Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: -Internet Seite öffnet sich selbsständig nach Systemstart-

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.04.2013, 20:43   #1
DNyO
 
-Internet Seite öffnet sich selbsständig nach Systemstart- - Icon21

-Internet Seite öffnet sich selbsständig nach Systemstart-



Hi alle zusammen,

ich habe folgendes Problem, nach dem hochfahren meines Pc´s öffnet sich von selbst eine Internet seite keine Porno Seite oder sonstiges. Zuerst war es eine Seite für eine Art "Fernstudium" und Jetzt ist es eine Asiatische Seite für Asiatische Serien .

Ich benutze FireFox, habe Win7 64x Ultimate und habe schon versucht mit Spybot und Avast die Sache zu regeln, leider ohne Erfolg.

Code:
ATTFilter
OTL Extras logfile created on: 15.04.2013 21:27:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = K:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,67 Gb Available Physical Memory | 70,86% Memory free
16,00 Gb Paging File | 13,18 Gb Available in Paging File | 82,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 181,15 Gb Free Space | 77,79% Space Free | Partition Type: NTFS
Drive D: | 554,42 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 465,76 Gb Total Space | 272,47 Gb Free Space | 58,50% Space Free | Partition Type: NTFS
Drive K: | 1863,01 Gb Total Space | 576,74 Gb Free Space | 30,96% Space Free | Partition Type: NTFS
 
