Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.

Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.


Plagegeister aller Art und deren Bekämpfung: Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.11.2013, 23:32   #1
Braiinzz
 
Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund. - Standard

Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.


Habe seit einigen Wochen das Problem das beim Starten von Windows 1. Er ewigkeiten benötigt um überhaupt erst hochzufahren und dort nach dem Ich es mehrmals probiert habe Malwarebytes zu starten es sich sofort wieder schließt auch wenn ich nach Antivirenprogrammen google um sie zu Downloaden schließt sich der Browser plötzlich habe schon im abgesicherten Modus einen Scan durchgeführt habe leider den Log nicht mehr. Aber nun kann ich Avira runterladen und starten als er den Scan abbrach und mehrere Fünde hatte unter anderem Dropper.gen aber nun wenn ich versuchen z.b League of Legends zu starten oder irgendein anderes Spiel reagiert mein Laptop plötzlich nicht mehr und nichts geschieht mehr. Habe nun es über Avira Rescue probiert aber wenn ich dort einen Scan durchführe auf der Festplatte C:/ ist er sofort fertig und bei dursuchten Dateien steht:Berechne. Bitte um schnelle Hilfe
M.f.G
Braiinzz
Hier die Logfiles(sorry wusste nicht wie Spoiler zu Aktivieren sind)OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.11.2013 23:44:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dávid\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,33 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 59,22% Memory free
4,66 Gb Paging File | 3,31 Gb Available in Paging File | 70,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 73,37 Gb Free Space | 15,76% Space Free | Partition Type: NTFS
 
