221-8233DC0D5452}" = rport=445 | protocol=6 | dir=out | app=system |
"{5D6C084E-6F0D-433C-A4EB-1CC620784C68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5E5721D0-72BA-4CE0-9B77-52BF1DFF3A88}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61DE4D78-D8A8-4459-8CE6-F954EECC4F4B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6388FC49-9E48-4550-A4F2-8D7E14746EB8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6ECF3C91-5BE5-41D6-A582-D7879270E4F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{7916C8DD-A0CD-40DB-8E6A-33D49434CEB8}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D5BB954-B321-4291-9B77-321B0FC19B21}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81E43DAB-2419-43CF-B73E-E435F3538AE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{837C56CA-C02F-451C-B5C9-02B772276C3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83CFB022-A716-4063-884E-CCC12E32C3C5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B747B6E-2EC7-4799-9883-162CE3B1968B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{8D932103-F00B-46CF-89B3-45CD458FBBAE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9AC8991F-C2E9-4B06-945F-A0FF23293E68}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A55BAA4E-B682-4C94-8C0C-A7375B06064A}" = lport=138 | protocol=17 | dir=in | app=system |
"{A6BB8827-77F0-4AEF-88BA-3B4CF0A619E1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CF6225D2-9CCD-4D0D-95D6-18C3B994E7DE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DA22E2AB-EBAC-4765-BEB8-1266FD42C35F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0E90EE8-68B3-4833-8D82-759A75679A6E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EEC479A2-8210-4BBC-9AD6-865ABDDF35BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6875B2F-209F-411C-A21F-3182C901D4F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0260B3F4-C8F3-4585-988C-89898AB21CE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{046F2E4A-FFCD-42BA-B7AB-F718D4B7F6A9}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{04706896-70A4-4039-87B1-EFC270D9191D}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{08873D3E-CE06-424F-A83F-B847BA9DC622}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{08F51600-4619-4872-AA33-EC1CD15142BC}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{0C863A0B-C79C-411D-A6DF-8FB92536825C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{0DD69E0C-4BA6-4499-95A4-209ED1DAB823}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0EC34E1C-9E5A-4475-B601-4D6664A27B88}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0F5CB579-174E-47E3-8206-C899BF1CB3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{104A71BC-F542-4FE1-8A3F-3A0E699EFD53}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{148F37C1-0E24-4854-A0B5-EBB1F9CF7F8A}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\firaxis games\sid meier's civilization iv colonization\colonization.exe |
"{15768934-975D-4C75-8399-7A40D0207395}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{1AEA1612-FD70-4FAC-9A25-C132E135BA4B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{1C418AC1-300D-4B8D-B660-600BE7862DD5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{21C1D213-39C3-4503-B225-CC380BED193D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{21CD9D1F-F7D0-478D-BA3A-41DE5214CF93}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{2356D6A7-74D6-4DB7-8DE7-E824C44B1BC6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2432E878-A84E-45D5-8FFA-EB44186C37C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2677D80A-77FF-49AA-BAFC-602F788C1295}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{3172D19A-879D-4DFF-AF54-19C05F7E313D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{31C76AC3-D43A-406A-B637-12ADE10F1F1E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{35D9B5E9-20D7-4EAD-8117-B9AF16994181}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3B61D2D2-E964-478C-8051-21F15C208A23}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{3F3943DC-A0CA-4ADD-9F6E-3926CC88B219}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40632206-D71A-48A7-AA35-B6E1D2AA9913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{435B0039-C1B6-498C-9DB8-7DF26DE65E19}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{439A3B77-47E6-4543-B4CB-3356C83DC268}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{44F33450-2098-425D-8657-24AA007F978A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46B4B2C8-9A0D-41FC-8003-E015AB8B4D86}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{494B9E32-41A2-4751-A4F7-CDB7A7543B83}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4B66DB29-5C3D-4314-887A-2A93E58DDCB5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4C675764-A703-43C4-A86F-3F771034AD52}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{4F02C289-09E1-4E8A-9811-72CA2367E215}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{4F9EF212-098B-4C61-B0E3-78CF317133EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5148F127-ED8E-4A7D-981D-A47B38DE2CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{51F7A463-5331-4303-94BE-121A9A093DA4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{57AA63BB-E002-41C8-9E5B-9FD2311CF062}" = protocol=58 | dir=in | app=system |