Computer Name: DANNY-PC | User Name: DaNNy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- K:\sicherungen\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0582F19F-EE26-4711-8425-6A5B9FC01C78}" = lport=445 | protocol=6 | dir=in | app=system | 
"{071C903C-2DA0-4287-80BA-E183B8E5DE2E}" = rport=139 | protocol=6 | dir=out | app=system | 
"{097E8C2F-853C-42E8-BF8A-BC575204FA90}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1BC1591C-7566-4832-B719-C6D1E56BFFA7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{23F14FFF-B53E-46D2-8B8D-3844F72FC77F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2635EDB5-F700-433A-9AA2-E7B2BCEEC6C3}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{288DB33A-DD61-48C2-99AF-B137FDCEB531}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{48532B70-70B6-497F-8B59-A11F7070A8AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{62AD1269-7D53-492F-BA4A-CA301E9F9006}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6B727A8E-01AD-4555-8F75-8015C38E794B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6B9EB526-D6ED-468C-B57C-F2DC094A9F80}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6D6FA26D-551D-4751-BB68-BBAA7634D6F0}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7B40E90A-EA42-4959-A73A-3FFCC96CE157}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8166FF7B-A925-40F4-99D2-C1FA37F1C5DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8DF5A55A-531A-4D04-A788-D7DBACA5188A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B338BE04-FE60-417E-80D8-95F6F9122F7A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B84FB43F-8595-4986-8BE8-85629041142E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C2C8C6E7-6C97-4AB2-87C8-2B20BF668A15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C547E70A-54FD-42FA-A80B-BC0883AE2A6D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D08BD978-6B8D-4793-9CCD-0AB7D1ED3B26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DBF548E1-B89B-4437-A8FB-3C4E0CC43BF6}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{FD9DEC66-BFDC-4C47-B320-86A9922D5103}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FE252110-0B07-47A7-AD26-831129B56FE8}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B67B99-A8D7-4C1A-A22A-5556485D109A}" = dir=out | app=k:\games\batman arkham city goty\binaries\win32\batmanac_o.exe | 
"{00FA54D3-12D2-4C16-9679-48365DF32F9A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{07FA408F-A384-4C5F-9CAD-48C582A151AA}" = dir=out | app=k:\games\crysis 3\bin32\crysis3.exe | 
"{08F6BB21-F497-40E6-A588-788F495ABCB5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0A3E76E5-84ED-47AC-8D3B-F36897403FCA}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\wargame european escalation\wargame.exe | 
"{0A6CC5C2-9CB0-48E6-8801-4542F4B03D9F}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier.exe | 
"{12076C8D-7F2A-47B1-AB8F-ED7C5C5F6229}" = protocol=17 | dir=in | app=k:\games\origin games\need for speed(tm) most wanted\nfs13.exe | 
"{1CE281AE-5D2B-43C9-AFF4-CC1089FE1E46}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1DA0423C-D0F9-4793-A442-0B16A0226E74}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{1DC6F1B8-308C-4E76-BE8C-4550924FE4A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1E709F44-9667-4F10-BB43-8DD1CB298FFF}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{1F64D9F7-4F50-440F-A0F0-18AB2498194F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{200C8658-D6D8-4F4B-8DB4-4BEC84B72EBE}" = protocol=6 | dir=in | app=k:\games\steam\steam.exe | 
"{209D33C2-B62F-4C66-902D-1B07619F400F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{2195AA0E-1601-483C-9264-B828C3674E7A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{22D09852-A8E3-455A-95E2-D63D2F13BA59}" = protocol=17 | dir=in | app=k:\games\anno 2070\anno5.exe | 
"{2BAA4B08-9AD1-44D0-B482-9D679807E60F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2F50A6BA-7E31-4786-82EA-BE6ED07B7FDB}" = protocol=6 | dir=in | app=k:\games\anno 2070\autopatcher.exe | 
"{32580A96-C47F-4C4D-A112-B3FC57A68EAD}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\dxhrml\dxhrml.exe | 
"{35DFE8DA-F663-442E-B65F-F6F775F97837}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{384AE851-69DC-4A39-BDD4-5120905AA800}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{44BBCBCC-3438-42A8-AD96-4D1C801E55CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{47C769FB-EF40-42BD-9BD5-4460B9495FDC}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{4AEF631E-55BD-4A3B-8F60-60F546FF239E}" = protocol=17 | dir=in | app=k:\games\dead space 3\deadspace3.exe | 
"{4DDC11B4-C3BA-4F71-BBAD-A68C8660BAD1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{4E7577F0-3809-4F20-A935-C18126069527}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\natural selection 2\ns2.exe | 
"{53E782D6-28B5-45A8-BAB9-91607C1E5170}" = dir=out | app=k:\games\batman arkham city goty\binaries\win32\bmlauncher.exe | 
"{59223529-1207-4F45-B298-67D90B1C9259}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | 
"{5D609231-7ECA-4A3A-A0C3-7A886FD85D57}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\dxhrml\dxhrml.exe | 
"{600AF927-65A8-4B6F-BC92-F21C1538D803}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | 
"{625182CC-73F7-4769-819D-0C6617145021}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{639743F3-5371-478C-B9B9-1EF7BEA76BF4}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | 
"{6870CF3C-C9C4-460A-ADB7-8B5F1B9B70E4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{6A18B98D-6E1B-4CD1-8A01-C834BAD20130}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\smovedetroit\counter-strike\hl.exe | 
"{6DDC601B-F081-4AB8-A940-2EBD3B136C92}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\dota 2 beta\dota.exe | 
"{73BF8E7C-F8CB-48DC-9766-5DBB5627B0FE}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{74C93EFB-CEB1-42AB-A106-38F50C6C0052}" = protocol=6 | dir=in | app=k:\games\rise of nations\thrones.exe | 
"{75FD2907-543A-4C00-9240-73F93127C432}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\tropico 4\tropico4.exe | 
"{78BCCDB3-9046-402F-A211-918C28D05BF4}" = dir=out | app=k:\games\batman arkham city goty\binaries\win32\batmanac.exe | 
"{7A697273-9EA8-4728-B4E8-0EBE35CB1007}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier.exe | 
"{7AAA8CC9-74F4-4D8F-8664-324451094A0F}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\dota 2 beta\dota.exe | 