Computer Name: LALA | User Name: Dávid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.11.21 23:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dávid\Downloads\OTL.exe
PRC - [2013.11.16 02:33:30 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\Dávid\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.11.11 15:37:46 | 001,616,208 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe
PRC - [2013.10.31 19:32:00 | 000,972,872 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc7.exe
PRC - [2013.10.31 19:25:40 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.10.31 19:25:19 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebg7.exe
PRC - [2013.10.31 19:25:19 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.10.31 19:25:19 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.10.31 19:25:18 | 000,683,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.10.23 20:52:01 | 001,673,680 | ---- | M] (APN) -- C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.10.11 11:51:12 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2013.10.11 03:02:19 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013.09.05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.08.30 18:45:24 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013.08.30 18:00:35 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\javaw.exe
PRC - [2013.08.29 19:14:20 | 000,010,752 | ---- | M] (Microsoft) -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe
PRC - [2013.08.29 17:59:23 | 006,471,168 | ---- | M] (Broadcom Corporation) -- C:\Programme\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
PRC - [2013.08.29 17:59:23 | 000,040,960 | ---- | M] (Broadcom Corporation) -- C:\Programme\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
PRC - [2013.08.29 17:59:22 | 005,179,392 | ---- | M] (Broadcom Corporation) -- C:\Programme\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
PRC - [2013.05.16 15:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.12 20:58:09 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.05.12 20:58:09 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.02.01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.01 15:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.08.30 18:37:02 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\fb404501f5f8f00036856f22001e0555\IAStorUtil.ni.dll
MOD - [2013.08.30 18:37:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4efb7849701c36eae62ef0c44f5d8642\IAStorCommon.ni.dll
MOD - [2013.08.29 18:00:53 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\GAC_32\bcmwlrmt\5.100.82.0__6d6a20262490fcdc\bcmwlrmt.dll
MOD - [2013.08.08 21:35:04 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2013.05.12 22:37:58 | 000,004,096 | ---- | M] () -- C:\Programme\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2009.07.14 09:47:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 09:47:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.14 05:43:36 | 011,804,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009.07.14 05:43:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009.07.14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009.07.14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009.07.14 05:42:45 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009.07.14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009.07.14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009.07.14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009.07.14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.11.16 02:59:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.11 15:37:46 | 001,616,208 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.10.31 19:32:00 | 000,972,872 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc7.exe -- (AntiVirMailService)
SRV - [2013.10.31 19:25:40 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.10.31 19:25:19 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2013.10.31 19:25:19 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.10.30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.10.18 04:09:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.11 11:51:12 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013.09.05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.08.30 18:45:24 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.08.29 19:14:20 | 000,010,752 | ---- | M] (Microsoft) [Auto | Running] -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe -- (Time)
SRV - [2013.08.29 17:59:23 | 000,040,960 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2013.08.12 01:50:28 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.05.16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.04.24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.02.01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2013.11.17 21:47:07 | 000,031,560 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013.11.01 17:09:10 | 000,114,960 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013.11.01 17:09:10 | 000,094,480 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2013.10.31 19:25:40 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.10.31 19:25:19 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.10.31 19:25:19 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.10.31 19:25:19 | 000,067,680 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\avnetflt.sys -- (avnetflt)
DRV - [2013.10.31 19:25:19 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.08.30 18:45:13 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2013.08.29 17:59:22 | 000,017,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmvwl32.sys -- (BcmVWL)
DRV - [2013.08.29 17:59:21 | 000,018,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2013.08.08 21:52:46 | 000,369,656 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2013.05.12 22:37:58 | 009,053,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.05.12 22:37:58 | 000,025,376 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2013.04.10 15:00:52 | 000,062,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bScsiSDx.sys -- (bScsiSDx)
DRV - [2013.04.04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.13 09:59:38 | 000,064,088 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57xdbd.sys -- (b57xdbd)
DRV - [2012.08.13 09:59:38 | 000,018,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57xdmp.sys -- (b57xdmp)
DRV - [2012.06.18 15:20:48 | 000,046,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bScsiMSx.sys -- (bScsiMSx)
DRV - [2012.01.18 23:30:34 | 000,370,728 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2010.09.16 18:33:40 | 001,559,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 03 F1 F8 AE CB CE 01  [binary data]
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP49EF6E6E-0344-442B-B359-4DB414E8EEE7&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-40972975-1608239604-2264794492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP49EF6E6E-0344-442B-B359-4DB414E8EEE7&SSPV="
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\downloader@freeyoutubetomp3converter.org: C:\Program Files\FreeYouTubeToMP3TURBOConverter\Firefox [2013.10.03 14:34:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.09.30 08:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dávid\AppData\Roaming\mozilla\Extensions
[2013.11.18 20:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dávid\AppData\Roaming\mozilla\Firefox\Profiles\zo6r8odu.default\extensions
