Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.09.2012, 16:01   #1
Baumkind
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Beitrag

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.



Hi Leute!
Habe seit gestern ein Problem mit meiner IP-Adresse. Habe wegen eines Spiels (namentlich: Torchlight 2) ein paar Ports aufgemacht, da ich keine Möglichkeit hatte eine Connection zu anderen Spielern aufzubauen. // Habe die Ports mittlerweile alle wieder geschlossen.
Heute morgen, nach ungefähr 4-5 Stunden rumprobieren, habe ich mich dann entschieden selber einen kleinen Fragepost im Runic.de Forum aufzumachen... und habe dann ganz schön doof aus der Wäsche geschaut als ich bei der Forum-Accountregistration plötzlich diese Meldung bekommen habe:

Your IP 79.111.192.30 has been blocked because it is blacklisted. For details please see 79.111.192.30.

An entry on the blaklist may have several reasons:
1. You are a well-known spammer.
2. Last time a well-known spammer was using the dynamic IP address which you got from your ISP (Internet Service Provider).
3. Your ISP is well-known for a lot of spamming customers and is not fighting against spammers.


Habe dann erstmal schnell mein cmd -> ipconfig gecheckt, dort ist wie erwartet immer noch meine feste 192.168.*.* Adresse angegeben. Bin dann auf wieistmeineip.de... und siehe da, auch dort wird meine IP als 79.111.192.30 erkannt. Ein paar Google Nachforschungen haben ergeben, dass diese Adresse irgendwo in Moskau vermeldet ist... ich wohne selber auch in Moskau... allerdings ist dies definitiv nicht meine Adresse... und ich glaube ich bin auch kein Spambot :P
Habe jetzt als erstes vermutet dass ich mir irgendwo ein Root Kit oder ähnliches eingefangen hab...

Habe erstmal einen schnellen ODT Scan durchlaufen lassen, wie im Forum beschrieben, hier die beiden .txt:

ODT.txt:


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 22.09.2012 17:04:59 - Run 1
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Baumkind\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 48,69% Memory free
15,80 Gb Paging File | 11,12 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 411,91 Gb Total Space | 84,75 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive D: | 274,60 Gb Total Space | 269,14 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
Drive E: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: BAUMKIND-MSI | User Name: Baumkind | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baumkind\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\program files (x86)\avira\antivir desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\program files (x86)\avira\antivir desktop\sqlite3.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\6dc7ae907d0a57aa19331225f5192ca7\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe ()
MOD - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe ()
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (Micro Star SCM) -- C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (MSI Foundation Service) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe (MSI)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MGHwCtrl) -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys File not found
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bflwfx64.sys (Bigfoot Networks, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\e22W7x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (gbxavs) -- C:\Windows\SysNative\drivers\gbxavs.sys (Native Instruments GmbH)
DRV:64bit: - (gbxusb_svc) -- C:\Windows\SysNative\drivers\gbxusb.sys (Native Instruments GmbH)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE:64bit: - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi.msn.com
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Informatik\eclipse\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 20:12:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 20:12:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.07.25 21:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baumkind\AppData\Roaming\mozilla\Extensions
[2012.08.25 00:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baumkind\AppData\Roaming\mozilla\Firefox\Profiles\697bok7d.default\extensions
[2012.07.27 20:44:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Baumkind\AppData\Roaming\mozilla\Firefox\Profiles\697bok7d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.07 20:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.07 20:12:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.31 17:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 17:29:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.31 17:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.31 17:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.31 17:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.31 17:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.11 01:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Informatik\eclipse\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Informatik\eclipse\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [S-Bar] C:\Program Files (x86)\S-Bar\S-Bar.exe (Micro-Star International Co.,Ltd.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VGAOCAP] C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe ()
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{134B834A-96FD-4D77-A2A8-52659D6494A1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D6DB9F-048D-4B0E-A7D4-6F9A21FB7059}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.22 16:28:59 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Malwarebytes
[2012.09.22 16:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.22 16:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.22 16:28:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.09.22 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.22 14:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.09.22 14:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.09.22 14:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.09.22 14:21:12 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Avira
[2012.09.22 14:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.09.22 14:19:22 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2012.09.22 14:19:22 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2012.09.22 14:19:22 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys
[2012.09.22 14:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.22 14:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.09.22 13:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.22 13:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.22 13:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.09.21 23:15:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2012.09.21 21:38:09 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\UnknownApplicationVendor
[2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\Tunngle
[2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Tunngle
[2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2012.09.21 20:41:02 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\windows\SysNative\drivers\tap0901t.sys
[2012.09.21 20:29:27 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\NVIDIA
[2012.09.21 20:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.09.21 14:12:56 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\LOLReplay
[2012.09.21 14:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2012.09.20 18:01:46 | 000,000,000 | -H-D | C] -- C:\Users\Baumkind\Desktop\.picasaoriginals
[2012.09.20 16:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.20 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Informatik
[2012.09.20 16:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.09.20 16:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.09.12 22:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012.09.12 22:11:15 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\uTorrent
[2012.09.11 12:09:19 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Corel
[2012.09.11 12:09:15 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Corel
[2012.09.07 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.08.27 21:36:57 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\six-updater
[2012.08.27 21:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects
[2012.08.27 21:36:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects
[2012.08.27 21:22:00 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\ArmA 2 OA
[2012.08.27 01:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012.08.27 01:39:08 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\six-zsync
[2012.08.27 01:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Networks
[2012.08.27 01:38:05 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\Downloaded Installations
[2012.08.27 00:13:46 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\runic games
[2012.08.26 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\ArmA 2
[2012.08.26 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\ArmA 2
[2012.08.26 00:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim GREEN BUTTON
[2012.08.26 00:21:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verbatim GREEN BUTTON
[2012.08.25 03:42:05 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2012.08.25 03:42:04 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2012.08.25 01:47:00 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Skype
[2012.08.25 01:46:58 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.08.25 01:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.25 01:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.08.25 01:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.08.25 00:12:32 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Desktop\Beatport Music
[2012.08.24 22:00:24 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\com.beatport.BeatportDownloader
[2012.08.24 22:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Beatport Downloader
[2012.08.24 22:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.22 16:28:34 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 15:36:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.09.22 14:48:29 | 000,001,268 | ---- | M] () -- C:\Users\Baumkind\Desktop\Spybot - Search & Destroy.lnk
[2012.09.22 14:39:42 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 14:39:42 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 14:28:03 | 2066,284,543 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 14:19:29 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.21 23:37:04 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\Access.dat
[2012.09.21 23:36:08 | 000,000,222 | ---- | M] () -- C:\Users\Baumkind\Desktop\Torchlight II.url
[2012.09.21 23:33:37 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\Torchlight.url
[2012.09.21 23:15:39 | 636,908,235 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012.09.21 21:05:23 | 000,294,888 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012.09.21 20:14:38 | 001,550,634 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.09.21 20:14:38 | 000,665,578 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.09.21 20:14:38 | 000,627,420 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.09.21 20:14:38 | 000,133,758 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.09.21 20:14:38 | 000,110,140 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.09.21 18:54:17 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\Borderlands 2.url
[2012.09.21 14:12:55 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.09.20 18:01:46 | 000,024,869 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-004.jpg
[2012.09.20 17:58:18 | 000,020,801 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-003.jpg
[2012.09.20 17:52:25 | 000,154,610 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-002.jpg
[2012.09.20 17:44:52 | 000,204,658 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-001.jpg
[2012.09.20 17:35:35 | 001,964,488 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer.jpg
[2012.09.20 17:33:34 | 000,768,769 | ---- | M] () -- C:\Users\Baumkind\Desktop\FLYERSTREETARTPARTY.pdf
[2012.09.13 00:12:04 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.09.12 22:12:25 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.11 12:09:19 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012.09.07 20:26:05 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2012.09.07 20:26:05 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2012.09.07 20:26:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.08.27 21:36:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012.08.27 21:36:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012.08.27 01:46:28 | 000,000,219 | ---- | M] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2.url
[2012.08.27 01:46:28 | 000,000,219 | ---- | M] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2 Add-on Support.url
[2012.08.26 22:40:18 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\ARMA 2 Operation Arrowhead.url
[2012.08.26 00:42:57 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\ARMA 2.url
[2012.08.25 01:46:58 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.24 22:00:22 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Beatport Downloader.lnk
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.22 16:28:34 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.22 14:48:29 | 000,001,268 | ---- | C] () -- C:\Users\Baumkind\Desktop\Spybot - Search & Destroy.lnk
[2012.09.22 14:19:29 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.21 23:37:04 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat
[2012.09.21 23:36:08 | 000,000,222 | ---- | C] () -- C:\Users\Baumkind\Desktop\Torchlight II.url
[2012.09.21 23:33:37 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\Torchlight.url
[2012.09.21 23:15:39 | 636,908,235 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012.09.21 18:54:17 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\Borderlands 2.url
[2012.09.21 14:12:55 | 000,001,923 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2012.09.21 14:12:55 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.09.20 18:01:46 | 000,024,869 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-004.jpg
[2012.09.20 17:58:18 | 000,020,801 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-003.jpg
[2012.09.20 17:52:25 | 000,154,610 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-002.jpg
[2012.09.20 17:44:52 | 000,204,658 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-001.jpg
[2012.09.20 17:35:34 | 001,964,488 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer.jpg
[2012.09.20 17:33:34 | 000,768,769 | ---- | C] () -- C:\Users\Baumkind\Desktop\FLYERSTREETARTPARTY.pdf
[2012.09.13 00:12:04 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.09.12 22:12:25 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.11 12:09:18 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.08.27 21:36:03 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk
[2012.08.27 21:36:03 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk
[2012.08.27 01:46:28 | 000,000,219 | ---- | C] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2.url
[2012.08.27 01:46:28 | 000,000,219 | ---- | C] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2 Add-on Support.url
[2012.08.26 22:40:18 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\ARMA 2 Operation Arrowhead.url
[2012.08.26 00:42:57 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\ARMA 2.url
[2012.08.25 01:46:58 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.24 22:00:22 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beatport Downloader.lnk
[2012.08.24 22:00:22 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Beatport Downloader.lnk
[2012.08.15 18:16:16 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin
[2012.08.15 17:33:40 | 000,111,928 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2012.08.15 17:33:36 | 002,793,768 | ---- | C] () -- C:\windows\SysWow64\pbsvc.exe
[2012.08.15 17:33:36 | 000,066,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2012.07.25 15:26:47 | 000,000,100 | ---- | C] () -- C:\ProgramData\CameraRecorder.ini
[2012.07.25 14:41:10 | 000,120,200 | ---- | C] () -- C:\windows\SysWow64\DLLDEV32i.dll
[2012.03.19 23:37:12 | 000,755,188 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012.03.19 23:37:12 | 000,561,508 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.03.19 22:23:38 | 013,024,256 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012.03.15 10:19:58 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.03.15 10:01:16 | 000,001,313 | ---- | C] () -- C:\windows\THXCfg_SP_APOIM.ini
[2012.03.15 10:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_HP_APOIM.ini
[2012.03.15 10:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_APOIM.ini
[2012.03.15 10:01:14 | 000,182,272 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL
[2012.03.15 10:01:14 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL
[2008.03.07 18:43:56 | 000,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 15:47:30 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== ZeroAccess Check ==========
 