"{7B103908-245F-4EAA-A8FA-46477C7A03AF}" = protocol=6 | dir=in | app=k:\games\anno 2070\anno5.exe | 
"{7F042BBE-64A1-4A41-B14B-3CF942C57094}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\deus ex - human revolution\dxhr.exe | 
"{840C7665-0D53-4130-B5BD-53FE644913D1}" = protocol=17 | dir=in | app=k:\games\rise of nations\thrones.exe | 
"{8769CF0F-F62B-44D3-9B9E-4D39EF84BAA6}" = dir=in | app=k:\games\sleeping dogs\hkship.exe | 
"{8A88F84A-66E9-425E-AA4C-AEBB48837A34}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{8C192E55-4DAF-4B16-868B-245BD0C585E9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{8C586E66-ACBE-4986-ACD1-5455251FE71B}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\natural selection 2\ns2.exe | 
"{8C8AE908-6A8E-400C-A6FF-CCFD23B9E3B3}" = protocol=17 | dir=in | app=k:\games\origin games\battlefield 3\bf3.exe | 
"{8EABF502-76D0-4C18-9B01-411A422BE489}" = dir=out | app=k:\games\assassin's creed iii\assassinscreed3.exe | 
"{8F8BFB77-0D4A-4FC3-AECE-C1D7B3A8C397}" = protocol=6 | dir=in | app=k:\games\anno 2070\initengine.exe | 
"{93BB0006-8120-459B-BCB6-B2F15A5058E3}" = dir=out | app=k:\games\sleeping dogs\hkship.exe | 
"{9A3D67D7-CA47-4AE9-BAC0-37B411295155}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9AAEC629-1238-4839-A7A2-B66DA19180B5}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{9B120011-28EE-47F5-B694-1EFC5BBAB63F}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{A0045A33-06DF-4945-89D5-74CD473C5FF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A258F598-3246-4774-A109-D32C9705A964}" = dir=out | app=k:\games\assassin's creed iii\ac3mp.exe | 
"{A4F4F8BE-31C4-4D34-8DEC-B7F544C1139D}" = protocol=6 | dir=out | app=system | 
"{A64A86C2-B12D-41FC-85EC-1F91C84D36E1}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | 
"{A871FC44-3D39-4B27-9BE9-40E2E03DC851}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A90D7B52-99C1-4996-A1A1-C5BB80849396}" = protocol=17 | dir=in | app=k:\games\anno 2070\autopatcher.exe | 
"{AAF5B2B2-4C07-49E0-BD6A-96B730ADEDA7}" = dir=out | app=k:\games\hitman absolution\hma.exe | 
"{AE41AEF4-9AE4-4CA4-8380-6ECD78AB2D47}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{B04D493C-0E70-45DB-9769-79A30AA96BF6}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\shogun2.exe | 
"{B2A31C47-5D72-4C71-8E80-FB345D71DBFC}" = dir=out | app=k:\games\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"{B72B9446-0B5C-4920-B70B-C4C4E75063AA}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\planetside 2\launchpad.exe | 
"{B86E8CD8-E933-4A2F-8F8C-796BC08BFAFB}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\tropico 4\tropico4.exe | 
"{B8C3460F-D95F-49CA-B1F4-F2793C77FD07}" = protocol=17 | dir=in | app=k:\games\anno 2070\initengine.exe | 
"{BCE1B051-672D-4A67-8830-20DEA51B315B}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\shogun2.exe | 
"{BEB1295E-0B09-47D3-A5E5-A17842FA52C8}" = protocol=17 | dir=in | app=k:\games\steam\steam.exe | 
"{C0ECBE0D-20F2-4637-9B60-D1CFC988D82D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C15D5DC5-470B-4844-9C52-C86C2B22568A}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe | 
"{C27603A5-F2B5-41F9-A2DE-6CCCFD0421F2}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\planetside 2\launchpad.exe | 
"{C5918344-97B4-4CBE-AFE6-57128C6C6315}" = dir=in | app=k:\games\batman arkham city goty\binaries\win32\batmanac.exe | 
"{C602123C-0F5F-4363-BCFC-5D0B1060FEDF}" = protocol=6 | dir=in | app=k:\games\dead space 3\deadspace3.exe | 
"{C91856BA-7F7B-4098-82B6-EE0F62CE91DF}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | 
"{C9A282AF-C169-4A27-9123-23DA0EB2B492}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\left 4 dead\left4dead.exe | 
"{CE95BBFB-84DA-443C-AEE2-FC7C35C7E350}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{CFE8CCCB-1338-49FC-9371-CB6E6F083462}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{CFED1FD5-3A5E-4E27-BD3C-81B314BD5D82}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | 
"{D0098116-BB9C-4B10-B10C-3EB44761894E}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | 
"{D0B6B24F-281B-4640-824F-18708D8B945E}" = dir=out | app=k:\games\assassin's creed iii\ac3sp.exe | 
"{D16BE4D2-0CC6-410D-BB8E-E6227302E01C}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | 
"{D1B52197-9DD5-4A8C-B983-8538BB0FB147}" = protocol=6 | dir=in | app=k:\games\origin games\simcity\simcity\simcity.exe | 
"{D5EE3667-EB2D-412A-9E04-B3332E484529}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe | 
"{D8DAA37C-C476-4F49-806B-9791E458F76E}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{DA340005-1EB3-46A0-A8D1-72C9EF2C7F9B}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{DD826DA9-F4CF-4110-A115-4030AE4AB637}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\wargame european escalation\wargame.exe | 
"{DE0B42F3-89DB-4D8D-B832-A48000278CD0}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe | 
"{DE30FD97-2EB7-4CB5-8D7C-0269F506DF61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E03B4319-D704-4045-BE30-9EDB0391212F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E39DC889-2FD4-4604-83F9-B2139E328DCF}" = protocol=17 | dir=in | app=k:\games\origin games\simcity\simcity\simcity.exe | 
"{E8C476FF-8EC0-4AEA-B886-0482C7B7CA0C}" = protocol=6 | dir=in | app=k:\games\origin games\battlefield 3\bf3.exe | 
"{E910594C-51B7-4A16-AF1A-9E81122E63BC}" = dir=out | app=k:\games\dead space 3\deadspace3.exe | 
"{EE1B8510-E4A0-4B3B-979F-3E1CF353EBE6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{EFC43DE9-C05C-4CD2-BC66-EFB3E6A46718}" = protocol=6 | dir=in | app=k:\games\origin games\need for speed(tm) most wanted\nfs13.exe | 
"{F101E1CE-990B-41C2-8619-927C0EB5A4B9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F3B6AC90-BC11-4D47-AA8F-BC8093866D7F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{F8FA7D8F-3872-45F5-AD12-059963E63A78}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FE942294-D868-4A57-A13C-B28EE33D7057}" = dir=in | app=k:\games\dead space 3\deadspace3.exe | 
"{FEEAF3CC-7B2A-4F5F-9464-05E0D42F2E3C}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{FF49105B-53E4-4D09-8292-29A29D197497}" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe | 
"{FFAB7B7B-53E2-4B91-9782-47BF5EA1547D}" = protocol=6 | dir=in | app=k:\games\steam\steamapps\smovedetroit\counter-strike\hl.exe | 
"TCP Query User{01C0A3F9-0E8F-4B8B-B4EB-7CE57887CF0C}K:\games\command & conquer generäle stunde null\game.dat" = protocol=6 | dir=in | app=k:\games\command & conquer generäle stunde null\game.dat | 
