Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Games minimieren sich in Taskleiste

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.11.2012, 11:13   #1
KgB2305
 
Games minimieren sich in Taskleiste - Standard

Games minimieren sich in Taskleiste



hallo an alle

ich habe das problem das sich viele meiner Games (BF3 crysis, crysis2) bei mir immer nach ein paar min in die taskleiste minimiert und nur durch den task manager geschlossen werden kann.
ich habe so absolut ka woran dies liegen kann

es laufen keine hintergrundprogramme (nur standart windows tasks)
virenprogramm (nod32) schon deaktiviert und auch wenn es deinstalliert ist kein erfolg
spiel ist von steam bzw. Origin also auch neueste patches drauf (schon neu installiert)

mein system
asus p67 extrem6
nvidia 660gtx ti amp edition
intel 2550k
16Gb arbeitsspeicher

habt ihr ideen was ich noch versuchen kann?


Hier die OTL.txt
Code:
ATTFilter
OTL logfile created on: 28.11.2012 11:06:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KgB\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,75 Gb Available Physical Memory | 86,04% Memory free
31,96 Gb Paging File | 29,50 Gb Available in Paging File | 92,28% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,47 Gb Total Space | 199,99 Gb Free Space | 89,49% Space Free | Partition Type: NTFS
Drive D: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,51 Gb Total Space | 761,86 Gb Free Space | 81,79% Space Free | Partition Type: NTFS
 
Computer Name: KGB-GAMING | User Name: KgB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.28 11:05:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KgB\Desktop\OTL.exe
PRC - [2012.11.28 10:37:12 | 000,280,904 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.11.28 10:17:12 | 000,541,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012.11.27 22:29:26 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.27 20:54:51 | 003,389,080 | ---- | M] (Electronic Arts) -- E:\Games\Origin\Origin.exe
PRC - [2012.11.22 14:22:41 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012.11.22 12:39:15 | 001,353,080 | ---- | M] (Valve Corporation) -- E:\Games\Steam\Steam.exe
PRC - [2012.11.20 07:16:04 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.11.18 17:26:30 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.11.18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.17 00:11:06 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.07.24 01:33:52 | 000,485,176 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\Applets\LCDWebCam.exe
PRC - [2012.07.24 01:33:28 | 000,835,896 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\Applets\LCDMovieViewer.exe
PRC - [2012.07.24 01:33:22 | 000,661,304 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2012.04.26 13:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.28 10:17:21 | 000,835,072 | ---- | M] () -- E:\Games\Steam\sdl.dll
MOD - [2012.11.28 10:17:11 | 020,319,568 | ---- | M] () -- E:\Games\Steam\bin\libcef.dll
MOD - [2012.11.28 10:17:08 | 000,965,616 | ---- | M] () -- E:\Games\Steam\bin\chromehtml.dll
MOD - [2012.11.28 10:17:07 | 001,099,616 | ---- | M] () -- E:\Games\Steam\bin\avcodec-53.dll
MOD - [2012.11.28 10:17:07 | 000,190,816 | ---- | M] () -- E:\Games\Steam\bin\avformat-53.dll
MOD - [2012.11.28 10:17:07 | 000,123,232 | ---- | M] () -- E:\Games\Steam\bin\avutil-51.dll
MOD - [2012.11.22 14:22:41 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012.11.20 07:16:18 | 002,400,224 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.11.17 00:10:49 | 000,021,984 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
MOD - [2012.11.17 00:10:48 | 000,157,664 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
MOD - [2012.11.17 00:10:44 | 002,240,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2012.05.07 17:55:40 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.28 10:37:12 | 000,280,904 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.11.28 10:17:12 | 000,541,168 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.11.27 22:29:26 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.22 14:22:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.20 07:16:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.18 17:26:30 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.11.22 12:22:50 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012.03.14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012.03.14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.08 13:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.02.08 13:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.01 04:35:06 | 000,302,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.06.23 17:10:56 | 000,344,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.11.24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.01 19:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7F 4B 4B AB A0 C8 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.11.24 18:17:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.22 12:01:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.22 12:35:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.11.24 18:17:31 | 000,000,000 | ---D | M]
 