"{58CF462C-E32D-4FAE-B908-8BC59AB82E16}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords_pitboss.exe |
"{5C10D819-D745-411B-94A9-5700338FDA91}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{5C11B194-DEEF-420D-938E-6C7A02F506B4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5F54E92C-602F-412C-866E-FEF2F2D306A6}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"{63BC529E-D3B9-44DF-9A67-6A86134D2F1C}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\warlords\civ4warlords.exe |
"{661AA4E9-A522-4AEE-92FD-814D977EE938}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{662FAB62-44D3-43E4-A172-B9C1B5C91E2F}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{6821CA20-3F0E-4FCF-9CED-E80BE4C9BFDE}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{6EA65C25-B382-49AC-9506-31E6249A027B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6EA892A1-1E09-4D1D-B9D1-DA2946FF2FA1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6FE51A79-854D-416A-8D24-366A2E14ADF7}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"{76D12C15-F025-4C69-AFEF-3B3CDB5BEB95}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{783B480C-498C-42D3-B3B7-35B3DD4DE293}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{78DAA8ED-67E8-44FB-B04E-6067C020B6FF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{824158AA-DB34-494F-B1D2-3A43A1D4C2AC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{82F63C6B-52C1-4AC5-9B38-BC6E08C1991B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84121DB6-832F-4BB2-BE6B-4715D63D46C3}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{8FFEB76E-793D-4DA9-A270-FC3D49C5D825}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94EC8ED6-447E-460D-B528-D064DCBC4A2B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9C2A5A5A-3F1E-41E0-8C19-FCDFA26806E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9DD6AAAE-F1F1-4F8C-B670-E836AA365C80}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{9FF1D53D-8322-4CA9-BF00-3F0425E3A4A9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{A135F343-A323-4EF6-BF1E-1E8AC827A5B1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A20D0074-71D1-4C2E-AE5C-0F129E821D63}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{B2F1627E-D912-4BF9-BE7D-195098DC5EF8}" = protocol=17 | dir=in | app=c:\ut2004\system\ut2004.exe |
"{B368D6D7-DCE3-4DB8-9F19-6B579DA2FD8F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{B61C295A-38DE-42C4-B335-917C27A9C2F9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CBAF52AB-666A-4C64-A8D7-894C8C8BE916}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{D4E894C2-16C9-4E81-B559-FD19925370D7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DFE7FA9E-17CB-4E58-AB44-2AF5FA9B4BE8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E45FE01B-A960-47ED-A135-1EB57160E5E5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EA04F84E-D0A6-419E-854C-442987D6B369}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F2C7CB67-368C-499F-A9E2-763E33EDCCC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F57F8B8C-CEDC-4CB8-B5A3-428EB132B13A}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{F5BF06E1-A504-40E7-A894-CAC286ECF639}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F5DBF1A9-48D5-4322-AC79-CF500A2C0664}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{F69B774B-3D42-4E25-85CF-9494A8814F41}" = protocol=6 | dir=out | app=system |
"{F6BFBE37-DE8B-41F0-B198-F64AEA21E27F}" = protocol=6 | dir=in | app=c:\ut2004\system\ut2004.exe |
"{F91FBEF7-505C-40A9-A992-695CC3FC22F6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FA713975-D857-4380-94BB-33384F0C9804}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\beyond the sword\civ4beyondsword.exe |
"{FCF5D428-9E24-4BA4-8E7A-4A00AD7AB10E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{153F2D78-4BFE-428E-8D76-56FBB1EA5888}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{221DBFAC-8CB5-492B-9473-65CD8AA101F9}C:\ut2004\system\ut2004.exe" = protocol=6 | dir=in | app=c:\ut2004\system\ut2004.exe |