[2012.08.02 04:51:43 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\LocalLow\Microsoft\Silverlight\is\44doroe4.jit\342cglad.2oz\1\l
[2012.07.31 18:35:06 | 000,000,043 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-3664255064-580672183-1075423204-1001\$R4KZ0MU\n.gif
[2009.07.14 08:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
========== LOP Check ==========
 
[2012.08.24 22:00:24 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\com.beatport.BeatportDownloader
[2012.09.20 18:37:13 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\DVDVideoSoft
[2012.07.27 20:44:53 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.08.04 03:18:30 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Image-Line
[2012.07.25 23:12:21 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\LolClient
[2012.07.25 15:11:55 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\MAGIX
[2012.08.27 00:13:46 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\runic games
[2012.08.27 21:37:37 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\six-updater
[2012.08.27 01:39:08 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\six-zsync
[2012.08.31 01:17:11 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\TS3Client
[2012.07.25 23:01:30 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\ts3overlay
[2012.09.22 06:07:56 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Tunngle
[2012.09.21 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\UnknownApplicationVendor
[2012.09.12 23:18:08 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\uTorrent
[2012.07.28 12:40:10 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Vodafone
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---




Extra.txt:

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 22.09.2012 17:04:59 - Run 1
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Baumkind\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,90 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 48,69% Memory free
15,80 Gb Paging File | 11,12 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 411,91 Gb Total Space | 84,75 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive D: | 274,60 Gb Total Space | 269,14 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
Drive E: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: BAUMKIND-MSI | User Name: Baumkind | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{179DB465-E670-4320-9B9A-8481DC202F9C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{590F768A-D66F-4EC0-8D03-7CDD86C9A3DA}" = rport=4171 | protocol=17 | dir=out | name=tl2 4171 out | 
"{613FC915-876E-4D70-B41D-F64D38996D1D}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 | 
"{AFE7C32D-378B-44D7-B3FE-454E9C994879}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{BD54F953-9936-4302-996B-AAAC2A426466}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 | 
"{C32BBAC3-F5CF-4E81-BF14-130822313CF3}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063EBE60-BA1B-4E98-B15B-D338226E7A05}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{118AC277-061E-44FB-90D0-3309500B3962}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{13D398FB-04D8-490F-9A9B-18104E85D275}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | 
"{1488E09F-B330-48DD-9ED3-621F14FF4627}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe | 
"{15DC98DE-49CA-4B46-BD0A-4CA8E6498337}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{17A708E8-6FA6-482F-8419-5BE666FE1EB6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{1B2486FF-306B-46ED-997D-258418F95001}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{1B6185FC-9DD3-4193-BB1C-1C08BEBE6D97}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{1F2D4616-7F66-4CBB-87CF-0C19AFFA3520}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1FA333D6-F5C3-485C-A2A2-8313B554002D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{209A2DEA-3788-4823-9DC9-8A8B323C14E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | 
"{222E80B1-8437-4B91-84AD-CF5F66135702}" = dir=in | app=c:\users\baumkind\appdata\local\microsoft\skydrive\skydrive.exe | 
"{22579502-975E-49E9-9C2B-D6C2412936B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{23D7B453-213A-4F96-A0D6-0DF09310FA32}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma\arma.exe | 
"{281001EF-DD4A-4D08-B5AF-04D38137481D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"{2B98FA12-952C-4943-9334-4299FF2C89B7}" = protocol=17 | dir=in | app=c:\program files\arma\arma.exe | 
"{2C1346E6-84D4-42F6-B448-8D4BC95936A9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2F2AE682-9EB3-4BBE-9A05-5EDDC436132D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | 
"{31641A32-5B9C-40B6-822E-A62B404C7CD2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{32A2DDB9-8031-4EA3-836B-40BCB50AA631}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe | 
"{36358F9F-8ACA-48A2-AECE-49FD9EBF0BFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{3829F144-C213-4749-BFE9-3DA0125085FD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{3BD0CB67-27B1-4DC8-B3D4-FFC4913EB061}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe | 
"{4160970A-F8A5-46E1-B94A-44DA256CA118}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{4422618E-C7F5-4A4F-AE0F-8CAEB864A9E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | 
"{49771474-D522-4A26-A288-60B9ECAA626D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{4A896A0B-DFE7-4990-B96D-2961D4B9DB16}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{525F012E-D09C-42AA-8AD8-E13732E0E388}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd | 
"{52FE0634-B4D3-4EDB-9D33-52A7AE13D411}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe | 
"{551C22C2-6181-4299-BDB0-01927B1DB8A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{58C1264C-0527-4B14-8753-00A7AFFC84C3}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma\arma.exe | 
"{5E1A56B0-E1CA-448C-93F3-D881FCD83564}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | 
"{619ABEEB-6DC7-488B-A221-C53E80046EFB}" = protocol=6 | dir=in | app=c:\program files\arma\arma.exe | 
"{66EA690C-0AD1-4D4B-A547-99E080DE4B61}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{6954ED6D-3485-45A0-ACBD-0D39777C1B43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe | 
"{6B0C31E8-0E3F-45DC-9509-FAB28931100A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{7AF385E7-92DE-4BAA-8F6E-3584C064991F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe | 
"{7EA32614-30F3-4924-AD2C-A4C326860E8E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8136847C-8A4B-4E45-8F63-D322FF038926}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{826ACE21-4E4A-4E4C-8C02-07CCB95D3E92}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{8D571F44-5A8B-4309-B6BF-66961CA9ECEC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{900D4771-DCDC-4503-A3C5-06ED595CD4E0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{A3F541D7-BBDE-421C-8EA5-849DB7498A4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{A9266342-D4BE-4EB1-8186-47643C4E88F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{ADB574CA-6421-4E1D-8C86-6DCE1BD87F15}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{C7269555-9B81-4B1E-8F07-C8CC35AA7EB9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{CA5DA79F-897E-45D3-BA0D-F1937A068908}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{D6911ECD-6903-4201-B4FF-7DCC242EC844}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D863AFAB-3119-47DF-A65F-67B7D75FF50C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{DA2C1C9A-39BA-4EED-8D8C-9AB48C7A61DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe | 
"{DEE68E83-456D-457C-A920-0B9A1C7ABB64}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe | 
"{E005194B-6D44-49AF-AD96-80EA32AD8FED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{E0108C70-1D66-4288-A197-D609FBF54E86}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F150D4F8-0B34-49CF-B08D-F668733E49EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FDA3B6A3-124C-4A0B-BDB0-C69CDDAA0456}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 
"TCP Query User{0E34C515-A8CC-4E1E-9C13-F39FE312AD71}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe | 
"TCP Query User{11335656-9B00-4574-9389-21FA2FD3A021}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"TCP Query User{26286E94-8928-43EE-A4BE-79528F76EE95}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"TCP Query User{8C1FBF27-D32E-4207-AD8D-167EC1AEF0AE}C:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"TCP Query User{8F477DD9-697B-4F6D-ACB4-2EB912983B75}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"TCP Query User{A0AE181B-9EE3-44A0-BB75-4EB9D0DEC762}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe | 