[2012.11.22 12:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KgB\AppData\Roaming\mozilla\Extensions
[2012.11.22 12:01:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.20 07:17:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.20 08:13:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.20 08:13:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 08:13:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 08:13:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.20 08:13:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 08:13:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [Steam] E:\Games\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECBC8026-61D8-4B7A-A11D-6CDDCDE1BBAA}: DhcpNameServer = 212.186.211.21 195.34.133.21
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.15 20:39:51 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3ba2dbc9-3490-11e2-9428-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3ba2dbc9-3490-11e2-9428-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2009.07.15 20:39:51 | 000,106,760 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.28 11:05:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\KgB\Desktop\OTL.exe
[2012.11.28 00:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA 3D Vision driver
[2012.11.28 00:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012.11.27 23:33:59 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Malwarebytes
[2012.11.27 23:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.27 23:11:13 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\PunkBuster
[2012.11.27 23:11:10 | 000,000,000 | ---D | C] -- C:\Users\KgB\Documents\Battlefield 3
[2012.11.27 23:10:49 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\ESN
[2012.11.27 23:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012.11.27 23:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012.11.27 22:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2012.11.27 22:29:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012.11.27 20:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012.11.27 20:55:42 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Origin
[2012.11.27 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Origin
[2012.11.27 20:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012.11.27 20:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.11.27 14:47:02 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Adobe
[2012.11.27 14:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.11.27 14:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.11.27 14:43:04 | 000,237,568 | ---- | C] (www.CompulsiveCode.com) -- C:\Users\KgB\Desktop\JPEGtoPDF37.exe
[2012.11.27 14:36:22 | 000,000,000 | ---D | C] -- C:\Users\KgB\Documents\Zeta Producer 11
[2012.11.27 14:36:17 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zeta Producer 11
[2012.11.27 14:36:03 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Zeta Producer 11
[2012.11.27 11:05:36 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Geckofx
[2012.11.27 11:05:32 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Firefly Studios
[2012.11.27 11:05:31 | 000,000,000 | ---D | C] -- C:\Users\KgB\Documents\Stronghold Kingdoms
[2012.11.26 23:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012.11.26 23:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012.11.25 12:40:51 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.11.25 12:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.11.25 12:40:50 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Notepad++
[2012.11.25 12:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012.11.24 18:20:02 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\KgB\Desktop\HijackThis.exe
[2012.11.24 18:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.11.24 18:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.11.24 18:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.11.24 17:17:18 | 000,000,000 | RH-D | C] -- C:\Users\KgB\AppData\Roaming\SecuROM
[2012.11.24 17:17:15 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\GameSpy
[2012.11.24 17:17:14 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\ApplicationHistory
[2012.11.24 17:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
[2012.11.24 17:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy
[2012.11.24 17:16:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2012.11.22 15:09:31 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\FileZilla
[2012.11.22 15:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2012.11.22 15:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2012.11.22 14:29:52 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Macromedia
[2012.11.22 14:25:22 | 000,000,000 | ---D | C] -- C:\Users\KgB\Documents\My Games
[2012.11.22 14:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2012.11.22 14:25:15 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.11.22 14:22:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.11.22 13:52:58 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\SKIDROW
[2012.11.22 13:20:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.11.22 13:20:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.11.22 13:16:34 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.11.22 13:16:31 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.11.22 13:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.11.22 13:06:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.11.22 13:06:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.11.22 13:06:45 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\FalNET
[2012.11.22 13:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FalNET G19 Display Manager
[2012.11.22 13:06:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FalNET G19 Display Manager
[2012.11.22 13:03:20 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Logitech
[2012.11.22 12:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012.11.22 12:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2012.11.22 12:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012.11.22 12:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.11.22 12:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012.11.22 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Thunderbird
[2012.11.22 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Thunderbird
[2012.11.22 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.11.22 12:29:51 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\NVIDIA
[2012.11.22 12:27:37 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\logs
[2012.11.22 12:27:37 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\.techniclauncher
[2012.11.22 12:26:53 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Logitech
[2012.11.22 12:26:53 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Logishrd
[2012.11.22 12:26:40 | 000,059,392 | ---- | C] (Technic) -- C:\Users\KgB\Desktop\TechnicLauncher.exe
[2012.11.22 12:24:32 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\TS3Client
[2012.11.22 12:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
[2012.11.22 12:22:50 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.11.22 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\DAEMON Tools Pro
[2012.11.22 12:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2012.11.22 12:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2012.11.22 12:19:36 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\WinRAR
[2012.11.22 12:19:36 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.22 12:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.22 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.11.22 12:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.11.22 12:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.11.22 12:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012.11.22 12:03:25 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.11.22 12:01:50 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Mozilla
[2012.11.22 12:01:50 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Mozilla
[2012.11.22 12:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.22 12:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.22 12:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.22 12:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012.11.22 11:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.11.22 11:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.11.22 11:56:17 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.11.22 11:56:17 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.11.22 11:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.11.22 11:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.11.22 11:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.11.22 11:55:44 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.11.22 11:54:12 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Macromedia