"TCP Query User{09F7334A-A005-41C9-BE28-5C013F17190C}K:\games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=k:\games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe | 
"TCP Query User{28F47B1F-AB25-4078-95D0-C0E7CFA92140}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"TCP Query User{39E542C7-8D6F-4C90-B6B4-98527E447E94}K:\games\steam\steamapps\smovedetroit\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=k:\games\steam\steamapps\smovedetroit\zombie panic! source\hl2.exe | 
"TCP Query User{3E320EEA-1247-4BA6-8D1A-5C8FCB221F79}K:\games\resident evil 6\bh6.exe" = protocol=6 | dir=in | app=k:\games\resident evil 6\bh6.exe | 
"TCP Query User{473890F1-B1F4-4D7B-B444-68752DB3EDAA}K:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"TCP Query User{6319BF73-E0BE-499A-8FE0-C381E9422DEF}K:\games\batman arkham city goty\binaries\win32\batmanac_o.exe" = protocol=6 | dir=in | app=k:\games\batman arkham city goty\binaries\win32\batmanac_o.exe | 
"TCP Query User{7F0209A4-3205-40E3-AB41-DCD4B2A1385A}K:\games\dead island - game of the year edition\deadislandgame.exe" = protocol=6 | dir=in | app=k:\games\dead island - game of the year edition\deadislandgame.exe | 
"TCP Query User{A621C45C-B7CB-45CB-A538-F41E39E40CBE}K:\games\empire earth\empire earth.exe" = protocol=6 | dir=in | app=k:\games\empire earth\empire earth.exe | 
"TCP Query User{BB06A418-E420-4E7A-AE87-EC67B007C734}K:\games\kingdoms of amalur reckoning\reckoning.exe" = protocol=6 | dir=in | app=k:\games\kingdoms of amalur reckoning\reckoning.exe | 
"TCP Query User{C09A81B0-26E0-4AFC-A3D8-580E36ACDA38}K:\games\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\planetside 2\planetside2.exe | 
"TCP Query User{C8AA70E5-3C81-4F75-9796-74EED1AE2FF4}K:\games\mass effect 2\binaries\masseffect2.exe" = protocol=6 | dir=in | app=k:\games\mass effect 2\binaries\masseffect2.exe | 
"TCP Query User{E88939F4-F44B-4F48-B53C-7C45014AB51E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{F1F6BD45-5CF7-4AB6-BEFB-96CF5C7479E6}K:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=6 | dir=in | app=k:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"TCP Query User{F2E6A27F-4AB1-4DCD-815C-B14BF456661A}K:\games\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=k:\games\stronghold 3\bin\win32_release\stronghold3.exe | 
"TCP Query User{F444E9DD-5B0D-4913-B3F4-C334A6F54537}K:\games\empires dawn of the modern world\empires_dmw.exe" = protocol=6 | dir=in | app=k:\games\empires dawn of the modern world\empires_dmw.exe | 
"TCP Query User{FC7C665A-0C65-4B4D-8DE1-02D8A4BC49C4}K:\games\farcry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=k:\games\farcry 3\bin\farcry3.exe | 
"UDP Query User{40F5CB5A-C2EF-41B3-965C-672593B0E342}K:\games\steam\steamapps\smovedetroit\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=k:\games\steam\steamapps\smovedetroit\zombie panic! source\hl2.exe | 
"UDP Query User{445637C7-B70B-4B27-A842-1BE521EEC08F}K:\games\empire earth\empire earth.exe" = protocol=17 | dir=in | app=k:\games\empire earth\empire earth.exe | 
"UDP Query User{47590532-F164-4DAC-9866-FBEE63B185F0}K:\games\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\planetside 2\planetside2.exe | 
"UDP Query User{72A17FA0-943D-4087-8650-962341011CEB}K:\games\command & conquer generäle stunde null\game.dat" = protocol=17 | dir=in | app=k:\games\command & conquer generäle stunde null\game.dat | 
"UDP Query User{97A64B68-0642-45BA-84A8-CF00F55334E9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{BA36F193-8C72-4871-995B-F96CB7DA8B73}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 
"UDP Query User{C00DA9E9-782D-4D07-B51F-BC7276B2AF72}K:\games\mass effect 2\binaries\masseffect2.exe" = protocol=17 | dir=in | app=k:\games\mass effect 2\binaries\masseffect2.exe | 
"UDP Query User{C27C6FAF-29CA-46BF-9559-BD6C2B848059}K:\games\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=k:\games\stronghold 3\bin\win32_release\stronghold3.exe | 
"UDP Query User{C447EED7-31EC-41FE-A885-8BA6804B5B94}K:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"UDP Query User{CE245F61-B887-4FB3-ABD2-0328DD1E4CF9}K:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=k:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"UDP Query User{CE6DC924-0DB3-48AD-BE29-FAE051C92F26}K:\games\farcry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=k:\games\farcry 3\bin\farcry3.exe | 
"UDP Query User{DEC51D55-E0A7-4ED5-8CF5-6268C108DE87}K:\games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=k:\games\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe | 
"UDP Query User{E1B3BF1F-B4DD-475B-81D8-113ADB7CD6FE}K:\games\batman arkham city goty\binaries\win32\batmanac_o.exe" = protocol=17 | dir=in | app=k:\games\batman arkham city goty\binaries\win32\batmanac_o.exe | 
"UDP Query User{E5A4BCDB-3E55-46D1-B33D-5FEB50A0E057}K:\games\dead island - game of the year edition\deadislandgame.exe" = protocol=17 | dir=in | app=k:\games\dead island - game of the year edition\deadislandgame.exe | 
"UDP Query User{E7C26520-5225-40BA-BA7D-02F8C2D2F6B2}K:\games\empires dawn of the modern world\empires_dmw.exe" = protocol=17 | dir=in | app=k:\games\empires dawn of the modern world\empires_dmw.exe | 
"UDP Query User{F14C79E8-FB2C-470A-B17E-6DC028D51E7F}K:\games\kingdoms of amalur reckoning\reckoning.exe" = protocol=17 | dir=in | app=k:\games\kingdoms of amalur reckoning\reckoning.exe | 
"UDP Query User{F96D760B-ACB6-4E4C-8009-B1EF35CBF8C9}K:\games\resident evil 6\bh6.exe" = protocol=17 | dir=in | app=k:\games\resident evil 6\bh6.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0407893F-352C-B182-E04A-A8C3333DA29B}" = AMD Drag and Drop Transcoding
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series" = Canon MP490 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{3145731D-C578-70ED-899F-7A670D2A6662}" = AMD Fuel
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5866DD36-8055-475B-A5C3-82C04091D14E}" = BF3 Settings Editor
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Recuva" = Recuva
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = Die Sims™ 3 Traumsuite-Accessoires
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = Die Sims™ 3 Diesel Accessoires
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{22D74608-54B2-4711-9A9C-F8F593FEEC00}_is1" = Kingdoms of Amalur Reckoning Version 1.0
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = Die Sims™ 3 Jahreszeiten
