PC ist langsam + Internet bricht ab

firefox lol · 20.09.2012, 20:09

Hi ich habe zwar keine direkten Hinweise das mein PC befallen ist, aber er erscheint mir langsamer als früher und das Internet bricht ständig ab. Deshalb wollte ich mal hören ob das an irgendwelchen Viren oder so liegt.
OTL.txt:

Code:

ATTFilter

OTL logfile created on: 20.09.2012 20:19:46 - Run 1
OTL by OldTimer - Version 3.2.64.0     Folder = C:\Users\Daniel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,70% Memory free
6,21 Gb Paging File | 5,08 Gb Available in Paging File | 81,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 274,41 Gb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 19,66 Gb Free Space | 98,30% Space Free | Partition Type: NTFS
 
Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.20 20:14:20 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2012.08.09 13:24:32 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.10 15:26:52 | 000,008,704 | ---- | M] (Microsoft) -- C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2012.05.08 20:45:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 20:45:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 20:45:23 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.05.10 12:14:16 | 000,186,848 | ---- | M] () -- C:\Windows\System32\WinService.exe
PRC - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.05.30 16:36:40 | 000,550,160 | ---- | M] (Logitech(c)) -- C:\Programme\Logitech\Z-5 Speakers\Z-5 Speakers.exe
PRC - [2008.01.18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.11.26 14:31:18 | 001,101,824 | ---- | M] (Ralink Technology, Corp.) -- C:\Programme\RALINK\Common\RaUI.exe
PRC - [2007.11.14 16:50:42 | 004,706,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.10.15 09:15:08 | 001,410,344 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.10.15 09:14:48 | 000,202,024 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007.06.27 10:18:40 | 000,215,256 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe
PRC - [2007.06.27 10:18:20 | 000,293,080 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\CCU_Engine.exe
PRC - [2007.06.27 10:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\CCU\AlertService.exe
PRC - [2007.06.27 10:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
PRC - [2007.06.27 10:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
PRC - [2007.06.27 10:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
PRC - [2007.06.27 10:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
PRC - [2007.06.27 10:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
PRC - [2007.06.27 10:14:40 | 000,439,512 | ---- | M] (Intel Corporation) -- C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
PRC - [2007.06.27 10:13:56 | 000,268,504 | ---- | M] () -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
PRC - [2007.02.12 11:46:34 | 000,208,896 | ---- | M] () -- C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.02.11 07:30:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.05.30 16:36:38 | 000,144,656 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\LMPMdllExport.dll
MOD - [2008.04.24 11:35:32 | 000,249,856 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\wxmsw28u_skin_vc_custom.dll
MOD - [2008.04.24 11:35:20 | 002,428,928 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\wxmsw28u_core_vc_custom.dll
MOD - [2008.04.24 11:35:12 | 000,618,496 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\wxmsw28u_adv_vc_custom.dll
MOD - [2008.04.24 11:33:32 | 000,106,496 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\wxbase28u_xml_vc_custom.dll
MOD - [2008.04.24 11:33:30 | 000,958,464 | ---- | M] () -- C:\Programme\Logitech\Z-5 Speakers\wxbase28u_vc_custom.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.07 18:04:19 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.30 19:31:19 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.25 13:02:16 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.10 15:26:52 | 000,008,704 | ---- | M] (Microsoft) [Auto | Running] -- C:\Programme\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2012.05.08 20:45:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 20:45:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.05.10 12:14:16 | 000,186,848 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WinService.exe -- (SCM_Service)
SRV - [2010.02.21 01:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.08.18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.04.11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.06.27 10:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2007.06.27 10:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe -- (QualityManager)
SRV - [2007.06.27 10:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2007.06.27 10:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2007.06.27 10:15:28 | 000,039,640 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE)
SRV - [2007.06.27 10:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2007.06.27 10:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore)
SRV - [2007.06.27 10:13:56 | 000,268,504 | ---- | M] () [Auto | Running] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2007.02.12 11:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Medion\WinFlash.sys -- (WINFLASH)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.05.08 20:45:23 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 20:45:23 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.19 00:46:06 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapoas.sys -- (tapoas)
DRV - [2011.07.01 11:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011.06.12 12:20:59 | 000,005,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2011.02.11 23:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Programme\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.06.17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.06.17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.01.18 21:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2008.01.08 09:17:08 | 001,302,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007.12.26 10:46:00 | 000,288,768 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wg111v2.sys -- (RTL8187)
DRV - [2007.11.21 11:35:06 | 000,569,344 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.06.27 10:17:46 | 000,014,552 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2007.06.19 11:37:58 | 000,229,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007.02.18 20:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2007.01.19 03:20:54 | 000,021,728 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{33D00C23-F804-48D0-9DFA-FB2D289A6BA6}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.137.0
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:3.6.2
FF - prefs.js..extensions.enabledAddons: longurlplease@darragh.curran:0.5.1
FF - prefs.js..extensions.enabledAddons: netvideohunter@netvideohunter.com:1.9.1
FF - prefs.js..extensions.enabledAddons: fmdownloader@gmail.com:1.0.0
FF - prefs.js..extensions.enabledAddons: donottrackplus@abine.com:2.2.1.829
FF - prefs.js..extensions.enabledAddons: groovesharkUnlocker@overlord1337:1.2
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120910
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:\\Users\\Daniel\\AppData\\Local\\Temp\\proxtube.pac"
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ [2012.05.22 11:22:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:04:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.07 18:04:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:04:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.07 18:04:16 | 000,000,000 | ---D | M]
 