[2012.11.22 11:54:12 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Adobe
[2012.11.22 11:54:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.11.22 11:54:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.22 11:50:10 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Intel Corporation
[2012.11.22 11:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.11.22 11:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.11.22 11:46:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.11.22 11:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.11.22 11:46:14 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.11.22 11:46:14 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.11.22 11:46:14 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.11.22 11:46:14 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.11.22 11:46:14 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.11.22 11:46:14 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.11.22 11:46:14 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.11.22 11:46:14 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.11.22 11:46:14 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.11.22 11:46:14 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.11.22 11:46:14 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.11.22 11:46:13 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.11.22 11:46:13 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.11.22 11:46:13 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.11.22 11:46:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.11.22 11:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.11.22 11:45:32 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.11.22 11:45:09 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2012.11.22 11:45:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2012.11.22 11:44:28 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\InstallShield
[2012.11.22 11:43:19 | 000,344,680 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.11.22 11:43:16 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.11.22 11:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.11.22 11:41:13 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.11.22 11:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.11.22 11:41:08 | 000,000,000 | ---D | C] -- C:\Intel
[2012.11.22 11:38:31 | 000,000,000 | R--D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.11.22 11:38:31 | 000,000,000 | R--D | C] -- C:\Users\KgB\Searches
[2012.11.22 11:38:31 | 000,000,000 | R--D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.11.22 11:38:25 | 000,000,000 | R--D | C] -- C:\Users\KgB\Contacts
[2012.11.22 11:38:25 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Identities
[2012.11.22 11:38:24 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\VirtualStore
[2012.11.22 11:38:22 | 000,000,000 | --SD | C] -- C:\Users\KgB\AppData\Roaming\Microsoft
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Videos
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Saved Games
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Pictures
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Music
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Links
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Favorites
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Downloads
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Documents
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\Desktop
[2012.11.22 11:38:22 | 000,000,000 | R--D | C] -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Vorlagen
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\AppData\Local\Verlauf
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\AppData\Local\Temporary Internet Files
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Startmenü
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\SendTo
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Recent
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Netzwerkumgebung
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Lokale Einstellungen
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Documents\Eigene Videos
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Documents\Eigene Musik
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Eigene Dateien
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Documents\Eigene Bilder
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Druckumgebung
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Cookies
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\AppData\Local\Anwendungsdaten
[2012.11.22 11:38:22 | 000,000,000 | -HSD | C] -- C:\Users\KgB\Anwendungsdaten
[2012.11.22 11:38:22 | 000,000,000 | -H-D | C] -- C:\Users\KgB\AppData
[2012.11.22 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Temp
[2012.11.22 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Local\Microsoft
[2012.11.22 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\KgB\AppData\Roaming\Media Center Programs
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.11.22 11:38:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.11.22 11:38:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.11.22 11:34:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.11.22 11:34:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.22 11:34:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.11.22 11:14:16 | 000,000,000 | ---D | C] -- C:\JDownloader
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.28 11:05:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KgB\Desktop\OTL.exe
[2012.11.28 11:04:57 | 000,050,477 | ---- | M] () -- C:\Users\KgB\Desktop\Defogger.exe
[2012.11.28 10:55:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.28 10:40:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.28 10:40:31 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.28 10:39:13 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.28 10:39:13 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.28 10:39:13 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.28 10:39:13 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.28 10:39:13 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.28 10:37:12 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.11.28 10:37:12 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.28 10:33:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.28 00:04:07 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.11.27 22:29:47 | 000,000,650 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012.11.27 22:29:26 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.27 20:51:27 | 000,000,622 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.11.27 18:25:01 | 000,006,535 | ---- | M] () -- C:\Users\KgB\Desktop\tekkit customizer.yml
[2012.11.27 15:29:47 | 001,737,318 | ---- | M] () -- C:\Users\KgB\Desktop\2012-11-27_15.29.47.png
[2012.11.27 14:46:59 | 002,335,695 | ---- | M] () -- C:\Users\KgB\Desktop\urlaubsantrag.PDF
[2012.11.27 14:43:04 | 000,237,568 | ---- | M] (www.CompulsiveCode.com) -- C:\Users\KgB\Desktop\JPEGtoPDF37.exe
[2012.11.27 14:36:17 | 000,001,249 | ---- | M] () -- C:\Users\KgB\Desktop\Zeta Producer 11.lnk
[2012.11.27 10:40:23 | 000,000,600 | ---- | M] () -- C:\Users\KgB\AppData\Local\PUTTY.RND
[2012.11.24 18:34:41 | 000,270,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.24 18:20:04 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\KgB\Desktop\HijackThis.exe
[2012.11.24 17:17:14 | 000,000,091 | ---- | M] () -- C:\Users\KgB\AppData\Local\fusioncache.dat
[2012.11.24 17:16:45 | 001,553,234 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.24 17:15:53 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.11.22 21:12:34 | 000,000,017 | ---- | M] () -- C:\Users\KgB\AppData\Local\resmon.resmoncfg
[2012.11.22 12:27:39 | 000,583,306 | ---- | M] () -- C:\Users\KgB\AppData\Roaming\technic-launcher.jar
[2012.11.22 12:26:40 | 000,059,392 | ---- | M] (Technic) -- C:\Users\KgB\Desktop\TechnicLauncher.exe
[2012.11.22 12:22:50 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.11.22 12:14:50 | 000,000,985 | ---- | M] () -- C:\Users\KgB\Desktop\JDownloader - Verknüpfung.lnk
[2012.11.22 12:13:20 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.11.22 12:13:20 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.11.22 12:11:35 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.11.22 12:01:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.22 11:37:20 | 000,053,911 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.11.22 11:37:20 | 000,053,911 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.11.22 11:35:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.18 17:26:30 | 000,014,446 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.11.18 14:09:47 | 003,603,786 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
 