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D40F840-30CA-4747-B988-E86C4C5F3B12}" = A New Beginning
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{57520FA0-DF38-46A1-8046-3B1000008500}" = Batman: Arkham City™ GOTY
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = AMD VISION Engine Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6E19AEFD-7F83-4563-A7B5-F61CABF02400}" = DayZ Commander
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = Die*Sims™*3 Erstelle einen Sim
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = Die Sims™ 3 Katy Perry Süße Welt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = Die Sims™ 3 Supernatural
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7EDF194-C4A8-4AFA-B659-12BFC45EB61C}" = DayZ Commander
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}" = Razer Diamondback
"{E1868CAE-E3B9-4099-8C18-AA8944D336FD}" = Die Sims™ 3 70er, 80er & 90er Accessoires
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alpha Protocol_is1" = Alpha Protocol
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"BioShock Infinite_is1" = BioShock Infinite
"C&C - Zero Hour - Full Uncut Patch Final v.2.5" = C&C - Zero Hour - Full Uncut Patch Final v.2.5
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CnC Europe" = CnC Europe 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dead Island - Game of the Year Edition_is1" = Dead Island - Game of the Year Edition
"DivX Setup" = DivX-Setup
"Empires Dawn of the Modern World" = Empires Dawn of the Modern World
"ESN Sonar-0.70.4" = ESN Sonar
"Faster Than Light_is1" = Faster Than Light
"GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}" = Batman: Arkham City™ GOTY
"GOGPACKOMERTA_is1" = Omerta - City of Gangsters
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer(TM) Generäle Die Stunde Null 
"Minecraft Cracked" = Minecraft Cracked
"OpenAL" = OpenAL
"Origin" = Origin
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"QWdlIG9mIEVtcGlyZSAyIEhEIEVkaXRpb24=_is1" = Age of Empire 2 HD Edition GERMAN (c) Microsoft version 1
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Sleeping Dogs™ Deluxe Edition_is1" = Sleeping Dogs™ Deluxe Edition
"Sniper Ghost Warrior - Gold Edition_is1" = Sniper Ghost Warrior - Gold Edition
"Sniper Ghost Warrior 2_is1" = Sniper Ghost Warrior 2
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link
"Steam App 212630" = Tom Clancy's Ghost Recon Future Soldier
"Steam App 218230" = PlanetSide 2
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 300" = Day of Defeat: Source
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 500" = Left 4 Dead
"Steam App 570" = Dota 2
"Steam App 57690" = Tropico 4
"Stronghold 3 Gold_is1" = Stronghold 3 Gold
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Tunngle beta_is1" = Tunngle beta
"UmVzaWRlbnQgRXZpbCA2_is1" = Resident Evil 6 version 1
"Uplay" = Uplay
"VGhlIEVsZGVyIFNjcm9sbHMgViBTa3lyaW0gRHJhZ29uYm9y~2F14EC6B_is1" = The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1
"VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1" = The Walking Dead Survival Instinct (c) Activision version 1
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.04.2013 04:26:15 | Computer Name = DaNNy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.04.2013 07:30:02 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: pctsSvc.exe, Version: 9.1.0.2894,
 Zeitstempel: 0x509054e5  Name des fehlerhaften Moduls: rtl100.bpl, Version: 11.0.2902.10471,
 Zeitstempel: 0x475fc385  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000a264  ID des fehlerhaften
 Prozesses: 0x1b60  Startzeit der fehlerhaften Anwendung: 0x01ce38fbedaa98c4  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\PC Tools\PC Tools Security\rtl100.bpl
Berichtskennung:
 a53b33ea-a4f6-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 07:35:20 | Computer Name = DaNNy-PC | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 14.04.2013 08:10:28 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.dat, Version: 0.0.0.0, Zeitstempel:
 0x4230c05b  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033772  ID des fehlerhaften Prozesses:
 0x8c8  Startzeit der fehlerhaften Anwendung: 0x01ce3908f869e4e0  Pfad der fehlerhaften
 Anwendung: K:\Games\Command & Conquer Generäle Stunde Null\game.dat  Pfad des fehlerhaften
 Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 4b5cabc8-a4fc-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 08:13:30 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.dat, Version: 0.0.0.0, Zeitstempel:
 0x4230c05b  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033772  ID des fehlerhaften Prozesses:
 0x3f4  Startzeit der fehlerhaften Anwendung: 0x01ce390965181292  Pfad der fehlerhaften
 Anwendung: K:\Games\Command & Conquer Generäle Stunde Null\game.dat  Pfad des fehlerhaften
 Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: b7818337-a4fc-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 08:15:25 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.dat, Version: 0.0.0.0, Zeitstempel:
 0x72454562  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033772  ID des fehlerhaften Prozesses:
 0xf30  Startzeit der fehlerhaften Anwendung: 0x01ce3909a88976e0  Pfad der fehlerhaften
 Anwendung: K:\Games\Command and Conquer Generals\game.dat  Pfad des fehlerhaften 
Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: fbfa2230-a4fc-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 08:38:09 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.dat, Version: 0.0.0.0, Zeitstempel:
 0x72454562  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033772  ID des fehlerhaften Prozesses:
 0x1ad0  Startzeit der fehlerhaften Anwendung: 0x01ce390cd667da0e  Pfad der fehlerhaften
 Anwendung: K:\Games\Command and Conquer Generals\game.dat  Pfad des fehlerhaften 
Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 296cc9aa-a500-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 08:38:59 | Computer Name = DaNNy-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: game.dat, Version: 0.0.0.0, Zeitstempel:
 0x72454562  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17514, Zeitstempel:
 0x4ce7ba58  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033772  ID des fehlerhaften Prozesses:
 0x128c  Startzeit der fehlerhaften Anwendung: 0x01ce390cf4cdab40  Pfad der fehlerhaften
 Anwendung: K:\Games\Command and Conquer Generals\game.dat  Pfad des fehlerhaften 
Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 4755c7e8-a500-11e2-bcdd-6cf049b65a99
 