[2013.09.30 08:31:29 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dávid\AppData\Roaming\mozilla\Firefox\Profiles\zo6r8odu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.10.23 20:52:51 | 001,048,572 | ---- | M] () (No name found) -- C:\Users\Dávid\AppData\Roaming\mozilla\firefox\profiles\zo6r8odu.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
[2013.10.10 00:44:39 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Dávid\AppData\Roaming\mozilla\firefox\profiles\zo6r8odu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.10.18 05:54:56 | 000,282,570 | ---- | M] () (No name found) -- C:\Users\Dávid\AppData\Roaming\mozilla\firefox\profiles\zo6r8odu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.11.07 21:17:53 | 000,000,975 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\mozilla\firefox\profiles\zo6r8odu.default\searchplugins\conduit-search.xml
[2013.11.16 02:59:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.11.16 02:59:12 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\DáVID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZO6R8ODU.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\DáVID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZO6R8ODU.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Erster Nutzer (Disabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\
CHR - Extension: AdBlock = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: AdBlock = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: AdBlock = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: AdBlock = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_1\
CHR - Extension: League of Legends(LoL) For New Tab = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd\1.1.0_0\
CHR - Extension: Google Wallet = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Google Wallet = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\
CHR - Extension: Google Wallet = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Mail = C:\Users\Dávid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4 - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-40972975-1608239604-2264794492-1000..\Run: [Internal Configuration Serving State] C:\Users\Dávid\AppData\Roaming\udspu\\debuja.exe File not found
O4 - HKU\S-1-5-21-40972975-1608239604-2264794492-1000..\Run: [Spotify] C:\Users\Dávid\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-40972975-1608239604-2264794492-1000..\Run: [Spotify Web Helper] C:\Users\Dávid\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-40972975-1608239604-2264794492-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-40972975-1608239604-2264794492-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Download Video - {B30C9F17-BF16-481e-BAEA-44A86128E1B4} - C:\Programme\FreeYouTubeToMP3TURBOConverter\ytmRunner.html ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F161484-9BD0-44B3-9407-E340A93BE63D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33B365E0-2033-4D75-8068-73CEFAC621C7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50547C0E-BDCA-45F6-A967-386524E5C6FD}: NameServer = 192.168.178.30,192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5474695F-9400-4F02-9BCB-45EBB2E83CB8}: NameServer = 192.168.0.100,192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEEBD60C-C4BC-4936-B2A6-C4461777F6C0}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.11.21 22:53:34 | 005,192,704 | ---- | C] (Geza Kovacs) -- C:\Users\Dávid\Documents\unetbootin-windows-585.exe
[2013.11.21 22:21:50 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.11.21 22:19:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013.11.19 20:49:45 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2013.11.19 20:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013.11.19 20:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.11.19 20:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013.11.19 00:34:41 | 000,000,000 | ---D | C] -- C:\Output
[2013.11.19 00:34:30 | 000,000,000 | ---D | C] -- C:\MP4ToMP3Converter
[2013.11.19 00:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 To MP3 Converter
[2013.11.18 22:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.11.18 20:58:04 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\Avira
[2013.11.18 20:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.11.18 20:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2013.11.18 20:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.11.18 20:51:59 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.11.18 20:51:58 | 000,137,208 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.11.18 20:51:58 | 000,090,400 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.11.18 20:51:58 | 000,067,680 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.11.18 20:51:58 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.11.18 20:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.11.18 20:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.11.17 22:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\webcam 7
[2013.11.17 21:46:37 | 000,000,000 | ---D | C] -- C:\Quarantine
[2013.11.17 21:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013.11.17 21:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.11.17 21:40:31 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\QuickScan
[2013.11.17 21:40:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.11.16 02:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.14 15:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.11.14 15:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2013.11.11 17:34:54 | 000,000,000 | ---D | C] -- C:\Users\Dávid\Documents\Virtual Machines
[2013.11.11 17:34:05 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Local\VMware
[2013.11.11 17:34:04 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\VMware
[2013.11.11 17:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013.11.09 14:30:59 | 000,000,000 | ---D | C] -- C:\Users\Dávid\Backtrack
[2013.11.07 20:37:10 | 000,000,000 | ---D | C] -- C:\Users\Dávid\VirtualBox VMs
[2013.11.07 20:29:50 | 000,000,000 | ---D | C] -- C:\Users\Dávid\.VirtualBox
[2013.11.07 20:29:32 | 000,203,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.11.07 20:29:20 | 000,103,696 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.11.07 20:29:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013.11.07 20:23:00 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\uTorrent
[2013.11.07 16:17:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.11.06 18:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.16.3 Build 1603
[2013.11.06 18:55:32 | 000,000,000 | ---D | C] -- C:\Perl
[2013.11.05 18:34:30 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013.11.05 18:04:52 | 000,000,000 | ---D | C] -- C:\Users\Dávid\Documents\LOLReplay
[2013.11.05 18:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\LOLReplay
[2013.11.05 15:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.11.05 15:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.11.05 15:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.11.01 17:09:10 | 000,114,960 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2013.11.01 17:09:10 | 000,094,480 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSB.sys
[2013.10.27 16:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\LoLOracle
[2013.10.27 16:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoLOracle
[2013.10.23 05:25:27 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\udspu
[2013.10.23 05:24:39 | 000,000,000 | ---D | C] -- C:\Users\Dávid\AppData\Roaming\buasep
 