========== Files Created - No Company Name ==========
 
[2012.11.28 11:04:57 | 000,050,477 | ---- | C] () -- C:\Users\KgB\Desktop\Defogger.exe
[2012.11.27 23:11:17 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.11.27 22:29:47 | 000,000,650 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012.11.27 20:51:27 | 000,000,622 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.11.27 18:25:00 | 000,006,535 | ---- | C] () -- C:\Users\KgB\Desktop\tekkit customizer.yml
[2012.11.27 15:29:47 | 001,737,318 | ---- | C] () -- C:\Users\KgB\Desktop\2012-11-27_15.29.47.png
[2012.11.27 14:46:59 | 002,335,695 | ---- | C] () -- C:\Users\KgB\Desktop\urlaubsantrag.PDF
[2012.11.27 14:44:23 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.11.27 14:36:17 | 000,001,257 | ---- | C] () -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zeta Producer 11.lnk
[2012.11.27 14:36:17 | 000,001,249 | ---- | C] () -- C:\Users\KgB\Desktop\Zeta Producer 11.lnk
[2012.11.25 13:43:36 | 000,000,600 | ---- | C] () -- C:\Users\KgB\AppData\Local\PUTTY.RND
[2012.11.24 17:17:14 | 000,000,091 | ---- | C] () -- C:\Users\KgB\AppData\Local\fusioncache.dat
[2012.11.24 17:16:44 | 001,553,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.24 17:15:54 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.24 17:15:54 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.11.24 17:15:53 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.11.24 17:15:53 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.22 21:12:34 | 000,000,017 | ---- | C] () -- C:\Users\KgB\AppData\Local\resmon.resmoncfg
[2012.11.22 13:16:48 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012.11.22 13:16:44 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.11.22 13:16:29 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.11.22 13:16:27 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.11.22 13:16:27 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.11.22 13:16:25 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012.11.22 13:16:25 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.11.22 12:35:02 | 000,002,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.11.22 12:27:37 | 000,583,306 | ---- | C] () -- C:\Users\KgB\AppData\Roaming\technic-launcher.jar
[2012.11.22 12:23:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.22 12:14:49 | 000,000,985 | ---- | C] () -- C:\Users\KgB\Desktop\JDownloader - Verknüpfung.lnk
[2012.11.22 12:13:20 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.11.22 12:13:20 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.11.22 12:11:35 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.11.22 12:09:01 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.22 12:01:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.22 12:01:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.22 11:56:23 | 003,603,786 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.11.22 11:56:07 | 000,014,446 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.11.22 11:54:09 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.22 11:43:19 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.11.22 11:38:32 | 000,001,405 | ---- | C] () -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.11.22 11:38:31 | 000,001,439 | ---- | C] () -- C:\Users\KgB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.11.22 11:37:15 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.11.22 11:37:14 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.11.22 11:35:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.28 00:47:49 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\.techniclauncher
[2012.11.22 12:44:30 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\DAEMON Tools Pro
[2012.11.27 20:32:41 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\FileZilla
[2012.11.27 11:05:32 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\Firefly Studios
[2012.11.28 00:47:47 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\logs
[2012.11.25 12:40:58 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\Notepad++
[2012.11.27 20:58:00 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\Origin
[2012.11.22 12:35:04 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\Thunderbird
[2012.11.27 23:41:13 | 000,000,000 | ---D | M] -- C:\Users\KgB\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 