Error - 14.04.2013 13:23:38 | Computer Name = DaNNy-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "K:\Downloads\SoftonicDownloader_fuer_recuva.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 15.04.2013 14:19:34 | Computer Name = DaNNy-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Spybot - Search and Destroy Events ]
Error - 15.03.2013 16:32:47 | Computer Name = DaNNy-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
 
Error - 14.04.2013 08:14:25 | Computer Name = DaNNy-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
 
[ System Events ]
Error - 07.04.2013 13:21:54 | Computer Name = DaNNy-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR6 gefunden.
 
Error - 08.04.2013 17:08:59 | Computer Name = DaNNy-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst TuneUp.UtilitiesSvc erreicht.
 
Error - 08.04.2013 17:09:29 | Computer Name = DaNNy-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst TuneUp.UtilitiesSvc erreicht.
 
Error - 13.04.2013 12:01:23 | Computer Name = DaNNy-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit
 IP-Adresse 192.168.2.103  registriert werden. Der Computer mit IP-Adresse 192.168.2.105
 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.
 
Error - 14.04.2013 06:42:51 | Computer Name = DaNNy-PC | Source = PCTCore | ID = 327960
Description = 
 
Error - 14.04.2013 06:42:51 | Computer Name = DaNNy-PC | Source = PCTCore | ID = 327960
Description = 
 
Error - 14.04.2013 06:43:15 | Computer Name = DaNNy-PC | Source = PCTCore | ID = 327960
Description = 
 
Error - 14.04.2013 13:19:19 | Computer Name = DaNNy-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 14.04.2013 13:19:19 | Computer Name = DaNNy-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 14.04.2013 14:06:18 | Computer Name = DaNNy-PC | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 15.04.2013 21:27:24 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = K:\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,67 Gb Available Physical Memory | 70,86% Memory free
16,00 Gb Paging File | 13,18 Gb Available in Paging File | 82,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 181,15 Gb Free Space | 77,79% Space Free | Partition Type: NTFS
Drive D: | 554,42 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 465,76 Gb Total Space | 272,47 Gb Free Space | 58,50% Space Free | Partition Type: NTFS
Drive K: | 1863,01 Gb Total Space | 576,74 Gb Free Space | 30,96% Space Free | Partition Type: NTFS
 
Computer Name: DANNY-PC | User Name: DaNNy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.15 21:23:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- K:\Downloads\OTL.exe
PRC - [2013.04.12 17:10:02 | 000,920,472 | ---- | M] (Mozilla Corporation) -- K:\sicherungen\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.12 22:02:17 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.02.13 20:38:24 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.02.13 20:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.02.13 20:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.02.01 17:33:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.11.13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012.09.23 21:43:40 | 000,040,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
PRC - [2007.02.14 12:15:04 | 000,147,456 | ---- | M] () -- C:\Programme(x86)\Razer\Diamondback\razerhid.exe
PRC - [2007.02.14 12:11:18 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Programme(x86)\Razer\Diamondback\razerofa.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.12 17:10:02 | 003,133,336 | ---- | M] () -- K:\sicherungen\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.27 23:54:32 | 017,632,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3989b4ca6cf904061992daec9e7d5644\PresentationFramework.ni.dll
MOD - [2013.03.12 22:02:17 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.01.06 15:50:14 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
MOD - [2013.01.06 15:48:59 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2013.01.06 14:18:28 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2013.01.06 14:18:23 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2013.01.06 14:18:22 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2013.01.06 14:18:22 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2013.01.06 14:18:20 | 000,973,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2013.01.06 14:18:19 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2013.01.06 14:18:15 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2007.02.14 12:15:04 | 000,147,456 | ---- | M] () -- C:\Programme(x86)\Razer\Diamondback\razerhid.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.14 14:36:51 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.05 22:10:47 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.02.01 17:33:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.29 17:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.26 19:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.30 22:20:00 | 000,192,368 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.03.07 01:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013.02.06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.02.06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.02.01 01:31:01 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013.01.18 00:28:48 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.08.19 20:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.08.28 12:50:00 | 000,211,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (Tosrfbd)
DRV:64bit: - [2009.08.05 15:45:00 | 000,058,744 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.08.05 13:56:00 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2009.07.28 21:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.24 12:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.19 11:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 10:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.17 13:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.11.16 17:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2F E9 87 E6 4C 08 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\DaNNy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.15 22:02:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.01.17 00:28:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: K:\sicherungen\Program Files (x86)\Mozilla Firefox\components [2013.04.12 17:10:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: K:\sicherungen\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 17:09:59 | 000,000,000 | ---D | M]
 