========== Files - Modified Within 30 Days ==========
 
[2013.11.21 23:36:23 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.21 23:35:55 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.11.21 23:35:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.21 23:35:39 | 1878,278,144 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.21 22:24:48 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.11.21 22:22:25 | 000,696,370 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.11.21 22:22:25 | 000,651,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.11.21 22:22:25 | 000,147,634 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.11.21 22:22:25 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.11.21 22:19:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.21 22:07:41 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.21 22:02:20 | 000,009,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.21 22:02:20 | 000,009,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.21 12:40:51 | 621,948,928 | ---- | M] () -- C:\Users\Dávid\Documents\rescue-system.iso
[2013.11.21 12:23:33 | 005,192,704 | ---- | M] (Geza Kovacs) -- C:\Users\Dávid\Documents\unetbootin-windows-585.exe
[2013.11.19 20:49:45 | 000,000,213 | ---- | M] () -- C:\Users\Dávid\Desktop\Counter-Strike Source.url
[2013.11.19 20:35:46 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.11.19 00:34:31 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\MP4 To MP3 Converter.lnk
[2013.11.18 22:03:24 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.11.18 20:56:37 | 000,099,263 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\cached-microdescs.new
[2013.11.18 20:56:35 | 000,985,751 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\cached-microdesc-consensus
[2013.11.18 20:56:27 | 000,005,061 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\state
[2013.11.18 20:55:49 | 002,586,358 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\cached-microdescs
[2013.11.18 20:55:41 | 000,000,000 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\lock
[2013.11.18 20:55:33 | 000,907,792 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62494732
[2013.11.18 20:55:33 | 000,907,792 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62492906
[2013.11.18 20:55:33 | 000,907,792 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62422105
[2013.11.18 20:55:33 | 000,907,792 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62414411
[2013.11.18 20:55:33 | 000,268,816 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E87193
[2013.11.18 20:55:33 | 000,268,816 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E83679
[2013.11.18 20:55:33 | 000,268,816 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E71720
[2013.11.18 20:55:33 | 000,268,816 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E54417
[2013.11.18 20:44:34 | 126,764,512 | ---- | M] () -- C:\Users\Dávid\Desktop\avira_free_antivirus_de.exe
[2013.11.18 15:30:46 | 000,019,220 | ---- | M] () -- C:\Users\Dávid\AppData\Roaming\cached-certs
[2013.11.17 21:47:07 | 000,031,560 | ---- | M] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013.11.17 21:40:59 | 000,258,301 | ---- | M] () -- C:\ProgramData\1384720831.bdinstall.bin
[2013.11.14 22:13:07 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.11.10 12:07:12 | 000,321,536 | ---- | M] () -- C:\Windows\System32\LiveWrapRTSP.dll
[2013.11.07 21:14:48 | 000,337,424 | RHS- | M] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D7B57E5F440948
[2013.11.06 19:02:03 | 000,013,339 | ---- | M] () -- C:\Users\Dávid\Desktop\cmd - Verknüpfung.lnk
[2013.11.05 18:04:34 | 000,001,939 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2013.11.05 18:04:34 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013.11.05 15:22:14 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.11.01 17:10:22 | 000,203,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2013.11.01 17:09:10 | 000,114,960 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys
[2013.11.01 17:09:10 | 000,103,696 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys
[2013.11.01 17:09:10 | 000,094,480 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSB.sys
[2013.10.31 19:25:40 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.10.31 19:25:19 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.10.31 19:25:19 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.10.31 19:25:19 | 000,067,680 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013.10.31 19:25:19 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.10.27 16:30:49 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\LoLOracle.lnk
 