< End of report >
         
Hier die Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 28.11.2012 11:06:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KgB\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 13,75 Gb Available Physical Memory | 86,04% Memory free
31,96 Gb Paging File | 29,50 Gb Available in Paging File | 92,28% Paging File free
Paging file location(s): e:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,47 Gb Total Space | 199,99 Gb Free Space | 89,49% Space Free | Partition Type: NTFS
Drive D: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 931,51 Gb Total Space | 761,86 Gb Free Space | 81,79% Space Free | Partition Type: NTFS
 
Computer Name: KGB-GAMING | User Name: KgB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DCDE8F-4083-4BDF-B59D-D18E77895D4F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{02877074-7703-4112-93DC-ECE184E2E168}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0BA812FC-8DF5-4328-A2BE-CD1028C5A182}" = lport=445 | protocol=6 | dir=in | app=system | 
"{0DBBF137-F512-4D37-89AF-C8F7429D2E6D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{14D2A1EC-B8C7-4D51-B92F-A8AB3C10594C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{20FF43DF-B863-4862-B4E7-85889D8501ED}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{243653C2-2FFE-4ECE-938C-2430F40B22A0}" = rport=137 | protocol=17 | dir=out | app=system | 
"{33865C42-C2CF-4A8B-B7CC-F2F8757B34DC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5022A41C-3F88-493A-9A6A-B3250F92BE12}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5D4CF7F1-4393-400B-860B-5086E73EA0C1}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5E867258-C6D0-47E0-A2C5-EBF98247B2CC}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6273BE2A-01D2-429F-9D83-B4DD604F3A84}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{7F2D9933-1DBB-4C7D-840E-92B2CDC298D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A3F236D1-1781-44A8-8FDB-901004B75158}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A6BCBE0C-089B-4AA6-96EC-75206AB9F04B}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B0D1F95E-40BB-4AAE-AC23-AE2E000D7051}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B2804EBA-E158-4DE4-8D3D-EF3474EB2AAE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C28CF40F-B312-4A10-8EB4-1556F2CC4201}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C7CCFF65-9C81-4872-8FE9-451214CD7FEB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D9023FD9-AC2F-43CB-A472-5F2A93F92731}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E92AB342-5852-4C2B-B9F4-8454FAACD5B2}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DCB16C0-1ACA-4CE2-9946-7AC90317F033}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | 
"{17D5358B-7404-47BD-A519-46A68920AC45}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis\bin32\crysis.exe | 
"{18624147-4AAD-445E-9D9B-6E7DAFE49751}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{1F4D6ED6-FF0B-4983-9E49-A77023A9578C}" = protocol=6 | dir=out | app=system | 
"{202A89BB-1427-49B4-BFA5-A38E104D8234}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe | 
"{2A1DCF72-2BE2-477E-A301-C8B781D28CBC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | 
"{2EF8F4E8-7E65-489F-8BA0-74694DBBC3F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2F49919F-4E98-45E9-8817-96C51CA4B23B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3.exe | 
"{383AFA96-0F5E-4B9B-A981-428862A45E42}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3x.exe | 
"{41ABAD0C-D16B-4A21-897E-B96D5E9B167D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4FDDE5E2-6111-4E85-9EED-331910605741}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{54DFBFB7-7EF2-47DA-B43A-FBC6404C683C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{55CD9D07-93CB-41E3-B709-B76B38A3CA54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{55EB360B-9EE7-434B-A03D-73C78A36FCAE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5D052AF3-037A-498A-BF17-C1363250B562}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6BD04C2A-E63B-4561-9C7E-648AE3861DC9}" = protocol=17 | dir=in | app=e:\games\battlefield 3\bf3.exe | 
"{6E85E0C6-9026-4C18-89E9-074942466825}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{737CB1C2-355A-4224-9482-5549C4F4A9AE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe | 
"{7DBB2336-89A1-44BE-B1A9-28B869F9B645}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | 
"{8273A591-273F-4CE0-8DB1-ECB7D1887090}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8287B63F-762E-480F-AD88-74A4671E9D1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9615D623-A8EC-47F2-86C9-71016E52AA9A}" = protocol=6 | dir=in | app=e:\games\battlefield 3\bf3.exe | 