[2011.07.05 17:38:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2012.09.20 17:35:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions
[2012.09.20 17:35:10 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.05.11 15:45:31 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\battlefieldheroespatcher@ea.com
[2011.10.27 16:53:48 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\battlefieldplay4free@ea.com
[2012.08.31 15:44:01 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\donottrackplus@abine.com
[2012.05.21 20:54:20 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\foxyproxy@eric.h.jung
[2012.09.16 14:17:40 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\ich@maltegoetz.de
[2012.01.27 18:14:08 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\0qjuhz4z.default\extensions\netvideohunter@netvideohunter.com
[2012.09.06 19:55:11 | 000,029,003 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0qjuhz4z.default\extensions\groovesharkUnlocker@overlord1337.xpi
[2012.07.18 20:02:32 | 000,008,503 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0qjuhz4z.default\extensions\longurlplease@darragh.curran.xpi
[2012.07.25 18:27:42 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0qjuhz4z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.13 20:45:28 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0qjuhz4z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.08.29 22:56:22 | 000,007,915 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0qjuhz4z.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2012.09.07 18:04:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.07 18:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.05.22 11:22:00 | 000,000,000 | ---D | M] (Freemake Video Downloader Plugin) -- C:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO DOWNLOADER\BROWSERPLUGIN\FIREFOX
[2012.09.07 18:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.07 18:04:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.09.07 18:04:19 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.21 20:33:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 13:19:56 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.21 20:33:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.21 20:33:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.21 20:33:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.21 20:33:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Freemake Video Downloader = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\
CHR - Extension: Google-Suche = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Do Not Track Plus = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\2.2.0.510_0\
CHR - Extension: AdBlock = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Google Mail = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Programme\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Z-5 Speakers] C:\Programme\Logitech\Z-5 Speakers\Z-5 Speakers.exe (Logitech(c))
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C387F59-CEC1-4367-8335-635FDA88E300}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E392EB34-C582-4F70-BB8A-AC918624B9AC}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.20 20:14:18 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012.09.17 21:25:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Wirtschaftspraktikum
[2012.09.10 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\fontconfig
[2012.09.10 16:41:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\gegl-0.2
[2012.09.10 16:41:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.gimp-2.8
[2012.09.10 16:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.09.09 13:29:42 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\gegl-0.0
[2012.09.08 15:30:51 | 000,360,448 | ---- | C] (FLV.com) -- C:\Windows\System32\TubeFinder.exe
[2012.09.08 15:30:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\FreeFLVConverter
[2012.09.08 15:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[2012.09.08 15:29:46 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Mediachance
[2012.09.08 15:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditStudio6
[2012.09.08 15:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\EditStudio6
[2012.09.07 18:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.05 22:09:35 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.05 22:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 22:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.02 14:29:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Socusoft Photo to Video Converter
[2012.09.02 14:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Socusoft
[2012.08.30 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\my games
[2012.08.28 22:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\FreePDF_XP
[2012.08.28 22:46:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\FreePDF
[2012.08.28 22:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.20 20:18:10 | 000,000,000 | ---- | M] () -- C:\Users\Daniel\defogger_reenable
[2012.09.20 20:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.20 20:17:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.20 20:16:11 | 000,302,592 | ---- | M] () -- C:\Users\Daniel\Desktop\td2lf3bt.exe
[2012.09.20 20:14:20 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2012.09.20 20:14:03 | 000,050,477 | ---- | M] () -- C:\Users\Daniel\Desktop\Defogger.exe