"TCP Query User{37A046C2-5033-4F1E-933F-76600986D434}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{3C5A8199-2BB4-4B77-ACD1-D786A28D2672}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"TCP Query User{3EC6BF95-583B-43EF-8393-A9879515E2F5}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{63781958-8723-42D0-8F55-6B1F4DD84B8D}C:\program files (x86)\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"TCP Query User{8E79EA4B-9B45-449C-AA00-4105956E93EF}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"TCP Query User{99FD2F1B-884D-4A3E-811A-3BEEE61AF732}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E507EEB4-C36A-41DD-913B-62AC2F563F81}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{EA1A5217-06FA-4792-A557-B3D2F2319B62}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{0C9EE13E-E9AC-4746-83FD-AB3871333B14}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{3C913078-D2EA-40AA-8EC9-C03297B9BB2C}C:\program files (x86)\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pidgin\pidgin.exe |
"UDP Query User{665C7B76-B341-485C-8926-21D9CC076E7E}C:\program files (x86)\steamless left4dead2 pack\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steamless left4dead2 pack\left4dead2.exe |
"UDP Query User{71CC0C6F-B62C-4A9E-B2F9-D88C35F4A97F}C:\program files (x86)\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{A1CF3865-AE7D-4B20-8D2B-A32D5FBBC5CD}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{A63219DC-22B7-48C9-BE53-A6155ED927DD}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{D01AC501-91BA-417E-8B2B-898C33F05967}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{EFDD72AC-7E02-407F-AB24-F39379F01526}C:\ut2004\system\ut2004.exe" = protocol=17 | dir=in | app=c:\ut2004\system\ut2004.exe |
"UDP Query User{F8C333E4-7D8F-44E0-814A-C00E9B65E873}C:\program files (x86)\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike source\hl2.exe |
"UDP Query User{FCA3E003-3A89-4FC2-9FED-07D5C6684F23}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D2BEC486-11DF-4C45-905D-5EC03B6FC6DF}" = TelikosGG - German
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"StarCraft II - Language Installer v2.07k" = StarCraft II - Language Installer
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"Foxit Reader_is1" = Foxit Reader
"Free Audio Converter_is1" = Free Audio Converter version 5.0.14.627
"Freemake Audio Converter_is1" = Freemake Audio Converter Version 1.1.0
"Google Chrome" = Google Chrome
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KaloMa_is1" = KaloMa 4.93
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Pidgin" = Pidgin
"Sacred Underworld_is1" = Sacred Underworld
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"Tunngle beta_is1" = Tunngle beta
"UT2004" = Unreal Tournament 2004
"VLC media player" = VLC media player 2.0.1
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.20.0.0b
"Worms Reloaded: Game of the Year Edition (c) Tea~DA4FE166_is1" = Worms Reloaded: Game of the Year Edition (c) Team17 Software Ltd. version 1
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2163182966-2767165490-3795028801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 13.08.2012 12:42:16 | Computer Name = *** | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151
Error - 13.08.2012 12:42:17 | Computer Name = ***| Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.08.2012 12:42:17 | Computer Name = ***| Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4212
Error - 13.08.2012 12:42:17 | Computer Name = *** | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4212
Error - 13.08.2012 12:42:18 | Computer Name = *** | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.08.2012 12:42:18 | Computer Name = ***| Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5257
Error - 13.08.2012 12:42:18 | Computer Name = *** | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5257
Error - 13.08.2012 15:52:00 | Computer Name = *** | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 13.08.2012 16:45:44 | Computer Name = *** | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 14.08.2012 10:51:33 | Computer Name = ***| Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 14.08.2012 11:39:25 | Computer Name = ***| Source = DCOM | ID = 10005
Description =
Error - 14.08.2012 11:39:26 | Computer Name = *** | Source = DCOM | ID = 10005
Description =
Error - 14.08.2012 11:41:31 | Computer Name = ***| Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:41:31 | Computer Name = ***| Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:41:31 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:42:07 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:42:07 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:42:07 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:43:51 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 14.08.2012 11:43:51 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
Alles noch mal im Anhang.
Vielen Dank im Vorraus für eure Hilfe 
|
14.08.2012, 17:06
Baum-Darstellung