"{96BC29BB-382E-4B21-A6FF-9C2D6B83333B}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe | 
"{98C672F1-E187-47E1-82EA-7E19E7920601}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9966E907-026D-4C59-8DB1-B9FEB04F8E28}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3.exe | 
"{9A5B7BD7-4DE5-4DBB-97F0-E934EC243EB7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{9EC515F4-8267-45DE-8BDF-1117646E2E8A}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe | 
"{9F1F8BA9-94CD-4DDD-AC5E-BA93EB78B6CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3y.exe | 
"{A2D52225-A028-4F38-B31C-EA5FCD52454F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A97B3692-0F2D-4055-BE1A-D4791C655AB5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{B0B291E9-048C-455F-8617-FF048F94A033}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | 
"{B50D206F-2D9A-42FE-9544-D6CB5C2602E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BB79185B-52E9-421E-B689-5721077FA9A1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C09D8B96-829B-443F-8B59-85BC9755EAAC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\primal_carnage\binaries\win32\primalcarnagegame.exe | 
"{C38C69F7-36C6-484C-95AA-256BBCCAA0DF}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3y.exe | 
"{C5E20459-A615-4FD5-943E-283077E9D5AC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{CC88CA6B-6D35-4FDF-B12D-EFAAD677CACC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD4EE58D-DE5F-4990-9A9C-33ACC2E2C137}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{CD6F14C5-9AE1-4CB9-A5FE-A5573994CBBF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CE9A7AA1-577C-4C86-9D2F-29893FFE6035}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{D1DDB83E-D584-4673-BC4D-512287FBED1F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D3944232-ED92-4534-992B-6A29CE521010}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\primal_carnage\binaries\win32\primalcarnagegame.exe | 
"{D568A364-E332-4701-AEA1-094A7BE2DEF4}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{DDA84933-61EF-4A65-90C0-CB9980BBB1BD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe | 
"{E3E79963-096D-4337-840F-F69F711A294B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\rage\rage.exe | 
"{EBD51D19-4736-4DA1-81B3-00166D59D251}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\age of empires 3\bin\age3x.exe | 
"{F6DB76A7-DCB7-4AF7-AC47-DD5D9BDEB6E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FA327B86-C2B3-4A01-B629-BB48032ECC5E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis warhead\bin32\crysis.exe | 
"{FAA555F6-75B9-4B55-A6DD-F8F2957F6F16}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{FE4DF79F-C00C-4302-9A07-25932448939C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{FF3161ED-5D1F-47E4-8DB3-5433DAEFFC21}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\crysis wars\bin32\crysis.exe | 
"TCP Query User{0D506D3C-8B4C-468F-B66B-F223C9CAF8C4}C:\program files\teamspeak 3 client\ts3client_win64.exe" = protocol=6 | dir=in | app=c:\program files\teamspeak 3 client\ts3client_win64.exe | 
"TCP Query User{FC0FD9A3-0767-48E2-8BB1-E34E78CBDF06}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{081B46FE-D046-429A-A25F-C603CB521E00}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{F60A689A-12F0-4093-80DB-E49F71E46C12}C:\program files\teamspeak 3 client\ts3client_win64.exe" = protocol=17 | dir=in | app=c:\program files\teamspeak 3 client\ts3client_win64.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E9641237-252F-467E-88FB-5CAB9E42583E}" = ESET NOD32 Antivirus
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Logitech Gaming Software" = Logitech Gaming Software 8.35
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Pro" = DAEMON Tools Pro
"ESN Sonar-0.70.4" = ESN Sonar
"FalNET G19 Display Manager_is1" = FalNET G19 Display Manager
"FileZilla Client" = FileZilla Client 3.6.0.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 47410" = Stronghold Kingdoms
"Steam App 9200" = RAGE
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ZetaProducer11" = Zeta Producer 11 11.0.4 (nur entfernen)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.11.2012 09:06:41 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HMA.exe, Version: 1.0.433.1, Zeitstempel:
 0x50a66a1c  Name des fehlerhaften Moduls: HMA.exe, Version: 1.0.433.1, Zeitstempel:
 0x50a66a1c  Ausnahmecode: 0x80000003  Fehleroffset: 0x0068c18e  ID des fehlerhaften Prozesses:
 0x124c  Startzeit der fehlerhaften Anwendung: 0x01cdc8b04b05eb11  Pfad der fehlerhaften
 Anwendung: E:\Games\Hitman Absolution\HMA.exe  Pfad des fehlerhaften Moduls: E:\Games\Hitman
 Absolution\HMA.exe  Berichtskennung: 746c33ff-34a5-11e2-9176-002522bf10dd
 