========== Files Created - No Company Name ==========
 
[2013.11.21 23:35:42 | 000,265,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.11.21 22:52:58 | 621,948,928 | ---- | C] () -- C:\Users\Dávid\Documents\rescue-system.iso
[2013.11.19 20:49:45 | 000,000,213 | ---- | C] () -- C:\Users\Dávid\Desktop\Counter-Strike Source.url
[2013.11.19 20:35:46 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.11.19 00:34:31 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\MP4 To MP3 Converter.lnk
[2013.11.18 20:55:33 | 000,907,792 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62494732
[2013.11.18 20:55:33 | 000,907,792 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62492906
[2013.11.18 20:55:33 | 000,907,792 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62422105
[2013.11.18 20:55:33 | 000,907,792 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D3A04C62414411
[2013.11.18 20:55:33 | 000,268,816 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E87193
[2013.11.18 20:55:33 | 000,268,816 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E83679
[2013.11.18 20:55:33 | 000,268,816 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E71720
[2013.11.18 20:55:33 | 000,268,816 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879DE160AC0E54417
[2013.11.18 20:52:16 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.11.18 20:46:06 | 126,764,512 | ---- | C] () -- C:\Users\Dávid\Desktop\avira_free_antivirus_de.exe
[2013.11.17 21:40:59 | 000,258,301 | ---- | C] () -- C:\ProgramData\1384720831.bdinstall.bin
[2013.11.14 23:17:50 | 000,031,560 | ---- | C] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013.11.10 18:30:27 | 000,001,939 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2013.11.10 12:07:12 | 000,321,536 | ---- | C] () -- C:\Windows\System32\LiveWrapRTSP.dll
[2013.11.07 21:14:48 | 000,337,424 | RHS- | C] () -- C:\Users\Dávid\AppData\Roaming\C69DFD2ABFAA879D7B57E5F440948
[2013.11.07 16:50:34 | 002,586,358 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\cached-microdescs
[2013.11.07 16:20:38 | 000,099,263 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\cached-microdescs.new
[2013.11.07 16:20:35 | 000,985,751 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\cached-microdesc-consensus
[2013.11.07 16:20:35 | 000,019,220 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\cached-certs
[2013.11.07 16:20:31 | 000,005,061 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\state
[2013.11.07 16:20:31 | 000,000,000 | ---- | C] () -- C:\Users\Dávid\AppData\Roaming\lock
[2013.11.06 19:02:03 | 000,013,339 | ---- | C] () -- C:\Users\Dávid\Desktop\cmd - Verknüpfung.lnk
[2013.11.05 18:04:34 | 000,001,859 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2013.11.05 18:04:34 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2013.11.05 15:22:14 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.11.05 15:22:14 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.10.27 16:30:49 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\LoLOracle.lnk
[2013.10.12 02:08:58 | 000,000,325 | ---- | C] () -- C:\Users\Dávid\servers.dat
[2013.10.08 00:14:01 | 000,007,611 | ---- | C] () -- C:\Users\Dávid\AppData\Local\Resmon.ResmonCfg
[2013.08.30 20:08:02 | 003,165,737 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013.08.30 19:49:51 | 005,448,460 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013.08.30 19:49:50 | 000,618,913 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.08.30 19:49:49 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2013.08.29 17:59:45 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2013.08.27 13:15:36 | 000,012,288 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013.08.27 13:15:35 | 019,587,072 | ---- | C] () -- C:\Windows\System32\igdfcl32.dll
[2013.08.27 13:15:35 | 000,241,152 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013.08.27 13:15:35 | 000,109,056 | ---- | C] () -- C:\Windows\System32\igdail32.dll
[2013.08.27 13:15:34 | 002,585,088 | ---- | C] () -- C:\Windows\System32\GfxRes.dll
[2013.08.27 13:15:34 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2013.08.27 13:15:31 | 000,530,416 | ---- | C] () -- C:\Windows\System32\DPTopologyApp.exe
[2013.08.27 13:15:30 | 000,001,806 | ---- | C] () -- C:\Windows\System32\GfxUIEx.exe.config
[2013.08.27 13:15:30 | 000,000,935 | ---- | C] () -- C:\Windows\System32\DPTopologyApp.exe.config
[2013.08.27 13:15:30 | 000,000,935 | ---- | C] () -- C:\Windows\System32\CustomModeApp.exe.config
[2013.08.27 13:15:30 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUIHotKeyMenu.exe.config
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.10.12 01:54:49 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\.minecraft
[2013.11.14 21:58:46 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\abjawe
[2013.11.18 20:54:22 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\asepel
[2013.11.18 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\buasep
[2013.10.03 14:41:38 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\DVDVideoSoft
[2013.10.03 14:34:55 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\FreeYoutubeToMP3TURBOConverter
[2013.10.06 00:18:09 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\ftblauncher
[2013.09.01 09:54:06 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\LolClient
[2013.09.30 14:37:13 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\Modinstaller
[2013.11.17 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\QuickScan
[2013.10.13 19:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\RIFT
[2013.11.21 23:43:26 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\Spotify
[2013.11.20 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\TS3Client
[2013.11.18 20:55:19 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\udspu
[2013.11.19 00:21:27 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\UseNeXT
[2013.11.21 22:13:35 | 000,000,000 | ---D | M] -- C:\Users\Dávid\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AD022376