"TCP Query User{B872F0A5-C38F-4EA2-BD63-85F0AFD7AFB4}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"TCP Query User{C529EC90-3D44-49D5-B656-3C9FBA1048BD}C:\program files\informatik\eclipse\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\informatik\eclipse\bin\javaw.exe | 
"TCP Query User{CF8B00E8-1BBF-4B57-8F85-D1763DBD5E2F}C:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"TCP Query User{FCBFD292-0111-475B-A8D8-363D1ADF12FD}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"UDP Query User{0C509DD3-D94F-402B-B7A6-98C2CB772C5E}C:\program files\informatik\eclipse\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\informatik\eclipse\bin\javaw.exe | 
"UDP Query User{15D75866-C684-4DBA-921F-7C3ED82B4DF1}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe | 
"UDP Query User{3F338930-7588-4F1F-85BA-0A0C3AFB5B90}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 
"UDP Query User{40835CCD-C12F-44D3-9230-2CED00CC4F5B}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | 
"UDP Query User{5A11C89F-4165-4D8B-AB7E-A12738B3CB02}C:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"UDP Query User{5AC97C44-6A14-4DB3-B735-AA20900166CD}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"UDP Query User{80179754-7AC7-4293-89FD-BD762E496139}C:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"UDP Query User{9098EB7B-9817-441B-B975-8E980EFBFF7D}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe | 
"UDP Query User{BF7948EB-E871-4A31-B60D-C2DE355513F1}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"UDP Query User{F380D8AC-26E2-4C48-8BAF-8753D58BBF47}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{043EEF79-513F-4666-B340-B8556AB0EADC}" = Native Instruments Studio Drummer
"{079419C3-9DFC-4571-BAFC-CD79854C684E}" = Native Instruments West Africa
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09BB8307-BD8F-4E92-9918-A4BAFD0638B3}" = Native Instruments VC 2A
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1244CC88-97DF-4694-A720-6F073845DEE2}" = Native Instruments Kontakt Factory Library
"{14C1DD2C-D54E-464A-9588-C109E3E39EEF}" = Native Instruments Vintage Organs
"{1745A39F-7F25-4ADA-8ADA-FD84A6301696}" = Native Instruments VC 76
"{1AE269AE-561D-4889-8A13-C1254ACBD025}" = Native Instruments Abbey Road 80s Drums
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{24873332-B98B-4235-ABBA-CCDEACC62BB9}" = Native Instruments Traktor Audio 6 Driver
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{28327E39-F691-44D4-BDE5-9B5B251ADD63}" = Native Instruments Komplete 8 Ultimate
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Mobile I/O
"{3054FEFA-4748-4cf0-8C3C-8DB887DE379F}" = Native Instruments Traktor Audio 2 Driver
"{305CA7E5-C739-48e2-B247-584C0E1B717C}" = Native Instruments Traktor Audio 10 Driver
"{33355583-296A-4E06-A129-6A5739529F1A}" = Native Instruments VC 2A for Maschine
"{33A9A927-73C9-4607-B8FD-A904257E978E}" = Native Instruments Solid Dynamics for Maschine
"{35DE6B98-31C9-4A01-AB64-20A3C71BE1D0}" = Native Instruments Reflektor
"{36ccb7d4-42c7-473e-b293-72e41a8ec766}" = Native Instruments Berlin Concert Grand
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{434CC4CB-0183-4CDE-BE7F-00230BE26494}" = Native Instruments The Mouth
"{470BB39A-7231-4077-AD3D-86067AD04604}" = Native Instruments Audio 8 DJ Driver
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4b98677f-ef75-4f71-8ef3-5603e3b0cbf7}" = Native Instruments Scarbee Vintage Keys
"{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter
"{4FEF843C-5829-4F1B-AC4A-02B1C1D9CD1D}" = Native Instruments Reflektor for Maschine
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5B841301-3649-4891-BC10-7A66820397C9}" = Native Instruments Reaktor Prism
"{5D03CB59-6F91-4097-922C-9DCA057D2A76}" = Native Instruments The Finger R2
"{5D1224E0-6777-4536-9D72-B0E151ED8C99}" = Native Instruments Battery Library Importer for Maschine
"{5FC09265-8AAD-410D-B88D-EBAA41327056}" = Native Instruments Scarbee Funk Guitarist
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{608EF1C8-5671-4C8B-A4B5-B428A2DF7715}" = Native Instruments Solid Bus Comp for Maschine
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{6481C64D-3B62-4D03-8AFB-7A485762F157}" = Native Instruments VC 160 for Maschine
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{67e13682-a5ba-4f12-ac10-4b41eacb82da}" = Native Instruments Alicias Keys
"{6969a180-13e1-4393-8265-98d11903375c}" = Native Instruments Evolve Mutations 2
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.5
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{74BAEC6B-6FE3-455D-894D-94C488613823}" = M-Audio KeyStudio49i Driver 6.0.1 (x64)
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{817B77D5-6BFC-4CD5-BD23-88C2C53B9A4C}" = Native Instruments Solid Dynamics
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{835e9421-5f20-4491-9a75-baa7af1ea14d}" = Native Instruments Vienna Concert Grand
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{86F4B370-079C-4EF9-B727-452B85CFA415}" = Native Instruments Retro Machines Mk2
"{8812511F-8D8C-49D3-A711-C9650B2F5566}" = Native Instruments Guitar Rig Pro Library for Maschine
"{88E45461-E8D2-4BCA-BDEC-0405E6FB4817}" = Native Instruments Transient Master
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{906E3E41-5259-4C3B-A5EB-3B7F63AFEDB5}" = Native Instruments VC 160
"{908177CD-FC53-4B56-8BF4-DE422F8D3C75}" = Native Instruments Traktors 12 for Maschine
"{92C4CBF6-0D9F-472B-A21A-8D4D7E003C40}" = Native Instruments Solid Bus Comp
"{93E2F252-D0F1-461A-9823-A2535D779E6E}" = Native Instruments Rammfire for Maschine
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9be187da-7d1c-4e8b-8b66-6132ca7697d8}" = Native Instruments New York Concert Grand
"{9c1b2ca5-bf9c-4b3e-b5ac-49a9133896a3}" = Native Instruments Scarbee Jay-Bass
"{9D3BAEFB-5DDD-43D4-8BB2-D9989521F003}" = Native Instruments Razor
"{a63e8179-0381-4b59-8876-0755be48eb6a}" = Native Instruments Scarbee MM-Bass
"{A8732D97-1D5F-45AE-B04C-6FE5C9A18AED}" = Native Instruments Solid EQ
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{AA2F4574-FD46-4897-8791-CD6CCD80E882}" = Native Instruments Evolve Mutations
"{b0c719eb-4c55-4b54-b37a-38b6fcd7116c}" = Native Instruments Scarbee MM-Bass Amped
"{b125d937-9582-450d-951e-7b53bd94d16d}" = Native Instruments Balinese Gamelan
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{C40C08A5-A7AF-43B2-BF93-7CF67719D194}" = Native Instruments Scarbee Pre-Bass
"{C983C1A3-2D12-4304-9EC6-F87CE78216E5}" = Native Instruments VC 76 for Maschine
"{C9BCE8B9-2510-48D4-B93A-EA7BEA81D6E7}" = Native Instruments Traktors 12
"{CE09E66D-167D-48A0-8196-5385A8C6469C}" = Native Instruments Solid EQ for Maschine
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D597935A-5F0E-44F8-A028-A0EF9C647D95}" = Native Instruments Rammfire
"{D69D39FC-DCC0-43F4-9524-043EE9F1C329}" = Native Instruments Abbey Road Modern Drums
"{d8650fdb-9422-4a07-9f57-585c06d9d760}" = Native Instruments Upright Piano
"{DDDE5B61-19BD-4F64-B14C-5F81DB56DF3E}" = Native Instruments George Duke Soul Treasures
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{E0BB5D87-62DC-4ABD-AC2F-A743EEA31F57}" = Native Instruments Transient Master for Maschine
"{E1B6008F-26D8-47BF-B585-6518AFE73557}" = Native Instruments Scarbee Pre-Bass Amped
"{e90698e9-2c52-4079-aa1d-b341f0f5b036}" = Native Instruments Abbey Road 70s Drums
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{f62a8337-2009-40b7-af47-0a2a1371645c}" = Native Instruments Maschine Drum Selection
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FCD398EC-9A6C-478D-82AC-96AE6FEF585D}" = Native Instruments Session Strings Pro
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1951F3A1-110D-4F5B-8346-9D0E735A54E0}" = Windows Live Writer
"{1A2516F6-15CF-45F0-A14C-865742A647C3}" = Windows Live Messenger
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{39BDC923-826E-4007-8179-50E7C570E545}" = S-Bar
"{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}" = Camera Recorder
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EAE58C0-7C36-40C3-ACED-0CABF2F46BCF}" = Windows Live Writer Resources
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{46B14AF1-EDFA-4088-AB2B-22A8128A1C54}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{57EC0BAF-E65F-4758-A6AB-586535C870A2}" = Windows Live Essentials