[2012.09.20 19:38:59 | 000,003,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.20 19:38:59 | 000,003,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.20 19:24:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.20 17:38:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.20 17:38:52 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.19 22:21:05 | 000,006,088 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\wklnhst.dat
[2012.09.19 17:11:12 | 000,055,296 | ---- | M] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.14 19:20:34 | 000,013,772 | ---- | M] () -- C:\Users\Daniel\AppData\Local\recently-used.xbel
[2012.09.09 23:11:27 | 000,409,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.05 20:07:13 | 000,000,024 | ---- | M] () -- C:\Users\Daniel\random.dat
[2012.09.05 20:00:54 | 000,000,046 | ---- | M] () -- C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat
[2012.09.05 20:00:54 | 000,000,032 | ---- | M] () -- C:\Users\Daniel\jagex_cl_runescape_LIVE.dat
[2012.09.03 16:14:13 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.31 20:10:08 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.28 22:29:05 | 000,012,288 | ---- | M] () -- C:\Users\Daniel\Documents\lebenslauf daniel.wps
[2012.08.28 22:26:04 | 000,011,264 | ---- | M] () -- C:\Users\Daniel\Documents\stenaline.wps
[2012.08.26 21:46:42 | 000,014,848 | ---- | M] () -- C:\Users\Daniel\Documents\spanien2012.wps
[2012.08.26 20:46:50 | 000,010,752 | ---- | M] () -- C:\Users\Daniel\Documents\spanienhandout.wps
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.20 20:18:10 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\defogger_reenable
[2012.09.20 20:16:10 | 000,302,592 | ---- | C] () -- C:\Users\Daniel\Desktop\td2lf3bt.exe
[2012.09.20 20:14:03 | 000,050,477 | ---- | C] () -- C:\Users\Daniel\Desktop\Defogger.exe
[2012.09.14 19:20:34 | 000,013,772 | ---- | C] () -- C:\Users\Daniel\AppData\Local\recently-used.xbel
[2012.09.10 16:33:05 | 000,000,880 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.09.08 15:30:50 | 000,364,544 | ---- | C] () -- C:\Windows\System32\PropertyGrid.ocx
[2012.09.08 15:30:50 | 000,208,500 | ---- | C] () -- C:\Windows\System32\ReyXpBasics.tlb
[2012.09.08 15:30:50 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ControlSubX.ocx
[2012.08.28 22:46:29 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012.08.28 22:46:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2012.08.28 22:04:15 | 000,011,264 | ---- | C] () -- C:\Users\Daniel\Documents\stenaline.wps
[2012.08.26 20:10:27 | 000,010,752 | ---- | C] () -- C:\Users\Daniel\Documents\spanienhandout.wps
[2012.08.22 19:41:41 | 000,014,848 | ---- | C] () -- C:\Users\Daniel\Documents\spanien2012.wps
[2012.08.05 18:47:53 | 000,010,240 | ---- | C] () -- C:\Users\Daniel\bewerbung provinzial.wps
[2012.08.01 16:27:23 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.06.26 17:35:37 | 000,000,050 | ---- | C] () -- C:\Users\Daniel\jagex_cl_runescape_LIVE_BETA.dat
[2012.06.26 17:35:37 | 000,000,024 | ---- | C] () -- C:\Users\Daniel\random.dat
[2012.04.20 15:27:25 | 000,186,848 | ---- | C] () -- C:\Windows\System32\WinService.exe
[2012.04.15 18:24:26 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.03.22 23:24:32 | 000,695,578 | ---- | C] () -- C:\Windows\System32\unins000.exe
[2012.03.22 23:24:32 | 000,001,071 | ---- | C] () -- C:\Windows\System32\unins000.dat
[2012.03.05 16:40:26 | 000,000,683 | ---- | C] () -- C:\Users\Daniel\NETGEAR WG111v2 Smart Wizard.lnk
[2012.02.21 14:09:25 | 000,000,004 | ---- | C] () -- C:\Users\Daniel\cache.dat
[2012.01.10 17:21:04 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.12.23 14:46:54 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.12.15 21:18:26 | 000,000,046 | ---- | C] () -- C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat
[2011.11.05 15:13:21 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\{7ABD599E-CFB6-40C2-BAE3-3B2AA8CFEF29}
[2011.11.03 17:30:31 | 000,000,032 | ---- | C] () -- C:\Users\Daniel\jagex_cl_runescape_LIVE.dat
[2011.10.16 13:14:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.08.03 14:12:52 | 000,087,364 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.07.18 18:15:09 | 000,055,296 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.25 22:21:33 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.06.25 22:21:33 | 000,138,056 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\PnkBstrK.sys
[2011.06.25 22:21:02 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.06.25 22:21:00 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.06.20 14:39:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.06.20 14:39:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.06.17 11:33:51 | 000,000,129 | ---- | C] () -- C:\Users\Daniel\jagex_runescape_preferences2.dat
[2011.06.17 11:33:18 | 000,000,035 | ---- | C] () -- C:\Users\Daniel\jagex_runescape_preferences.dat
[2011.06.16 21:47:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.06.16 19:51:38 | 000,006,088 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\wklnhst.dat
[2011.06.12 13:09:31 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2011.06.12 12:42:30 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2011.06.12 11:30:48 | 000,002,032 | ---- | C] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.02.11 23:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
========== LOP Check ==========
 