Error - 24.11.2012 14:50:16 | Computer Name = KgB-Gaming | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Games\Steam\SteamApps\common\Crysis\Bin64\Editor.exe".
Die
 abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 24.11.2012 14:50:32 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Crysis64.exe, Version: 1.1.1.6156,
 Zeitstempel: 0x47d6d9cf  Name des fehlerhaften Moduls: CrySystem.dll, Version: 1.1.1.6156,
 Zeitstempel: 0x47d6e0a0  Ausnahmecode: 0xc000008f  Fehleroffset: 0x0000000000085bdc
ID
 des fehlerhaften Prozesses: 0x1414  Startzeit der fehlerhaften Anwendung: 0x01cdca74928d97b4
Pfad
 der fehlerhaften Anwendung: E:\Games\Steam\SteamApps\common\Crysis\Bin64\Crysis64.exe
Pfad
 des fehlerhaften Moduls: E:\Games\Steam\SteamApps\common\Crysis\Bin64\CrySystem.dll
Berichtskennung:
 d24684aa-3667-11e2-959b-002522bf10dd
 
Error - 24.11.2012 14:55:27 | Computer Name = KgB-Gaming | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Games\Steam\SteamApps\common\Crysis\Bin32\Editor.exe".
Die
 abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 24.11.2012 15:03:18 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crysis.exe, Version: 1.1.1.6156, 
Zeitstempel: 0x47d6d167  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17932,
 Zeitstempel: 0x50327672  Ausnahmecode: 0x0000087a  Fehleroffset: 0x0000c41f  ID des fehlerhaften
 Prozesses: 0x139c  Startzeit der fehlerhaften Anwendung: 0x01cdca75df946869  Pfad der
 fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\Crysis\bin32\crysis.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 9b34fb73-3669-11e2-959b-002522bf10dd
 
Error - 25.11.2012 08:18:32 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 17.0.0.4706,
 Zeitstempel: 0x50ab1e3d  Name des fehlerhaften Moduls: mozalloc.dll, Version: 17.0.0.4706,
 Zeitstempel: 0x50ab07fc  Ausnahmecode: 0x80000003  Fehleroffset: 0x00001988  ID des fehlerhaften
 Prozesses: 0xba0  Startzeit der fehlerhaften Anwendung: 0x01cdcaf98f1630e3  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll  Berichtskennung:
 3a0b1373-36fa-11e2-a4a3-002522bf10dd
 
Error - 25.11.2012 08:46:24 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crysis.exe, Version: 1.1.1.6156, 
Zeitstempel: 0x47d6d167  Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.697,
 Zeitstempel: 0x506b3163  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006200bc  ID des fehlerhaften
 Prozesses: 0x1550  Startzeit der fehlerhaften Anwendung: 0x01cdcb0a8bf4a242  Pfad der
 fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\Crysis\bin32\crysis.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\nvwgf2um.dll  Berichtskennung: 1ea2473d-36fe-11e2-a4a3-002522bf10dd
 
Error - 25.11.2012 10:35:55 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crysis.exe, Version: 1.1.1.6156, 
Zeitstempel: 0x47d6d167  Name des fehlerhaften Moduls: CryRenderD3D9.dll, Version:
 1.1.1.6156, Zeitstempel: 0x47d6d53b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00021c4b
ID
 des fehlerhaften Prozesses: 0x1be0  Startzeit der fehlerhaften Anwendung: 0x01cdcb19ab892209
Pfad
 der fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\Crysis\bin32\crysis.exe
Pfad
 des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\Crysis\bin32\CryRenderD3D9.dll
Berichtskennung:
 6adeb4a9-370d-11e2-a4a3-002522bf10dd
 