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D1898F-DFAE-4E0F-B57A-97F5F557EA3A}" = Windows Live Messenger
"{741ECBB6-1A0B-42F1-A7BF-76222734A63A}" = Movie Maker
"{7541F284-7167-4729-B1C1-0A3F7FC38EF3}" = Windows Live Messenger
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{803D4B7D-71CD-46B9-8F89-8BFD73920FAF}" = Windows Live UX Platform Language Pack
"{810EED37-2024-4C10-B266-5A8CCB3D1A65}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger
"{86CAC8DE-288A-410D-A4A4-0190060E69AE}" = Raccolta foto
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95193654-3EF2-4D17-8503-9F80B56D9ED5}" = MSI VGA Overclock Tool
"{959BC6D1-38C8-441F-9466-9ECCD4E68413}" = Galería de fotos
"{97373E60-D071-418A-87F1-A969EEEEBDAC}" = Windows Live Essentials
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A048F6D6-BECE-D521-9BC9-B8806BFB118C}" = Beatport Downloader
"{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer
"{A61E1C37-814A-42D8-8CF6-E49D729A4A9B}" = Windows Live Writer
"{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AFFBC271-AA8F-4908-BEAE-491B96AC57C4}" = Windows Live Mail
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6829511-95BB-46FC-9030-957D54B8EFE2}" = Windows Live UX Platform Language Pack
"{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{CBB00A31-1E0F-458C-BA15-0BAFF0567772}" = Windows Live Mail
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CDA04BEC-2F20-4E3C-A0E0-D75C8DE255D8}" = Windows Live Writer Resources
"{D0873221-A48B-4A2F-9D34-5F0C21725CF5}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D969C468-FCB8-4BFF-A480-33C0A6F7EA64}" = Windows Live Mail
"{DA22811F-4A83-4FE3-959F-1F26B64BA54B}" = Windows Live Writer
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DC2CB432-D3B9-4F81-8ACB-7775FD5202E5}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1DA4302-1C06-4533-AF6D-9D68B01FCB34}" = Movie Maker
"{E60D9CA8-14A6-4F56-BA12-D9D8C8004E09}" = Windows Live Messenger
"{EA53D435-3740-4513-A519-484D2BF659FA}" = Windows Live Writer Resources
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE58D81E-30CE-4C73-9A52-28E886B62B91}" = Windows Live Writer Resources
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA" = ArmA Uninstall
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"com.beatport.BeatportDownloader" = Beatport Downloader
"FL Studio 10" = FL Studio 10
"Free Studio_is1" = Free Studio version 5.6.3.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"LOLReplay" = LOLReplay
"MAGIX Foto Manager 9 D" = MAGIX Foto Manager 9
"MAGIX Online Druck Service D" = MAGIX Online Druck Service
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"M-Audio Key Rig_is1" = M-Audio Key Rig 1.0.1
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Abbey Road 70s Drums" = Native Instruments Abbey Road 70s Drums
"Native Instruments Abbey Road 80s Drums" = Native Instruments Abbey Road 80s Drums
"Native Instruments Abbey Road Modern Drums" = Native Instruments Abbey Road Modern Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Alicias Keys" = Native Instruments Alicias Keys
"Native Instruments Audio 2 DJ Driver" = Native Instruments Audio 2 DJ Driver
"Native Instruments Audio 4 DJ Driver" = Native Instruments Audio 4 DJ Driver
"Native Instruments Audio 8 DJ Driver" = Native Instruments Audio 8 DJ Driver
"Native Instruments Balinese Gamelan" = Native Instruments Balinese Gamelan
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Battery Library Importer for Maschine" = Native Instruments Battery Library Importer for Maschine
"Native Instruments Berlin Concert Grand" = Native Instruments Berlin Concert Grand
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Evolve Mutations" = Native Instruments Evolve Mutations
"Native Instruments Evolve Mutations 2" = Native Instruments Evolve Mutations 2
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments George Duke Soul Treasures" = Native Instruments George Duke Soul Treasures
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Mobile I/O" = Native Instruments Guitar Rig Mobile I/O
"Native Instruments Guitar Rig Pro Library for Maschine" = Native Instruments Guitar Rig Pro Library for Maschine
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments Komplete 8 Ultimate" = Native Instruments Komplete 8 Ultimate
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Factory Library" = Native Instruments Kontakt Factory Library
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Controller" = Native Instruments Maschine Controller
"Native Instruments Maschine Drum Selection" = Native Instruments Maschine Drum Selection
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments New York Concert Grand" = Native Instruments New York Concert Grand
"Native Instruments Rammfire" = Native Instruments Rammfire
"Native Instruments Rammfire for Maschine" = Native Instruments Rammfire for Maschine
"Native Instruments Razor" = Native Instruments Razor
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Prism" = Native Instruments Reaktor Prism
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Reflektor" = Native Instruments Reflektor
"Native Instruments Reflektor for Maschine" = Native Instruments Reflektor for Maschine
"Native Instruments Retro Machines Mk2" = Native Instruments Retro Machines Mk2
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Scarbee Funk Guitarist" = Native Instruments Scarbee Funk Guitarist
"Native Instruments Scarbee Jay-Bass" = Native Instruments Scarbee Jay-Bass
"Native Instruments Scarbee MM-Bass" = Native Instruments Scarbee MM-Bass
"Native Instruments Scarbee MM-Bass Amped" = Native Instruments Scarbee MM-Bass Amped
"Native Instruments Scarbee Pre-Bass" = Native Instruments Scarbee Pre-Bass
"Native Instruments Scarbee Pre-Bass Amped" = Native Instruments Scarbee Pre-Bass Amped
"Native Instruments Scarbee Vintage Keys" = Native Instruments Scarbee Vintage Keys
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session Strings Pro" = Native Instruments Session Strings Pro
"Native Instruments Solid Bus Comp" = Native Instruments Solid Bus Comp
"Native Instruments Solid Bus Comp for Maschine" = Native Instruments Solid Bus Comp for Maschine
"Native Instruments Solid Dynamics" = Native Instruments Solid Dynamics
"Native Instruments Solid Dynamics for Maschine" = Native Instruments Solid Dynamics for Maschine
"Native Instruments Solid EQ" = Native Instruments Solid EQ
"Native Instruments Solid EQ for Maschine" = Native Instruments Solid EQ for Maschine
"Native Instruments Studio Drummer" = Native Instruments Studio Drummer
"Native Instruments The Finger R2" = Native Instruments The Finger R2
"Native Instruments The Mouth" = Native Instruments The Mouth
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Native Instruments Traktor Audio 10 Driver" = Native Instruments Traktor Audio 10 Driver
"Native Instruments Traktor Audio 2 Driver" = Native Instruments Traktor Audio 2 Driver
"Native Instruments Traktor Audio 6 Driver" = Native Instruments Traktor Audio 6 Driver
"Native Instruments Traktors 12" = Native Instruments Traktors 12
"Native Instruments Traktors 12 for Maschine" = Native Instruments Traktors 12 for Maschine
"Native Instruments Transient Master" = Native Instruments Transient Master
"Native Instruments Transient Master for Maschine" = Native Instruments Transient Master for Maschine
"Native Instruments Upright Piano" = Native Instruments Upright Piano
"Native Instruments VC 160" = Native Instruments VC 160
"Native Instruments VC 160 for Maschine" = Native Instruments VC 160 for Maschine
"Native Instruments VC 2A" = Native Instruments VC 2A
"Native Instruments VC 2A for Maschine" = Native Instruments VC 2A for Maschine
"Native Instruments VC 76" = Native Instruments VC 76
"Native Instruments VC 76 for Maschine" = Native Instruments VC 76 for Maschine
"Native Instruments Vienna Concert Grand" = Native Instruments Vienna Concert Grand
"Native Instruments Vintage Organs" = Native Instruments Vintage Organs
"Native Instruments West Africa" = Native Instruments West Africa
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Steam App 200710" = Torchlight II
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 39160" = Dungeon Siege III
"Steam App 41500" = Torchlight
"Steam App 43110" = Metro 2033
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"uTorrent" = µTorrent
"Verbatim GREEN BUTTON_is1" = Verbatim GREEN BUTTON 1.46
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.09.2012 11:23:59 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20046
 