[2012.08.29 17:27:47 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft
[2012.02.17 15:51:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\AnvSoft
[2012.08.25 20:00:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\avidemux
[2012.03.12 16:40:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Canon
[2012.02.26 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoft
[2011.11.05 14:15:18 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.09.08 15:30:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FreeFLVConverter
[2012.08.28 22:49:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FreePDF
[2012.09.09 18:50:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gtk-2.0
[2012.05.18 14:36:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\JonDo
[2011.06.16 19:30:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Leadertech
[2011.08.03 13:05:48 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient
[2012.02.24 17:00:35 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MAGIX
[2012.03.22 22:51:52 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Orbit
[2011.11.26 19:26:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Origin
[2012.03.22 22:46:35 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ProgSense
[2012.08.09 16:16:04 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Soldat
[2012.05.30 21:31:13 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Solveig Multimedia
[2011.06.16 19:51:58 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Template
 
========== Purity Check ==========
 
 

< End of report >

Extras.txt:

Code:

ATTFilter

OTL Extras logfile created on: 20.09.2012 20:19:46 - Run 1
OTL by OldTimer - Version 3.2.64.0     Folder = C:\Users\Daniel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19298)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,70% Memory free
6,21 Gb Paging File | 5,08 Gb Available in Paging File | 81,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 274,41 Gb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 19,66 Gb Free Space | 98,30% Space Free | Partition Type: NTFS
 
Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{230DD1F2-5CB7-4B7E-B278-D4A8BF107001}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery | 
"{29C653CA-A2B9-4753-8B67-27C7271970CA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{36C28C9C-1BDB-4D4B-BCD0-A1B00EC63150}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3BEE5BF4-D706-4C40-AE5D-32E6A4CC5AFC}" = rport=138 | protocol=17 | dir=out | app=system | 
"{476D420A-BC11-48DC-847B-CB24D45145F5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4B93DB55-969F-4653-A128-5F6C01E4343A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{50A307A7-2FDB-4350-9C4E-E6CC64425800}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{5E0091F4-4E54-400D-95A2-31751B495F11}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{64F0BC97-1649-4EB5-9622-4D3C8E8989AB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
"{65F79044-5F89-4B05-9C5D-A3BD3FD9F9C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{66AAFB45-9710-4402-869A-A1C0C80DD39D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6B8560E1-FAFD-4412-883C-62B02EEFE743}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{72804330-F1AD-446F-8F3C-D720388D73DE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{772405A6-A4EB-41F2-A4ED-9C58A8612B6B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{83809C5F-1A01-4631-806C-093A38C40E00}" = lport=139 | protocol=6 | dir=in | app=system | 
"{89BE2499-6A4A-40BD-8EBF-CECE1825B885}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C1FAB1ED-9A99-4BAD-B593-BA1DC445F4C6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{DFB81C3F-8ECE-473D-BD31-AF3DC4FFBEE8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{EA411FAD-6809-415C-B55A-C12C434F6500}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{EE11957A-8D28-44D8-A4C7-EABE88F9ED94}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery | 
"{FABAF256-E3FE-4067-8E3F-7FE27E44850D}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018BACDA-1902-4D84-9D2B-EAE6793F5383}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{024B22E8-3863-43B7-AB89-8678F1247756}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe | 
"{04986A53-0CDB-49B5-87BA-F3E8A092FEE5}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | 
"{06D13324-0E7F-4D3E-B9D9-12AE60625135}" = protocol=6 | dir=in | app=c:\users\daniel\desktop\spiele\vindictus eu\en-eu\nmservice.exe | 
"{123246FD-5C69-48F8-B87A-DA7D2FB82A3C}" = protocol=17 | dir=in | app=c:\users\daniel\desktop\spiele\vindictus eu\en-eu\nmservice.exe | 
"{2292342B-7014-4E36-971C-89D40B1A6BE7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe | 
"{28163A86-E0B0-42B9-BB2E-4C3FCF7DD4D5}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{28536A4F-7966-4C62-8E5D-48F1074FB396}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{3A47F22C-3AC0-45D0-A224-10711ED37DA6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | 
"{3EF0371F-0BAF-49FF-BDE1-AC820200F77E}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{4204EAF3-8DBE-4BC2-BE31-E9A13599E700}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | 
"{4A05EC8B-089B-4B63-9FC3-B5D03542C1DE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war ii - retribution\dow2.exe | 
"{521589F7-846F-453B-A396-A6C4F0C401A3}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe | 
"{548BD206-2A37-40C7-831D-9B353B31F372}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe | 
"{5A4666B1-6138-42A8-B52F-E46D4D7A5ABF}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe | 
"{5F2E4BE1-E69B-4C03-BA98-2E2209FC0CC0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe | 
"{630CAE9D-82B9-448E-87F5-F947E67C45C7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{6A9F37A6-97F2-4AC0-9F82-6E713E0611E7}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{6B141568-CABA-448C-8C05-D0BA341ADDEA}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{710C4E6E-0EB5-4526-8B88-D36A4E27E1AE}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | 
"{772C6652-E840-40E6-B1C0-5A71D3856B3B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{77B4FE8F-E78F-4D61-BC8F-F250619D24ED}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{7F41BFF9-2E5F-4958-A4EE-2C3D6D22FC51}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{82F7C682-99BD-4CF6-A300-F8822F49F356}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{8B21A174-3DFC-468F-B1A2-59F16C20C166}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8CBD8BA0-413B-4B6B-8D24-FEB151DD42C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war ii - retribution\dow2.exe | 
"{968CB435-01EB-408B-8909-B792A2911EEC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe | 
"{9992E2F8-CCE6-40BF-B603-9F7951444440}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 
"{9C6546A4-5C9F-4D09-A0D5-947F8F29DA80}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | 
"{9F5D4DFE-9122-4D4A-AB4D-D50FAA467D1E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{A1514DD0-401F-4BEA-82B5-D1F6378C8154}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5175535-B2EE-48D5-9617-450764280E04}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{A7E0D1B7-CE13-430B-B3B7-D75D9C6ABEF0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{C582DBE4-B817-4701-90C0-8D4CEA55A00F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{CEBC4A16-9A57-48F4-8CE8-AE3CAABCE528}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{D13F8B56-F005-4280-AF3F-2F4274143616}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe | 
"{D3F897FE-E3A1-453B-BCCC-F19E909045D2}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{D99213A3-C434-45E0-BFC8-8DE1B624052A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{F0D9FDA1-0692-4D7D-A13A-C4CF1F4CB665}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F8A38E5A-7C2B-472D-9F56-FFC166EF6115}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{F8FB8EF9-7CF1-4DFC-AA72-B4651E235101}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FDCB6D92-F3A7-4663-B5A1-F9ACBDE62DB2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"TCP Query User{12EC7F12-3BF0-40A7-896A-3721F148CF04}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{2E55B762-F7AA-43AA-871D-1E2A8F224EAB}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{AD948801-78A1-41F9-9230-F23F62D12852}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{D6B43769-C5B7-43AE-AC08-F9330EDDEE1C}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | 
"UDP Query User{628FC5A3-4F05-4F8D-B394-81290D8453D8}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{62DB8704-D200-44FD-A0EA-600B14F8753C}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | 
"UDP Query User{9A1CE7A7-09B9-4DF1-A9ED-EA271192312A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{B084733F-CDF5-46C6-AA6B-3A1C5850EE5E}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink Wireless LAN
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4102037D-E8E0-48E0-B203-E521D194FB71}" = NETGEAR WG111v2 wireless USB 2.0 adapter
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BB977A4-E843-4E31-9859-745F442B1031}" = Nero 8 Essentials
"{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1" = BigMacroTool 1.5
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A7472CEE-6E85-4D43-9C71-BDFC0D471F70}" = Intel® Viiv™ Software
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85}" = Intel(R) PRO Network Connections 12.2.41.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C314AD4A-1715-40DD-9C20-04EF3D22598B}" = Logitech Z-5
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"69083DC58646DE46A09847A522A1CC487F918039" = Windows-Treiberpaket - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AstrumNival Allods" = Allods Online 2.0.06.42
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CamStudio Lossless Codec_is1" = CamStudio Lossless Codec v1.4
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EditStudio_is1" = EditStudio 6.0.5
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.0.0.1228
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Game Booster_is1" = Game Booster 3
"GIMP-2_is1" = GIMP 2.8.2
"G'MIC for GIMP_is1" = G'MIC for GIMP Version 1.5.1.9
"Google Chrome" = Google Chrome
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"MediaInfo" = MediaInfo 0.7.57
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Origin" = Origin
"Picasa 3" = Picasa 3
"PROSetDX" = Intel(R) PRO Network Connections 12.2.41.0
"PunkBusterSvc" = PunkBuster Services
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Soldat_is1" = Soldat 1.6.2
"Steam App 20570" = Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
"Steam App 22650" = Alien Breed 2: Assault
"Steam App 240" = Counter-Strike: Source
"Steam App 56400" = Warhammer® 40,000®: Dawn of War® II – Retribution™
"Vindictus EU" = Vindictus EU
"VLC media player" = VLC media player 1.1.11
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.05.2012 14:44:57 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 08.05.2012 08:41:46 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 08.05.2012 17:13:30 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 09.05.2012 10:03:07 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 09.05.2012 16:19:43 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 10.05.2012 15:58:20 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 10.05.2012 17:28:58 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 11.05.2012 05:26:54 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 11.05.2012 08:57:38 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 12.05.2012 07:19:00 | Computer Name = Daniel-PC | Source = EventSystem | ID = 4621
Description = 
 