[2013.01.06 16:21:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DaNNy\AppData\Roaming\mozilla\Extensions
[2013.03.30 10:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DaNNy\AppData\Roaming\mozilla\Firefox\Profiles\t68kjhkj.default\extensions
[2013.03.30 10:49:46 | 000,531,916 | ---- | M] () (No name found) -- C:\Users\DaNNy\AppData\Roaming\mozilla\firefox\profiles\t68kjhkj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.14 15:00:47 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DaNNy\AppData\Roaming\mozilla\firefox\profiles\t68kjhkj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Diamondback] C:\Programme(x86)\Razer\Diamondback\razerhid.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F5A8C30-9225-4D80-8A57-39DB8BFBA654}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D01E7A4E-B3C1-46AA-B0D9-7892D5A86F71}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001.10.18 19:26:44 | 000,122,880 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2001.10.12 20:25:32 | 000,000,150 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0415d942-57f6-11e2-8871-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0415d942-57f6-11e2-8871-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{58bb54bb-60bf-11e2-a670-6cf049b65a99}\Shell - "" = AutoRun
O33 - MountPoints2\{58bb54bb-60bf-11e2-a670-6cf049b65a99}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2001.10.18 19:26:44 | 000,122,880 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.14 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2013.04.14 14:36:50 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
[2013.04.14 14:14:50 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\Command and Conquer Generals Data
[2013.04.14 14:09:55 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\Command & Conquer Generäle Stunde Null Data
[2013.04.14 14:09:38 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CnC Europe
[2013.04.14 14:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CnC Europe
[2013.04.14 13:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2013.04.14 12:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2013.04.14 12:21:57 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2013.04.14 12:21:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2013.04.14 12:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.04.14 12:20:50 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\TestApp
[2013.04.14 12:20:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013.04.09 22:18:17 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.04.09 22:01:02 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empires Die Neuzeit
[2013.04.09 22:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empires Die Neuzeit
[2013.04.08 21:47:42 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft Games
[2013.04.08 21:45:33 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013.04.08 21:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2013.04.07 19:19:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.04.02 22:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.03.31 22:48:55 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Local\FLT
[2013.03.31 22:22:58 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\Criterion Games
[2013.03.31 19:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
[2013.03.31 11:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.03.30 23:01:13 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\Stronghold 3
[2013.03.29 14:36:10 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\CAPCOM
[2013.03.29 13:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2013.03.28 00:02:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.03.28 00:02:03 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Local\Samsung
[2013.03.28 00:02:02 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\AppData\Roaming\Samsung
[2013.03.28 00:01:59 | 000,000,000 | ---D | C] -- C:\Users\DaNNy\Documents\samsung
[2013.03.27 23:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.03.27 23:55:37 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.03.27 23:55:31 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013.03.27 23:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.03.27 23:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.03.17 10:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.15 21:25:59 | 000,000,168 | ---- | M] () -- C:\Users\DaNNy\defogger_reenable
[2013.04.15 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.15 20:26:58 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.15 20:26:58 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.15 20:18:46 | 000,298,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.15 20:18:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.15 20:18:37 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.14 20:33:46 | 000,000,222 | ---- | M] () -- C:\Windows\SIERRA.INI
[2013.04.14 14:32:58 | 000,000,992 | ---- | M] () -- C:\Windows\eReg.dat
[2013.04.14 14:31:06 | 000,000,679 | ---- | M] () -- C:\Users\Public\Desktop\Command & Conquer(TM) Generäle Die Stunde Null .lnk
[2013.04.14 14:09:38 | 000,000,854 | ---- | M] () -- C:\Users\DaNNy\Desktop\CnC Europe.lnk
[2013.04.14 12:22:04 | 001,329,077 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013.04.14 12:20:51 | 000,000,575 | ---- | M] () -- C:\Users\DaNNy\Desktop\sd9setup.exe.lnk
[2013.04.09 22:01:02 | 000,000,726 | ---- | M] () -- C:\Windows\Edofma.INI
[2013.04.07 19:25:43 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.07 19:25:43 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.07 19:25:43 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.07 19:25:43 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.07 19:25:43 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.03 20:05:21 | 000,042,875 | ---- | M] () -- C:\Users\DaNNy\Desktop\376421_467344423312941_1182296622_n.jpg
[2013.04.02 22:33:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.02 22:33:21 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.02 21:58:52 | 000,039,171 | ---- | M] () -- C:\Users\DaNNy\Desktop\262600_501983476508934_692399819_n.jpg
[2013.03.31 19:52:44 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2013.03.31 11:07:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.28 00:07:59 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.03.28 00:07:59 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.15 21:25:59 | 000,000,168 | ---- | C] () -- C:\Users\DaNNy\defogger_reenable
[2013.04.14 14:31:06 | 000,000,679 | ---- | C] () -- C:\Users\Public\Desktop\Command & Conquer(TM) Generäle Die Stunde Null .lnk
[2013.04.14 14:09:38 | 000,000,854 | ---- | C] () -- C:\Users\DaNNy\Desktop\CnC Europe.lnk
[2013.04.14 13:32:16 | 000,000,992 | ---- | C] () -- C:\Windows\eReg.dat
[2013.04.14 12:22:02 | 001,329,077 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013.04.14 12:20:51 | 000,000,575 | ---- | C] () -- C:\Users\DaNNy\Desktop\sd9setup.exe.lnk
[2013.04.12 21:47:13 | 000,000,222 | ---- | C] () -- C:\Windows\SIERRA.INI
[2013.04.09 21:50:48 | 000,000,726 | ---- | C] () -- C:\Windows\Edofma.INI
[2013.04.03 20:05:19 | 000,042,875 | ---- | C] () -- C:\Users\DaNNy\Desktop\376421_467344423312941_1182296622_n.jpg
[2013.04.02 22:33:21 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.02 21:58:49 | 000,039,171 | ---- | C] () -- C:\Users\DaNNy\Desktop\262600_501983476508934_692399819_n.jpg
[2013.03.31 19:52:44 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
[2013.03.31 11:07:32 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.03.31 11:07:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.28 00:07:59 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.03.28 00:07:59 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.03.19 09:15:36 | 000,001,461 | ---- | C] () -- C:\Users\DaNNy\Desktop\Launch Arma2 OA Beta Patch.lnk
[2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.02.05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.02.05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.02.05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.02.05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.02.01 16:32:14 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.02.01 16:32:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.01.20 16:41:44 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2013.01.06 15:28:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.15 16:22:17 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\.minecraft
[2013.02.14 02:44:36 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\.mono
[2013.01.18 00:30:05 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\DAEMON Tools Lite
[2013.01.07 00:39:16 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\de.apollo-medien.eurofahrschule2011.9151FF1C04D985321FBE252CD7DD9485437B0213.1
[2013.01.22 16:18:13 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Kalypso Media
[2013.01.25 00:31:29 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\MotioninJoy
[2013.01.06 23:31:56 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Natural Selection 2
[2013.02.01 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Omerta
[2013.01.20 16:41:39 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\OpenOffice.org
[2013.02.01 15:36:11 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Origin
[2013.04.07 19:19:13 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Samsung
[2013.04.14 12:20:50 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\TestApp
[2013.01.06 23:41:29 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\The Creative Assembly
[2013.01.06 17:04:06 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\TuneUp Software
[2013.04.14 20:38:06 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Tunngle
[2013.01.18 00:04:20 | 000,000,000 | ---D | M] -- C:\Users\DaNNy\AppData\Roaming\Ubisoft
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
         