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21060
 
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21060
 
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22214
 
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22214
 
Error - 09.09.2012 14:10:17 | Computer Name = Baumkind-MSI | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.09.2012 05:38:47 | Computer Name = Baumkind-MSI | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.09.2012 12:24:13 | Computer Name = Baumkind-MSI | Source = Application Hang | ID = 1002
Description = Programm FL.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 944    Startzeit: 
01cd8f7026dcb45a    Endzeit: 9    Anwendungspfad: C:\Program Files (x86)\Image-Line\FL Studio
 10\FL.exe    Berichts-ID: f352259f-fb63-11e1-b606-8c89a5024998  
 
[ Media Center Events ]
Error - 17.08.2012 08:17:10 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:17:10 - Fehler beim Herstellen der Internetverbindung.  14:17:10 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 08:17:15 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:17:15 - Fehler beim Herstellen der Internetverbindung.  14:17:15 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 13:28:22 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 19:28:21 - Fehler beim Herstellen der Internetverbindung.  19:28:21 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 13:28:34 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 19:28:27 - Fehler beim Herstellen der Internetverbindung.  19:28:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.08.2012 04:21:51 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 10:21:51 - Fehler beim Herstellen der Internetverbindung.  10:21:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.08.2012 04:22:03 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 10:21:56 - Fehler beim Herstellen der Internetverbindung.  10:21:56 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.08.2012 09:14:45 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 15:14:45 - Fehler beim Herstellen der Internetverbindung.  15:14:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 19.08.2012 09:14:56 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 15:14:50 - Fehler beim Herstellen der Internetverbindung.  15:14:50 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 24.08.2012 08:25:50 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:25:50 - Fehler beim Herstellen der Internetverbindung.  14:25:50 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 24.08.2012 08:26:03 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:25:55 - Fehler beim Herstellen der Internetverbindung.  14:25:55 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 17.09.2012 08:55:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 17.09.2012 08:55:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 18.09.2012 05:17:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 18.09.2012 05:17:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 19.09.2012 02:40:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 19.09.2012 02:40:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 20.09.2012 06:14:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 20.09.2012 06:14:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 20.09.2012 07:51:49 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 20.09.2012 07:51:49 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >
         
--- --- ---





Hier die Ergebnisse eines kompletten Antivir Scans:

Warnungen: 17

C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RI1NLBF.incomplete
[WARNUNG] Unerwartetes Dateiende erreicht
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RJ94NUF.incomplete
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RMSE0NH.incomplete
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RR40W8E.incomplete
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Program Files (x86)\WinRAR 3.61 Multi\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
C:\ProgramData\Microsoft\WLSetup\wlt2279.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wlt818A.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wlt8811.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wltB5DF.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wltB977.tmp
[WARNUNG] Der Archivheader ist defekt
C:\Users\Baumkind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BN2IZY4M\Firefox_Setup_14.0.1[1].exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Baumkind\Downloads\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Baumkind\Downloads\avira_free_antivirus_de12001199.exe
[WARNUNG] Die Datei ist kennwortgeschützt



Funde: 0

Fehler: 4

Reaktor 5 5.7.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
Massive 1.3.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
Absynth 5 5.1.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
Object
[WARNUNG] Die Datei konnte nicht gelesen werden!




Hier der gesamte Scan:



Avira Free Antivirus
Erstellungsdatum der Reportdatei: Samstag, 22. September 2012 14:31

Es wird nach 4250776 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Baumkind
Computername : BAUMKIND-MSI

Versionsinformationen:
BUILD.DAT : 12.0.0.1199 40869 Bytes 07.09.2012 22:14:00
AVSCAN.EXE : 12.3.0.33 468472 Bytes 07.09.2012 16:25:55
AVSCAN.DLL : 12.3.0.15 66256 Bytes 07.09.2012 16:26:03
LUKE.DLL : 12.3.0.15 68304 Bytes 07.09.2012 16:25:59
AVSCPLR.DLL : 12.3.0.27 97064 Bytes 07.09.2012 16:25:55
AVREG.DLL : 12.3.0.33 232232 Bytes 07.09.2012 16:25:55
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 16:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 21:22:12
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 21:31:36
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 07:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 20:37:35
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:26:03
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 16:37:27
VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 16:37:27
VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 16:37:27
VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 16:37:27
VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 16:37:27
VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 16:37:27
VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 16:37:27
VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 16:37:27
VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 10:22:24
VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 10:22:24
VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 10:22:25
VBASE017.VDF : 7.11.42.235 141312 Bytes 13.09.2012 10:22:26
VBASE018.VDF : 7.11.43.35 133632 Bytes 15.09.2012 10:22:26
VBASE019.VDF : 7.11.43.89 129024 Bytes 18.09.2012 10:22:26
VBASE020.VDF : 7.11.43.141 130560 Bytes 19.09.2012 10:22:27
VBASE021.VDF : 7.11.43.187 121856 Bytes 21.09.2012 10:22:27
VBASE022.VDF : 7.11.43.188 2048 Bytes 21.09.2012 10:22:27
VBASE023.VDF : 7.11.43.189 2048 Bytes 21.09.2012 10:22:27
VBASE024.VDF : 7.11.43.190 2048 Bytes 21.09.2012 10:22:27
VBASE025.VDF : 7.11.43.191 2048 Bytes 21.09.2012 10:22:28
VBASE026.VDF : 7.11.43.192 2048 Bytes 21.09.2012 10:22:28
VBASE027.VDF : 7.11.43.193 2048 Bytes 21.09.2012 10:22:28
VBASE028.VDF : 7.11.43.194 2048 Bytes 21.09.2012 10:22:28
VBASE029.VDF : 7.11.43.195 2048 Bytes 21.09.2012 10:22:28
VBASE030.VDF : 7.11.43.196 2048 Bytes 21.09.2012 10:22:28
VBASE031.VDF : 7.11.43.222 80896 Bytes 22.09.2012 10:22:28
Engineversion : 8.2.10.164
AEVDF.DLL : 8.1.2.10 102772 Bytes 07.09.2012 16:25:51
AESCRIPT.DLL : 8.1.4.54 459131 Bytes 22.09.2012 10:22:37
AESCN.DLL : 8.1.8.2 131444 Bytes 16.02.2012 14:11:36
AESBX.DLL : 8.2.5.12 606578 Bytes 07.09.2012 16:25:51
AERDL.DLL : 8.1.9.15 639348 Bytes 20.01.2012 21:21:32
AEPACK.DLL : 8.3.0.36 811382 Bytes 22.09.2012 10:22:36
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 07.09.2012 16:25:50
AEHEUR.DLL : 8.1.4.100 5280120 Bytes 22.09.2012 10:22:35
AEHELP.DLL : 8.1.23.2 258422 Bytes 07.09.2012 16:25:49
AEGEN.DLL : 8.1.5.36 434549 Bytes 07.09.2012 16:37:40
AEEXP.DLL : 8.1.0.86 90484 Bytes 07.09.2012 16:37:40
AEEMU.DLL : 8.1.3.2 393587 Bytes 07.09.2012 16:25:49
AECORE.DLL : 8.1.27.4 201078 Bytes 07.09.2012 16:37:40
AEBB.DLL : 8.1.1.0 53618 Bytes 20.01.2012 21:21:28
AVWINLL.DLL : 12.3.0.15 27344 Bytes 07.09.2012 16:25:56
AVPREF.DLL : 12.3.0.15 51920 Bytes 07.09.2012 16:25:55
AVREP.DLL : 12.3.0.15 179208 Bytes 07.09.2012 16:25:55
AVARKT.DLL : 12.3.0.15 211408 Bytes 07.09.2012 16:25:54
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 07.09.2012 16:25:54
SQLITE3.DLL : 3.7.0.1 398288 Bytes 07.09.2012 16:26:01
AVSMTP.DLL : 12.3.0.32 63480 Bytes 07.09.2012 16:25:55
NETNT.DLL : 12.3.0.15 17104 Bytes 07.09.2012 16:25:59
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 07.09.2012 16:26:04
RCTEXT.DLL : 12.3.0.31 100088 Bytes 07.09.2012 16:26:04

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Samstag, 22. September 2012 14:31

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'TeaTimer.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpybotSD.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'mscorsvw.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTPlayerCtrl.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'mediasrv.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'obexsrv.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'VMCService.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'ChargeService.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'MobileConnect.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'YCMMirage.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'THXAudio.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'VGAOCAP.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'KLM.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'Super-Charger.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSIService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'FABS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'devmonsrv.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '41' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3491' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <OS_Install>
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RI1NLBF.incomplete
[WARNUNG] Unerwartetes Dateiende erreicht
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RJ94NUF.incomplete
[0] Archivtyp: ZIP
--> Reaktor 5 5.7.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RMSE0NH.incomplete
[0] Archivtyp: ZIP
--> Massive 1.3.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RR40W8E.incomplete
[0] Archivtyp: ZIP
--> Absynth 5 5.1.1 Setup PC.exe
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Program Files (x86)\WinRAR 3.61 Multi\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
C:\ProgramData\Microsoft\WLSetup\wlt2279.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wlt818A.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wlt8811.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wltB5DF.tmp
[WARNUNG] Der Archivheader ist defekt
C:\ProgramData\Microsoft\WLSetup\wltB977.tmp
[WARNUNG] Der Archivheader ist defekt
C:\Users\Baumkind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BN2IZY4M\Firefox_Setup_14.0.1[1].exe
--> Object
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Baumkind\Downloads\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\Baumkind\Downloads\avira_free_antivirus_de12001199.exe
[WARNUNG] Die Datei ist kennwortgeschützt
Beginne mit der Suche in 'D:\' <Data>


Ende des Suchlaufs: Samstag, 22. September 2012 17:47
Benötigte Zeit: 3:16:28 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

38227 Verzeichnisse wurden überprüft
1341271 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1341271 Dateien ohne Befall
7452 Archive wurden durchsucht
17 Warnungen
0 Hinweise
802220 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden



Weiterer Scan im zweiten Post.