Error - 25.11.2012 13:11:30 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7c9f1  Ausnahmecode: 0xc000041d  Fehleroffset: 0x00000000000196c8
ID
 des fehlerhaften Prozesses: 0x700  Startzeit der fehlerhaften Anwendung: 0x01cdcaf8b48d007c
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\USER32.dll  Berichtskennung: 27589f0a-3723-11e2-a4a3-002522bf10dd
 
Error - 27.11.2012 19:48:59 | Computer Name = KgB-Gaming | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rundll32.exe_NvUpdt.dll, Version:
 6.1.7600.16385, Zeitstempel: 0x4a5bc9e0  Name des fehlerhaften Moduls: msvcrt.dll,
 Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f  Ausnahmecode: 0x40000015  Fehleroffset:
 0x000000000002a84e  ID des fehlerhaften Prozesses: 0x1350  Startzeit der fehlerhaften
 Anwendung: 0x01cdccf9c0b0c0da  Pfad der fehlerhaften Anwendung: C:\Windows\System32\rundll32.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll  Berichtskennung: 035084f1-38ed-11e2-83e4-002522bf10dd
 
[ System Events ]
Error - 26.11.2012 16:49:06 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 26.11.2012 16:51:11 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 27.11.2012 05:20:14 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 27.11.2012 18:42:43 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 27.11.2012 18:47:31 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 27.11.2012 19:50:59 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 28.11.2012 05:17:16 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
Error - 28.11.2012 05:17:23 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 28.11.2012 05:17:23 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 28.11.2012 05:33:59 | Computer Name = KgB-Gaming | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:   %%2
 
 
< End of report >
         
und hier der hijachthis log
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:11:57, on 28.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
E:\Games\Steam\Steam.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\KgB\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKCU\..\Run: [Steam] "E:\Games\Steam\Steam.exe" -silent
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5743 bytes
         

Antwort

Themen zu Games minimieren sich in Taskleiste
antivirus, autorun, bho, entfernen, error, eset nod32, firefox, flash player, format, helper, hijack, install.exe, installation, launch, logfile, mozilla, nvidia update, object, origin, problem, realtek, registry, rundll, scan, security, software, svchost.exe, teamspeak, windows, windows xp



Ähnliche Themen: Games minimieren sich in Taskleiste


  1. Die Fenster Minimieren sich automatich
    Alles rund um Windows - 29.06.2015 (3)
  2. Fenster minimieren sich, Direct-X Fehler, W-Lan trennt sich
    Netzwerk und Hardware - 04.09.2014 (5)
  3. Anwendungen minimieren sich automatisch?
    Log-Analyse und Auswertung - 08.08.2013 (12)
  4. Spiele minimieren sich !
    Alles rund um Windows - 31.07.2013 (2)
  5. Spiele minimieren sich von Selbst -.-
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (1)
  6. Spiele minimieren sich grundlos !
    Plagegeister aller Art und deren Bekämpfung - 11.12.2012 (6)
  7. Programme im Vollbildmodus minimieren sich
    Alles rund um Windows - 24.01.2012 (10)
  8. Malwarebytes lässt sich nicht öffnen, Fenster minimieren sich nicht auf die Taskleiste...
    Log-Analyse und Auswertung - 14.07.2011 (17)
  9. Pinkes Oberon I-Play Games Bar in Taskleiste
    Plagegeister aller Art und deren Bekämpfung - 06.01.2011 (4)
  10. Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich...
    Plagegeister aller Art und deren Bekämpfung - 12.07.2010 (1)
  11. Spiele Minimieren sich einfach
    Log-Analyse und Auswertung - 12.02.2010 (4)
  12. Spiele minimieren sich automatisch
    Log-Analyse und Auswertung - 29.01.2010 (17)
  13. Spiele und Programme minimieren sich
    Plagegeister aller Art und deren Bekämpfung - 20.01.2009 (3)
  14. Spiele Minimieren sich
    Log-Analyse und Auswertung - 28.09.2007 (1)
  15. Spiele minimieren sich
    Log-Analyse und Auswertung - 08.09.2007 (1)
  16. Spiele minimieren sich
    Log-Analyse und Auswertung - 17.05.2006 (1)
  17. Programme uns Spiele minimieren sich
    Log-Analyse und Auswertung - 16.05.2006 (12)

Zum Thema Games minimieren sich in Taskleiste - hallo an alle ich habe das problem das sich viele meiner Games (BF3 crysis, crysis2) bei mir immer nach ein paar min in die taskleiste minimiert und nur durch den - Games minimieren sich in Taskleiste...
Archiv
Du betrachtest: Games minimieren sich in Taskleiste auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.