Ich würde ja gerne einen GMER log noch dazu posten, aber das Programm hängt sich bei mir auf -.-

Ich sage schonmal

Alt 16.04.2013, 11:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
-Internet Seite öffnet sich selbsständig nach Systemstart- - Standard

-Internet Seite öffnet sich selbsständig nach Systemstart-



Zitat:
"Minecraft Cracked" = Minecraft Cracked


Sry aber bei illegaler Software gibt es hier nur noch Hilfe zur Datensicherung + Neuinstallation von Windows

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________

__________________

Antwort

Themen zu -Internet Seite öffnet sich selbsständig nach Systemstart-
adobe, adobe reader xi, aswrvrt.sys, autorun, bho, browser, canon, error, firefox, flash player, format, grand theft auto, helper, hängt, install.exe, internet, logfile, mozilla, msiinstaller, ntdll.dll, origin, problem, realtek, recuva, registry, richtlinie, rundll, scan, security, software, super, svchost.exe, tcp, udp, uplay, usb, wargame, windows



Ähnliche Themen: -Internet Seite öffnet sich selbsständig nach Systemstart-


  1. Ab und zu öffnet sich bei Systemstart eine Site: Malaha.net
    Log-Analyse und Auswertung - 28.03.2015 (9)
  2. Internet Explorer öffnet sich im Hintergrund, zieht Internet und Chrome öffnet nicht mehr
    Alles rund um Windows - 12.03.2015 (38)
  3. Windows 7 (64bit) Farmaster.net öffnet sich nach Systemstart
    Log-Analyse und Auswertung - 25.09.2014 (11)
  4. Adf.ly Seite wird im Browser geöffnet nach Systemstart
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (1)
  5. Windows 8: Internet öffnet sich von alleine (nach Runterladen eines Updates)
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (59)
  6. Nachdem Start öffnet sich Internet Explorer wiederholt und die Lautstärke geht nach unten...
    Plagegeister aller Art und deren Bekämpfung - 09.01.2014 (19)
  7. Internet Explorer öffnet sich ständig mit der Seite: http://www_getwindowinfo/
    Log-Analyse und Auswertung - 25.11.2013 (15)
  8. Windows Vista: SoftwareUpdater.Ui.exe öffnet sich bei jedem Systemstart
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (9)
  9. Softwareupdater.ui.exe öffnet sich bei jedem Systemstart
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (16)
  10. Nerviger Virus, der im Internet nach öffnen einer Seite eine Werbeseite öffnet. (adfoc.us)
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (15)
  11. cmd.exe öffnet sich für eine kurze Zeit beim Systemstart
    Log-Analyse und Auswertung - 26.07.2012 (1)
  12. CMD öffnet sich bei Systemstart kurz.
    Plagegeister aller Art und deren Bekämpfung - 22.05.2012 (17)
  13. Brennerlaufwerk öffnet sich bei Systemstart - pls LOG-Analyse
    Log-Analyse und Auswertung - 02.10.2011 (1)
  14. nach Systemstart öffnet sich Firefox und zeigt Werbung
    Plagegeister aller Art und deren Bekämpfung - 26.11.2010 (11)
  15. Windows neuinstalliert, internet explorer öffnet sich immer noch selbsständig
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (0)
  16. Internet Explorer öffnet sich nach Löschung von Antispyware Soft selbstständig
    Log-Analyse und Auswertung - 03.05.2010 (4)
  17. Internet Explorer öffnet sich selbsständig, hängt sich auf
    Log-Analyse und Auswertung - 09.11.2007 (10)

Zum Thema -Internet Seite öffnet sich selbsständig nach Systemstart- - Hi alle zusammen, ich habe folgendes Problem, nach dem hochfahren meines Pc´s öffnet sich von selbst eine Internet seite keine Porno Seite oder sonstiges. Zuerst war es eine Seite für - -Internet Seite öffnet sich selbsständig nach Systemstart-...
Archiv
Du betrachtest: -Internet Seite öffnet sich selbsständig nach Systemstart- auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.