Alt 22.09.2012, 16:04   #2
Baumkind
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Standard

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.



Ah, hier noch meine dxdiag falls sie hilft:

------------------
System Information
------------------
Time of this report: 9/22/2012, 16:36:06
Machine name: BAUMKIND-MSI
Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120503-2030)
Language: German (Regional Setting: German)
System Manufacturer: Micro-Star International Co., Ltd.
System Model: GT70 0NC/GT70 0NC
BIOS: MSI GT70 0NC E1762IMS Ver:1.0C MSI-Notebook
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (8 CPUs), ~2.3GHz
Memory: 8192MB RAM
Available OS Memory: 8088MB RAM
Page File: 4460MB used, 11714MB available
Windows Dir: C:\windows
DirectX Version: DirectX 11
DX Setup Parameters: Not found
User DPI Setting: Using System DPI
System DPI Setting: 120 DPI (125 percent)
DWM DPI Scaling: UnKnown
DxDiag Version: 6.01.7601.17514 32bit Unicode

------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Sound Tab 3: No problems found.
Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: Intel(R) HD Graphics 4000
Manufacturer: Intel Corporation
Chip type: Intel(R) HD Graphics Family
DAC type: Internal
Device Key: Enum\PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09
Display Memory: 1696 MB
Dedicated Memory: 64 MB
Shared Memory: 1632 MB
Current Mode: 1920 x 1080 (32 bit) (59Hz)
Monitor Name: PnP-Monitor (Standard)
Monitor Model: PL2409HD
Monitor Id: IVM560C
Native Mode: 1920 x 1080(p) (60.000Hz)
Output Type: HDMI
Monitor Name: Generic PnP Monitor
Monitor Model: unknown
Monitor Id: CMO1720
Native Mode: 1920 x 1080(p) (60.020Hz)
Output Type: Internal
Driver Name: igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumd32,igd10umd32,igd10umd32
Driver File Version: 8.15.0010.2696 (English)
Driver Version: 8.15.10.2696
DDI Version: 11
Driver Model: WDDM 1.1
Driver Attributes: Final Retail
Driver Date/Size: 3/19/2012 23:31:56, 8087040 bytes
WHQL Logo'd: Yes
WHQL Date Stamp:
Device Identifier: {D7B78E66-4226-11CF-5A7D-C130A9C2C535}
Vendor ID: 0x8086
Device ID: 0x0166
SubSys ID: 0x10CB1462
Revision ID: 0x0009
Driver Strong Name: oem57.inf:IntelGfx.NTamd64.6.0:iIVBM0:8.15.10.2696ci\ven_8086&dev_0166
Rank Of Driver: 00E62001
Video Accel: ModeMPEG2_A ModeMPEG2_C ModeWMV9_C ModeVC1_C
Deinterlace Caps: {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
{BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
D3D9 Overlay: Supported
DXVA-HD: Supported
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled

-------------
Sound Devices
-------------
Description: Lautsprecher (DN-MC6000)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: USB\VID_154E&PID_5013&REV_0504&MI_00
Manufacturer ID: 65535
Product ID: 65535
Type: WDM
Driver Name: USBAUDIO.sys
Driver Version: 6.01.7601.17514 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 11/21/2010 07:23:47, 109696 bytes
Other Files:
Driver Provider: Microsoft
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

Description: PL2409HD (Intel(R) Display Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_80860101&REV_1000
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: IntcDAud.sys
Driver Version: 6.14.0000.3090 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 12/5/2011 23:23:08, 331264 bytes
Other Files:
Driver Provider: Intel(R) Corporation
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

Description: Lautsprecher (Realtek High Definition Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_146210BE&REV_1003
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6549 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 1/10/2012 15:46:30, 4731112 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0xF1F
Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
Description: Mikrofon (DN-MC6000)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: USBAUDIO.sys
Driver Version: 6.01.7601.17514 (English)
Driver Attributes: Final Retail
Date and Size: 11/21/2010 07:23:47, 109696 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

Description: Mikrofon (Realtek High Definition Audio)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.6549 (English)
Driver Attributes: Final Retail
Date and Size: 1/10/2012 15:46:30, 4731112 bytes
Cap Flags: 0x1
Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
Device Name: Maus
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Tastatur
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: G510 Gaming Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC22D
FF Driver: n/a

Device Name: G510 Gaming Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC22D
FF Driver: n/a

Device Name: MSI EPF USB
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x1770, 0xFF00
FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB-Root-Hub
| Vendor/Product ID: 0x8086, 0x1E26
| Matching Device ID: usb\root_hub20
| Service: usbhub
|
+-+ Generic USB Hub
| | Vendor/Product ID: 0x8087, 0x0024
| | Location: Port_#0001.Hub_#0002
| | Matching Device ID: usb\class_09
| | Service: usbhub

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Standardtastatur (PS/2)
| Matching Device ID: *pnp0303
| Service: i8042prt
|
+ HID-Tastatur
| Vendor/Product ID: 0x046D, 0xC22D
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
|
+ Terminalserver-Tastaturtreiber
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ Synaptics PS/2 Port Pointing Device
| Matching Device ID: *pnp0f13
| Upper Filters: SynTP
| Service: i8042prt
|
+ HID-konforme Maus
| Vendor/Product ID: 0x046D, 0xC051
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
|
+ Terminalserver-Maustreiber
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 86.8 GB
Total Space: 421.8 GB
File System: NTFS
Model: Hitachi HTS727575A9E364

Drive: D:
Free Space: 275.6 GB
Total Space: 281.2 GB
File System: NTFS
Model: Hitachi HTS727575A9E364

Drive: E:
Model: TSSTcorp DVDWBD TS-LB23D
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), , 0 bytes

--------------
System Devices
--------------
Name: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_10BE1462&REV_04\3&11583659&1&FB
Driver: n/a

Name: 3rd Gen Core processor DRAM Controller - 0154
Device ID: PCI\VEN_8086&DEV_0154&SUBSYS_10BE1462&REV_09\3&11583659&1&00
Driver: n/a

Name: High Definition Audio-Controller
Device ID: PCI\VEN_8086&DEV_1E20&SUBSYS_10BE1462&REV_04\3&11583659&1&D8
Driver: n/a

Name: Xeon(R) processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151
Device ID: PCI\VEN_8086&DEV_0151&SUBSYS_10BE1462&REV_09\3&11583659&1&08
Driver: n/a

Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18
Device ID: PCI\VEN_8086&DEV_1E18&SUBSYS_10BE1462&REV_C4\3&11583659&1&E4
Driver: n/a

Name: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Device ID: PCI\VEN_1969&DEV_E091&SUBSYS_10BE1462&REV_13\4&1B833DA3&0&00E0
Driver: n/a

Name: Intel(R) HM77 Express Chipset LPC Controller - 1E57
Device ID: PCI\VEN_8086&DEV_1E57&SUBSYS_10BE1462&REV_04\3&11583659&1&F8
Driver: n/a

Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 3 - 1E14
Device ID: PCI\VEN_8086&DEV_1E14&SUBSYS_10BE1462&REV_C4\3&11583659&1&E2
Driver: n/a

Name: SDA-Standard konformer SD-Hostcontroller
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10BE1462&REV_01\4&2A555E0E&0&01E4
Driver: n/a

Name: Intel(R) Management Engine Interface
Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_10BE1462&REV_04\3&11583659&1&B0
Driver: n/a

Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Device ID: PCI\VEN_8086&DEV_1E10&SUBSYS_10BE1462&REV_C4\3&11583659&1&E0
Driver: n/a

Name: Realtek PCIE CardReader
Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10BE1462&REV_01\4&2A555E0E&0&00E4
Driver: n/a

Name: Intel(R) USB 3.0 eXtensible-Hostcontroller
Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_10BE1462&REV_04\3&11583659&1&A0
Driver: n/a

Name: Intel(R) 7 Series Chipset Family SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_1E03&SUBSYS_10BE1462&REV_04\3&11583659&1&FA
Driver: n/a

Name: NVIDIA GeForce GTX 670M
Device ID: PCI\VEN_10DE&DEV_1213&SUBSYS_10CB1462&REV_A1\4&5435C8C&0&0008
Driver: n/a

Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Device ID: PCI\VEN_8086&DEV_1E2D&SUBSYS_10BE1462&REV_04\3&11583659&1&D0
Driver: n/a

Name: Intel(R) Centrino(R) Wireless-N 2230
Device ID: PCI\VEN_8086&DEV_0887&SUBSYS_40628086&REV_C4\4&3AB831D&0&00E2
Driver: n/a

Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Device ID: PCI\VEN_8086&DEV_1E26&SUBSYS_10BE1462&REV_04\3&11583659&1&E8
Driver: n/a

Name: Intel(R) HD Graphics 4000
Device ID: PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09\3&11583659&1&10
Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.17514
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
HH Video Step Renderer,0x00200000,1,0,hhvrend2.ax,1.00.0000.0000
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728
Record Queue,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,16.04.3503.0728
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,16.04.3503.0728
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.17713
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514
Video Memory Render Filter,0x00200000,1,0,VideoMemoryRenderFilter.ax,
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.17713
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.17713
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.17713
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.17713
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.17713
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.17713
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7601.17835
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.17713
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.17713
File Writer,0x00200000,1,0,WLXVAFilt.dll,16.04.3503.0728
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514
File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.17835
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7601.17835
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7601.17713
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.17514
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.17514
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7601.17835
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.17713
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.17713
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.17713
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.17713
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.17713
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.17514
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.17713
IL FL Studio DXi,0x00200000,1,1,FLSTUD~2.DLL,1.00.0013.0000
IL Multi FL Studio DXi,0x00200000,1,1,FLSTUD~1.DLL,1.00.0013.0000

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.17713
Cinepak Codec von Radius,0x00200000,1,1,qcap.dll,6.06.7601.17514
Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7601.17514
Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7601.17514

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
PCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode1),0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode2),0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode3),0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode1+),0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode2+),0x00200000,1,1,quartz.dll,6.06.7601.17713
Ogg Vorbis (mode3+),0x00200000,1,1,quartz.dll,6.06.7601.17713
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.17713
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.17713

Audio Capture Sources:
Mikrofon (DN-MC6000),0x00200000,0,0,qcap.dll,6.06.7601.17514
Mikrofon (Realtek High Definiti,0x00200000,0,0,qcap.dll,6.06.7601.17514

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
DN-MC6000,0x00200000,1,0,quartz.dll,6.06.7601.17713
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.17713

WDM Streaming Capture Devices:
Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
CyberLink Webcam Splitter,0x00200000,0,1,ksproxy.ax,6.01.7601.17514
DN-MC6000,0x00200000,4,4,ksproxy.ax,6.01.7601.17514
BisonCam, NB Pro,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Intel(R) Display Audio Output 1,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
DN-MC6000,0x00200000,4,4,ksproxy.ax,6.01.7601.17514

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514

Video Capture Sources:
CyberLink Webcam Splitter,0x00200000,0,1,ksproxy.ax,6.01.7601.17514
BisonCam, NB Pro,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Audio Renderers:
Lautsprecher (DN-MC6000),0x00200000,1,0,quartz.dll,6.06.7601.17713
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Lautsprecher (DN-MC6000),0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Lautsprecher (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: PL2409HD (Intel(R) Display Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713
Lautsprecher (Realtek High Defi,0x00200000,1,0,quartz.dll,6.06.7601.17713
PL2409HD (Intel(R) Display Audi,0x00200000,1,0,quartz.dll,6.06.7601.17713

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
Quality Flags: 2576
Enabled:
Force throttling
Allow half deinterlace
Allow scaling
Decode Power Usage: 100
Balanced Flags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 50
PowerFlags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 0




Werde jetzt gleich noch Malwarebyte und Spybot durchlaufen lassen... Wenn irgendwie möglich würde ich gerne ein Neuaufsetzen des Laptops verhindern, da ich ihn in Kürze für einen DJ Auftritt benötige und mir ungerne sämtliche Einstellungen über den Haufen schießen möchte...

Wenn ihr noch irgendwelche Informatinonen braucht, sagt einfach bescheit!
Bedanke mich schon mal im Vorraus für jegliche Hilfe, bin grade mehr oder weniger am verzweifeln.

Mit freundlichen Grüßen

Baumkind / Lukas
__________________


Alt 27.09.2012, 14:44   #3
t'john
/// Helfer-Team
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Standard

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.





Leider hast du durch deine Antwort dein Thema vergraben.
Ist das Problem noch aktuell?
__________________
__________________

Alt 27.09.2012, 21:19   #4
Baumkind
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Standard

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.



Also, das Problem mit der IP besteht noch, allerdings habe ich eine Mögliche Erklärung gefunden. Da ich zur Zeit in einem Wohngebiet in Moskau wohne, vermute ich dass meine IP vom Hauptrouter des Gebietes erkannt wird, da meines Wissens alles über den geroutet ist, kann aber sein dass ich mich täusche.

Virenscans mit sämtlichen Programmen haben nichts ergeben, vermute also mal, dass mein PC noch in Ordnung ist.

Hätte aber eine andere Frage, welche mich eigentlich erst auf das IP Problem gebracht hat. Wollte mit ein paar Freunden Torchlight 2 spielen, allerdings habe ich das Problem, dass mir kein Spieler joinen kann und ich andersherum auch niemandem joinen kann. Ich habe eine fest zugewiesene IP-Adresse und den benötigten Port geforwarded.
Trotzdem will mich mein Router oder was auch immer einfach nicht connecten lassen. Hier mal die Log-Daten meines letzten Connects:

[18:16:44] Open logfile: [Torchlight2] on [2012.09.22] at [18:16:44]
[18:16:44] Generic Game pointer: 0C587800

[18:16:44] Generic DRM initialized
[18:16:45] Generic Initializing root

[18:16:45] Generic Creating Sound Manager

[18:16:45] Generic Reading in manifest file: PAKS/DATA.PAK.MAN

[18:16:47] Generic Creating Sound Manager

[18:16:47] Generic Running Configuration

[18:16:48] Generic Getting custom attribute from window

[18:16:48] Generic Choosing Scene Manager.

[18:16:48] Generic Creating Camera

[18:16:48] Generic Creating Viewports.

[18:16:48] Generic Resizing window.

[18:16:48] Generic Setting default mipmaps.

[18:16:48] Generic Creating frame listeners.

[18:16:48] Generic geting custom window attribute.

[18:16:48] Generic Adding window event listener.

[18:16:48] Generic Adding window listener.

[18:16:48] Generic Creating Game Client.