< End of report >
--- --- ---

Die extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.11.2013 23:44:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dávid\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,33 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 59,22% Memory free
4,66 Gb Paging File | 3,31 Gb Available in Paging File | 70,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 73,37 Gb Free Space | 15,76% Space Free | Partition Type: NTFS
 
Computer Name: LALA | User Name: Dávid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{176EBFDD-CA26-491A-82D1-C65DE14C4F70}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2A141620-3297-4F49-95F5-7B3C9BFAB92C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{54AB2C7A-AA43-4A59-A4C9-D1CC29263959}" = lport=137 | protocol=17 | dir=in | app=system | 
"{58CC5AAF-CC33-4FE7-ABA5-AB53D404603E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5B999FAA-D5F2-4F7C-9622-AFEED44AC1BA}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6FC61D28-9670-4C26-9B97-928688CD078B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{70071BC9-0597-427F-9BF8-CE1FA9EADCF2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7F560294-D895-4F51-962F-84D17DE562E4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{83CD1638-D16F-4D79-B4E3-EC8621762F13}" = rport=445 | protocol=6 | dir=out | app=system | 
"{860E2D79-6193-4F62-ACBB-48757F2769FE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8DBF6BB5-F3D8-4F7D-9EE8-F3AE068A6E32}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8FED13A0-A19A-484F-BA6C-780BE059A9E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{96FDA186-AC25-4A1F-BC94-B4C8B0BD6848}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A1F7FC91-F922-4441-9C02-2D4D98D61E85}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A8E745E9-75BA-4A18-A7BC-1DD895BF656B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{AFE186E6-4BFA-433B-9A9D-5580FAE6B73D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{C71E6B64-3EF1-4EDC-8EFC-CB77E8FD2EA1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{D7DEC8D9-85ED-4C73-8C51-B940D85A0214}" = rport=139 | protocol=6 | dir=out | app=system | 
"{DC3FDB8E-BE55-4500-B0AB-9212E95FFEF7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FF55B77A-63E4-48DA-AB40-3A5C0CACE950}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FF6DAB93-9457-4CB6-B480-3B6A91A9A6A1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06B7F845-2579-448A-829B-79E96BB49B1E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe | 
"{06F70713-9666-42CA-A021-AB01775A1B69}" = protocol=6 | dir=in | app=c:\users\dávid\appdata\roaming\utorrent\utorrent.exe | 
"{14412B3A-F02B-462B-AC8F-1EEFF0D6B07E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{1C6287E4-3C7F-4F9B-9605-31DE3FECB273}" = protocol=6 | dir=out | app=system | 
"{210144E1-8A01-4DB4-A3BF-786E6A399B9F}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wlite.exe | 
"{2B87FB66-0143-4604-B0AE-341F3D845F77}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wservice.exe | 
"{3017AB9F-6570-4A5D-8D17-16F09E0D8647}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3295D49A-6266-4996-8F0E-195C15982A9D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{6519DD2F-DABE-4221-9EB6-CA3F0DD5AD7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6562F43B-9FBB-4216-8CB0-50B051FF7BBF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{68363C75-674D-4DEE-9600-9769FA2C785F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6EA48C9B-27BD-4D6B-8CB7-03C6D42A9AD2}" = protocol=6 | dir=in | app=c:\program files\webcam 7\wlite.exe | 
"{740C3525-8930-460D-A0BE-DB06F3563E88}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8F4625CC-C757-46FF-883F-BB9F85E741FE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9562EB72-ACDC-4FD4-8CBB-3B7E01182576}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A39E98C2-755B-4D20-BAFF-F310F3344128}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A46FC37E-90A2-4242-9A1F-281CFA91DBB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ACA41A75-3A03-4F67-A111-30F9887EC900}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B4D0B137-7102-4506-BEDB-F0799E9B253C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B64C5899-4CCD-4587-BAF1-17E81FF3A36C}" = protocol=17 | dir=in | app=c:\users\dávid\appdata\roaming\utorrent\utorrent.exe | 
"{C078FC6B-4F88-487A-843B-DCE43A4AF49C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C45CC985-DD06-4F14-94C7-38BFA1F9B9F5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{CC12B345-40B4-47A0-A4E3-498A16872168}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\counter-strike source\hl2.exe | 
"{DB879220-B59F-4FCE-BBD7-B9C7576720F0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E744063B-D68E-45B1-92AB-D1BB18A9C444}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EED8C3DB-8735-4BFA-A4D5-4F1D841E7B0E}" = protocol=17 | dir=in | app=c:\program files\webcam 7\wservice.exe | 
"{FCAF1F28-14FB-433E-9664-3F4948B476F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{28DA4793-2700-46B4-8B96-6A97C4A41AD8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{3747F69F-C227-439B-8499-06AF2B847549}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{4AA0A250-312C-4061-9DC8-0B63645C4A7B}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{5134278F-66F3-496A-9418-D76AB45B5236}C:\users\dávid\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dávid\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{76528A5C-EBCB-4DB9-A83E-A8746D90F799}C:\users\dávid\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dávid\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{7F6A3440-09B8-4FE3-B517-900C6C7F644D}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe | 
"TCP Query User{8E5D97C2-BE17-43F2-942A-AF6D05EA3248}C:\java\jre1.6.0\bin\tnameserv.exe" = protocol=6 | dir=in | app=c:\java\jre1.6.0\bin\tnameserv.exe | 
"TCP Query User{A3C5C9BE-DCFC-408A-8A74-32CCB4213789}C:\program files\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=c:\program files\saints row iv\saintsrowiv.exe | 
"TCP Query User{B62E3BEB-2441-472F-8CBB-8AA6CFB0B9EC}C:\program files\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=c:\program files\saints row iv\saintsrowiv.exe | 
"TCP Query User{F7D1A386-530A-4814-BAE0-B20C9D21B94C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{1C44BECA-570B-4AF8-A538-2A075402DE6E}C:\program files\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=c:\program files\saints row iv\saintsrowiv.exe | 
"UDP Query User{235D7485-EE8A-4329-A37A-15F920306E37}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe | 
"UDP Query User{33CB1359-3870-40CB-B4A3-828047F84BF0}C:\users\dávid\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dávid\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{3A864FE6-7212-44D3-9DEE-B589D612EB0F}C:\program files\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=c:\program files\saints row iv\saintsrowiv.exe | 
"UDP Query User{652DA40B-82D4-4C4A-BFD4-C8637A54A9A6}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{CAC2D939-9B3F-46AC-B92D-AA1889EE6B42}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{DBEA8018-B42D-4808-B53A-F824230F4B10}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{EB810ED0-BFA3-471D-92D3-76D34295F678}C:\java\jre1.6.0\bin\tnameserv.exe" = protocol=17 | dir=in | app=c:\java\jre1.6.0\bin\tnameserv.exe | 
"UDP Query User{F952A167-0298-4988-86F1-D5CC92135F99}C:\users\dávid\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dávid\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{FC743BEC-5A3C-4E76-A652-CCB3A49D2F99}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18589E54-7FE9-4A3E-AC52-432256219D95}" = LoLOracle
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67AA948F-8D83-4566-B84A-7CAABCF64E3F}" = Broadcom Card Reader Driver Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7EB794A-5A36-4CB0-90D9-BD0E786972D4}" = LogMeIn Hamachi
"{B9A431FF-FDB1-40E5-B5F3-215290FD62DE}" = TP-LINK Drahtlos Tool
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13F89CB-448B-49B0-BC63-4746499167C6}" = ActivePerl 5.16.3 Build 1603
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"4795C4A805590BF1276BCED3EB2478E5BF545E83" = Windows-Treiberpaket - Intel (NETwNs32) net  (01/22/2012 14.3.2.1)
"695CFD288064D5B9D072C610E63BDD3D3E4DE666" = Windows-Treiberpaket - Intel (NETwLv32) net  (10/07/2010 13.4.0.139)
"ADD23BB4846CE97156B46B74EA84848F347B09FE" = Windows-Treiberpaket - Intel (NETwNs32) net  (02/20/2012 15.1.0.18)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Internet Security Suite
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Elantech" = ETDWare PS/2-X86 11.6.4.001_WHQL
"Free YouTube Download_is1" = Free YouTube Download version 3.2.13.925
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.13.925
"FreeYoutubeToMP3TURBOConverter_is1" = Free YouTube to MP3 TURBO Converter 2011
"Google Chrome" = Google Chrome
"LogMeIn Hamachi" = LogMeIn Hamachi
"LoLOracle 1.0.0" = LoLOracle
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP4 To MP3 Converter_is1" = MP4 To MP3 Converter V3.0.4
"Steam App 240" = Counter-Strike: Source
"U2FpbnRzUm93SVY=_is1" = Saints Row IV
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 5.00 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-40972975-1608239604-2264794492-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.11.2013 05:00:31 | Computer Name = Lala | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 19.11.2013 05:00:33 | Computer Name = Lala | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 19.11.2013 05:00:33 | Computer Name = Lala | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 19.11.2013 05:00:33 | Computer Name = Lala | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 19.11.2013 05:00:33 | Computer Name = Lala | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 19.11.2013 10:46:49 | Computer Name = Lala | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064,
 Zeitstempel: 0x5282f204  Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064,
 Zeitstempel: 0x5282f10e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00118f87  ID des fehlerhaften
 Prozesses: 0x13d4  Startzeit der fehlerhaften Anwendung: 0x01cee5107675eb59  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 6b1836f7-5129-11e3-8eb0-321277797d08
 