[ IntelDH Events ]
Error - 30.08.2012 07:19:45 | Computer Name = Daniel-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
 failed when trying to hide icon
 
Error - 30.08.2012 07:19:45 | Computer Name = Daniel-PC | Source = TrayIcon | ID = 15
Description = A CCU internal function detected an error: CCU_TrayIcon::Shell_NotifyIcon
 failed when trying to hide icon
 
[ Media Center Events ]
Error - 16.06.2011 13:22:45 | Computer Name = Daniel-PC | Source = ehRecvr | ID = 4
Description = 
 
[ System Events ]
Error - 19.09.2012 09:21:31 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 19.09.2012 09:21:31 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 19.09.2012 12:37:25 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 19.09.2012 12:37:25 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 20.09.2012 04:47:02 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 20.09.2012 04:47:02 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 20.09.2012 09:19:43 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 20.09.2012 09:19:43 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 20.09.2012 11:40:34 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 20.09.2012 11:40:34 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >

Gmer.txt:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-20 21:01:22
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AACS-00ZUB0 rev.01.01B01
Running: td2lf3bt.exe; Driver: C:\Users\Daniel\AppData\Local\Temp\uwdirpod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                                                                          section is writeable [0x8FE0A000, 0x267978, 0xE8000020]

---- Registry - GMER 1.0.15 ----

Reg    HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@SIGN=26F42A7 TREIBER\Windows Vista\Intel\xae Matrix Storage Manager\Setup.exe  1

---- EOF - GMER 1.0.15 ----

danke im Voraus

cosinus · 21.09.2012, 09:14

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

PC ist langsam + Internet bricht ab

Plagegeister aller Art und deren Bekämpfung: PC ist langsam + Internet bricht ab

PC ist langsam + Internet bricht ab

PC ist langsam + Internet bricht ab

Ähnliche Themen: PC ist langsam + Internet bricht ab