[18:16:49] Generic Creating materials

[18:16:49] Net WARNING Net error reading UDP message. 10009: Das angegebene Dateihandle ist ungültig.
[18:17:29] Lobby Attempting to connect to lobby server at [66.151.133.120:4549]
[18:17:29] Net Attempt to connect to server at [66.151.133.120:4549]
[18:17:29] Net Client 1 successfully connected.
[18:17:29] Net Connected to client 1, sending NetConnectMsg.
[18:17:30] Net Client 1 received NetConnectOkMsg with key 00000000.
[18:17:30] Lobby Lobby server set my key to 02621b85
[18:17:30] Net Attempting to set up UPnP port forwarding.
[18:17:31] Net Got port mapping change callback, looking for our mapping...
[18:17:32] Lobby Making NAT test connection to 66.151.133.115:4175
[18:17:32] Net Test connection starting...
[18:17:32] Net Created new UDP client 100 for remote endpoint 66.151.133.115:4175.
[18:17:32] Net Client 100 attempting connection...
[18:17:32] Lobby FRIENDS: clearing friends list
[18:17:32] Lobby FRIENDS: incremented friends version to 1
[18:17:32] Lobby FRIENDS: Received friend Mantt(728889), flags 03
[18:17:32] Lobby FRIENDS: incremented friends version to 2
[18:17:32] Lobby FRIENDS: Received friend Bazigeddon(729984), flags 03
[18:17:32] Lobby FRIENDS: incremented friends version to 3
[18:17:32] Lobby FRIENDS: Received friend maxilo75(805872), flags 13
[18:17:32] Lobby FRIENDS: incremented friends version to 4
[18:17:32] Generic FRIENDS: UI has 0 entries, updated to version 4.
[18:17:32] Generic FRIENDS: UI has 3 entries, updated to version 4.
[18:17:38] Net Inactivity of 6.01 > timeout of 20.00, disconnecting client 100.
[18:17:38] Net Client 100 added to disconnection list.
[18:17:38] Net Test connection failed.
[18:17:39] Net Found NAT IGD Name:"DLink ADSL Router" Desc:"DLink single-chip ADSL router" Brand:"DLink" Model:"DSL-2500U" Model#:"340804"
[18:17:39] Net Adding UPnP port mapping for UDP/4171 to 192.168.1.3:4171
[18:17:40] Net Successfully initialized UPnP COM objects.
[18:17:45] Net Got port mapping change callback, looking for our mapping...
[18:17:50] Generic FRIENDS: UI has 3 entries, updated to version 4.
[18:17:50] Generic FRIENDS: UI has 0 entries, updated to version 4.
[18:17:50] Generic FRIENDS: UI has 3 entries, updated to version 4.
[18:17:50] Generic FRIENDS: UI has 0 entries, updated to version 4.
[18:17:52] Net WARNING CClientConnectController::update got state 0 from PeerManager.
[18:17:52] Lobby Requesting the LobbyServer connect us to peer 020d9b65
[18:17:53] Lobby Lobby server said to connect to peer 020d9b65
[18:17:53] Net Recieved AttemptConnect message for public:83.237.228.248:4006 private:192.168.1.24:4006 makeClient=true
[18:17:53] Net Created new UDP client 101 for remote endpoint 83.237.228.248:4006.
[18:17:53] Net Client 101 attempting connection...
[18:17:53] Net Created new UDP client 102 for remote endpoint 192.168.1.24:4006.
[18:17:53] Net Client 102 attempting connection...
[18:18:02] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 101.
[18:18:02] Net Client 101 added to disconnection list.
[18:18:02] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 102.
[18:18:02] Net Failed outbound connections to 020d9b65, starting wait for back-connect or relay...
[18:18:02] Net Client 102 added to disconnection list.
[18:18:02] Net Calling disconnect callback for client 102.
[18:18:02] Net Client 102 (key 00000000) has disconnected. Current owner is -1.
[18:18:02] Net Deleting client 102.
[18:18:02] Lobby Lobby server said to relay-connect to peer 020d9b65
[18:18:02] Net Created new UDP client 103 for remote endpoint 66.151.133.115:4171.
[18:18:02] Net Created new UDP client 104 for remote endpoint 0.0.0.0:0.
[18:18:02] Net Client 104 attempting connection...
[18:18:06] Net Calling PeerManager:isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME
[18:18:06] Net NetManager:isconnect: sending Disconnect Message to All.
[18:18:06] Net NetManager::Close()
[18:18:06] Net Client 103 sending Close message.
[18:18:06] Net Client 104 sending Close message.
[18:18:06] Net Calling PeerManager:isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME
[18:18:06] Net NetManager:isconnect: sending Disconnect Message to All.
[18:18:06] Net NetManager::Close()
[18:18:06] Net WARNING CClientConnectController::update got state 0 from PeerManager.
[18:18:21] Lobby FRIENDS: Updating known friend Mantt(728889), flags 13
[18:18:21] Lobby FRIENDS: incremented friends version to 5
[18:18:21] Generic FRIENDS: UI has 0 entries, updated to version 5.
[18:18:21] Generic FRIENDS: UI has 3 entries, updated to version 5.
[18:18:44] Net WARNING CClientConnectController::update got state 0 from PeerManager.
[18:18:44] Lobby Requesting the LobbyServer connect us to peer 020d9b65
[18:18:44] Lobby Lobby server said to connect to peer 020d9b65
[18:18:44] Net Recieved AttemptConnect message for public:83.237.228.248:4006 private:192.168.1.24:4006 makeClient=true
[18:18:44] Net Created new UDP client 105 for remote endpoint 83.237.228.248:4006.
[18:18:44] Net Client 105 attempting connection...
[18:18:44] Net Created new UDP client 106 for remote endpoint 192.168.1.24:4006.
[18:18:44] Net Client 106 attempting connection...
[18:18:54] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 105.
[18:18:54] Net Client 105 added to disconnection list.
[18:18:54] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 106.
[18:18:54] Net Client 106 added to disconnection list.
[18:18:54] Net Calling disconnect callback for client 106.
[18:18:54] Net Client 106 (key 00000000) has disconnected. Current owner is -1.
[18:18:54] Net Deleting client 106.
[18:18:54] Net Calling PeerManager:isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME
[18:18:54] Net NetManager:isconnect: sending Disconnect Message to All.
[18:18:54] Net NetManager::Close()
[18:18:54] Net Calling PeerManager:isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME
[18:18:54] Net NetManager:isconnect: sending Disconnect Message to All.
[18:18:54] Net NetManager::Close()
[18:18:54] Net WARNING CClientConnectController::update got state 0 from PeerManager.
[18:19:03] Net NetManager:isconnect: sending Disconnect Message to All.
[18:19:03] Net Shutting down TCP client, reason: End of file
[18:19:03] Net TCPNetManager::Close()
[18:19:04] Net WARNING BufferPool clearing with 25 messages (9229 bytes) outstanding. Highest allocation count was 10389.


Mir konnte bei diesem Problem leider bis jetzt niemand helfen, die Tipps des Torchlight Supports haben nichts bewirkt (UPnP aktivieren (war schon an), den UDP Port im local_settings.txt file ändern). Bin mir zur Zeit nicht sicher ob ich die aktuellste Firmware auf meinem Router habe, muss ich gleich noch schnell checken... wäre das letzte was mir als Problemverursacher einfallen würde...

Mfg
Lukas / Baumkind

Alt 27.09.2012, 21:26   #5
t'john
/// Helfer-Team
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Standard

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.



Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 4 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern mede dies bitte.

1. Schritt

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
  • Der Fix fängt mit :OTL an. Vergewissere dich, dass du ihn richtig kopiert hast.


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} 
IE:64bit: - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox 
IE - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} 
IE - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} 
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
FF - prefs.js..browser.startup.homepage: "www.google.de" 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O7 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun 
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun 
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun 
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe 
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun 
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe 
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun 
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun 
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun 
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun 
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe 
O33 - MountPoints2\H\Shell - "" = AutoRun 
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe 
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] 
[2012.08.31 17:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml 
[2012.08.31 17:29:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml 
[2012.08.31 17:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml 
[2012.08.31 17:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml 
[2012.08.31 17:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml 
[2012.08.31 17:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml 
:Files
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Baumkind\*.tmp
C:\Users\Baumkind\AppData\Local\{*}
C:\Users\Baumkind\AppData\Local\Temp\*.exe
C:\Users\Baumkind\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!



2. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

3. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.



4. Schritt
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

__________________
Mfg, t'john
Das TB unterstützen

Alt 13.11.2012, 21:43   #6
t'john
/// Helfer-Team
 
79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Standard

79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
--> 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.

Antwort

Themen zu 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.
antivir, avira, bho, bonjour, converter, desktop, error, fehler, firefox, flash player, google, helper, home, install.exe, ip-adresse, logfile, mozilla, mp3, msvcrt, nvidia update, nvpciflt.sys, problem, programm, realtek, recycle.bin, registry, root kit, safer networking, scan, software, spambot, spark, teamspeak, usb, usb 3.0, vodafone, windows, wscript.exe



Ähnliche Themen: 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.


  1. All Programmen und Dateien sind verschlüsselt in einer Datie von 62 Gb mit mail adresse prosschiff@gmail.com_.crypt
    Log-Analyse und Auswertung - 13.09.2015 (3)
  2. Yahoo Account versendet Spam Mails unter .com Adresse
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (7)
  3. FF wird im Netz als Opera erkannt und als nicht funktionierend angegeben
    Plagegeister aller Art und deren Bekämpfung - 28.09.2014 (17)
  4. Link angeklickt der von einer gehackten EMail Adresse kam und auf dann auf Seite mit Werbung weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 15.09.2014 (9)
  5. Avira erkennt Viren nach öffnen einer falschen Telekom-Email
    Log-Analyse und Auswertung - 18.06.2014 (11)
  6. falsche IP Adresse ? werde ich ausspioniert?
    Alles rund um Windows - 22.05.2014 (1)
  7. Windows Vista: Zip Anhang einer Email von einer falschen Rechnung geöffnet-Angst vor Virus
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (5)
  8. ständig Fehlermeldung: der Zugang zu einer potenziell gefährlichen Webseite wurde geblockt,...
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (23)
  9. werde von Suchmaschine zu willkürlich falschen Seiten geleitet
    Log-Analyse und Auswertung - 27.03.2013 (14)
  10. GMX verschickt spam links in meinem Namen (unter flascher Adresse)
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (0)
  11. mediashiftingproblem: Suchmaschinenegebnisse leiten zur falschen Adresse --> http://95p.com/?search=
    Plagegeister aller Art und deren Bekämpfung - 16.01.2012 (10)
  12. Hotmail schickt Spam an Kontakte unter meiner Adresse
    Mülltonne - 04.05.2011 (1)
  13. Mein PC wird immer von einer Ip-adresse angegriffen!
    Log-Analyse und Auswertung - 25.06.2010 (6)
  14. Alle Programme unter Windows 7 werden geblockt
    Log-Analyse und Auswertung - 07.05.2010 (1)
  15. Intensive Port Scans von nur einer IP Adresse
    Plagegeister aller Art und deren Bekämpfung - 05.09.2006 (5)
  16. Werde ständig aus dem Netz geschmissen (Dialerwarnung) Bitte LogFile überprüfen. :-)
    Log-Analyse und Auswertung - 02.04.2005 (1)
  17. Radeonfx.exe unter XP überträgt irgendwelche Daten ins Netz
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (2)

Zum Thema 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. - Hi Leute! Habe seit gestern ein Problem mit meiner IP-Adresse. Habe wegen eines Spiels (namentlich: Torchlight 2) ein paar Ports aufgemacht, da ich keine Möglichkeit hatte eine Connection zu anderen - 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt....
Archiv
Du betrachtest: 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.