Error - 19.11.2013 15:56:29 | Computer Name = Lala | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.9.0.106, Zeitstempel:
 0x524bef36  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdaae  Ausnahmecode: 0xe0fafafa  Fehleroffset: 0x00009617  ID des fehlerhaften
 Prozesses: 0x1b40  Startzeit der fehlerhaften Anwendung: 0x01cee56136cda901  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: ad89933d-5154-11e3-8eb0-321277797d08
 
Error - 19.11.2013 16:02:33 | Computer Name = Lala | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.9.0.106, Zeitstempel:
 0x524bef36  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdaae  Ausnahmecode: 0xe0fafafa  Fehleroffset: 0x00009617  ID des fehlerhaften
 Prozesses: 0x1b28  Startzeit der fehlerhaften Anwendung: 0x01cee561765fefdc  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 86a3b488-5155-11e3-8eb0-321277797d08
 
Error - 19.11.2013 16:06:40 | Computer Name = Lala | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.10.0.104, Zeitstempel:
 0x5265383f  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bdaae  Ausnahmecode: 0xe0fafafa  Fehleroffset: 0x00009617  ID des fehlerhaften
 Prozesses: 0x1fec  Startzeit der fehlerhaften Anwendung: 0x01cee5626959fb25  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 19ac686f-5156-11e3-8eb0-321277797d08
 
Error - 20.11.2013 08:23:05 | Computer Name = Lala | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, 
Zeitstempel: 0x515663e0  Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530,
 Zeitstempel: 0x5156646c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0006dd76  ID des fehlerhaften
 Prozesses: 0x318  Startzeit der fehlerhaften Anwendung: 0x01cee5eacc2f1c7b  Pfad der
 fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.57\deploy\LolClient.exe
Pfad
 des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.57\deploy\Adobe
 AIR\Versions\1.0\Adobe AIR.dll  Berichtskennung: 8121fe3c-51de-11e3-aca5-321277797d08
 
[ System Events ]
Error - 21.11.2013 05:36:26 | Computer Name = Lala | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?11.?2013 um 10:35:24 unerwartet heruntergefahren.
 
Error - 21.11.2013 05:38:34 | Computer Name = Lala | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Time" wurde nicht richtig gestartet.
 
Error - 21.11.2013 05:47:58 | Computer Name = Lala | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?11.?2013 um 10:47:16 unerwartet heruntergefahren.
 
Error - 21.11.2013 05:49:58 | Computer Name = Lala | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Time" wurde nicht richtig gestartet.
 
Error - 21.11.2013 07:25:06 | Computer Name = Lala | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Hamachi2Svc erreicht.
 
Error - 21.11.2013 07:28:05 | Computer Name = Lala | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?11.?2013 um 12:27:02 unerwartet heruntergefahren.
 
Error - 21.11.2013 07:30:03 | Computer Name = Lala | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Time" wurde nicht richtig gestartet.
 
Error - 21.11.2013 17:02:16 | Computer Name = Lala | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst AntiVirSchedulerService erreicht.
 
Error - 21.11.2013 17:02:20 | Computer Name = Lala | Source = DCOM | ID = 10010
Description = 
 
Error - 21.11.2013 18:35:59 | Computer Name = Lala | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?11.?2013 um 23:04:55 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---
Geändert von Braiinzz (21.11.2013 um 23:54 Uhr) Grund: Log files.

 

Themen zu Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.
abgesicherten, adblock, anderes, avira, avira rescue, avira searchfree toolbar, beim starten, browser, dateien, downloaden, drahtlos, driver genius, dropper.gen, festplatte, firefox 25.0.1, fund, google, install.exe, laptop, league of legends, log, malwarebytes, modus, nichts, nvpciflt.sys, platte, plug-in, plötzlich, preferences, problem, programme, reagiert, reagiert nicht mehr, scan, schließt, spotify web helper, starten, virtualbox, windows


« ilivid und andere mailware am Laptop und bekomm sie nicht mehr weg. | conhost.exe taucht auf und verschwindet blockiert meine Rechenleistung Hilfe!!!! »


Ähnliche Themen: Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund.


  1. Windows 7 Reagiert nicht mehr
    Alles rund um Windows - 02.03.2022 (12)
  2. Windows 7: Verdacht auf Trojaner/Bitdefender reagiert nicht mehr
    Log-Analyse und Auswertung - 24.06.2015 (24)
  3. Netbook,Windows 7Starter läuft langsam oder reagiert gar nicht mehr
    Log-Analyse und Auswertung - 28.04.2015 (55)
  4. Windows 7: Firefox reagiert nicht, nicht antwortendes Skript, und mehr lästige Unterbrechungen.
    Log-Analyse und Auswertung - 11.11.2014 (7)
  5. Windows Vista hängt sich nach kurzer Standby auf und reagiert nicht mehr.
    Alles rund um Windows - 12.10.2014 (3)
  6. Windows Office Word reagiert nicht mehr
    Alles rund um Windows - 30.12.2013 (2)
  7. Windows-Explorer reagiert nicht mehr beim Öffnen Ordner etc.
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (26)
  8. Windows Sicherheitscenter reagiert nicht mehr.Bereinigen nicht möglich
    Log-Analyse und Auswertung - 08.12.2013 (15)
  9. Laptop reagiert nach einigen Minuten nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (36)
  10. 3x | pc reagiert nach malwarebytes antimalware scan überhaupt nicht mehr
    Mülltonne - 11.01.2013 (1)
  11. Windows XP startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 22.07.2012 (13)
  12. Windows startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 27.07.2011 (15)
  13. PC reagiert nach gewisser Zeit nicht mehr
    Log-Analyse und Auswertung - 22.07.2010 (0)
  14. Laptop reagiert nach Trojaner nicht mehr
    Log-Analyse und Auswertung - 31.05.2009 (0)
  15. Windows XP reagiert nach Neustart nicht auf Anklicken von Programmen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2008 (13)
  16. nach etrust reagiert pc gar nicht mehr!
    Antiviren-, Firewall- und andere Schutzprogramme - 07.03.2005 (7)
  17. XP Firewall reagiert nicht mehr nach Hijack
    Log-Analyse und Auswertung - 01.01.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund. - Habe seit einigen Wochen das Problem das beim Starten von Windows 1. Er ewigkeiten benötigt um überhaupt erst hochzufahren und dort nach dem Ich es mehrmals probiert habe Malwarebytes zu - Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund....
Archiv
Du betrachtest: Windows reagiert nach kleinigkeiten nicht mehr.Dropper.gen fund. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131